Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235342e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3235342e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: xGs6tHuSyBwgiCU8iusT6HcZL/OshjrDB37ogzkzAkg=
Subject key identifier: 43:EA:D1:6F:4C:FD:03:09:86:83:88:3C:62:05:0F:9B:EE:2E:BB:0E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0791E69B7A5C65558A28DDA3B8CEB1F6E1A0667D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235342e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:23 +0000
ROA not before: Sun 29 Dec 2024 23:20:23 +0000
ROA not after: Sun 28 Dec 2025 23:25:23 +0000
asID: 16276
IP address blocks: 82.23.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:91:e6:9b:7a:5c:65:55:8a:28:dd:a3:b8:ce:b1:f6:e1:a0:66:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:23 2024 GMT
Not After : Dec 28 23:25:23 2025 GMT
Subject: CN=43EAD16F4CFD03098683883C62050F9BEE2EBB0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2c:98:2e:ce:12:27:a3:45:13:42:6c:9f:63:
4e:39:bf:23:d9:35:9e:ef:67:fd:a2:dd:38:64:74:
32:af:f4:c7:c0:c0:58:48:f6:bf:65:52:cf:7c:67:
e1:5b:b1:f4:a3:26:d6:4c:6d:a4:34:89:f7:bd:b7:
48:32:9c:7b:18:37:ef:ab:12:ca:05:f0:bc:f8:1e:
76:2b:69:fd:6a:35:2e:eb:21:f2:a5:10:e0:d0:4d:
44:8c:60:ee:1d:c0:3a:7b:6b:43:13:5a:55:a9:07:
28:4b:5b:d2:21:5a:fd:00:09:1a:8b:72:cb:0b:ab:
a3:e7:31:53:4e:a7:f6:d9:60:36:ed:52:b2:d2:32:
0e:e8:26:af:3a:3c:84:be:eb:ba:e8:97:53:91:09:
c1:3d:0b:6a:b9:aa:8f:76:97:65:dd:b3:56:72:21:
7e:6c:7c:ef:3e:4e:d9:b7:54:6e:2d:ff:0a:88:a3:
7a:15:19:6e:fd:10:3c:d9:66:77:2d:b9:74:69:90:
c4:8d:a6:41:fa:a1:aa:1b:b2:e5:c4:58:d0:7c:e4:
52:c0:c2:1a:69:74:9a:55:4e:05:3a:db:73:c1:bf:
c2:b1:48:23:e4:ce:78:18:a5:bd:99:8d:29:05:71:
b9:c2:56:2d:a0:77:ab:6d:b9:3b:6c:9e:df:98:0b:
c4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EA:D1:6F:4C:FD:03:09:86:83:88:3C:62:05:0F:9B:EE:2E:BB:0E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235342e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.254.0/24
Signature Algorithm: sha256WithRSAEncryption
30:aa:e4:30:c2:12:67:01:58:fb:2e:f9:c1:af:35:70:94:ad:
e4:a8:61:04:70:cd:13:12:e4:fc:16:7a:dd:50:6b:a9:41:da:
b8:11:fd:7f:35:74:20:3d:00:40:b4:e9:41:5d:75:d2:9f:6e:
93:10:74:8a:8f:70:21:d6:5e:92:7a:cd:d1:eb:c6:92:ec:be:
9d:50:5b:7c:5c:00:f4:1a:57:5e:8e:56:68:93:67:ef:53:39:
39:16:75:7d:d0:5c:c0:4f:0a:17:d3:5d:95:7c:28:51:17:f7:
b5:3c:34:f4:a1:4c:63:35:1d:b9:23:8c:10:12:55:1a:05:69:
97:a1:e7:e2:5f:84:3c:f1:97:dc:b6:74:67:e1:34:6f:d3:6e:
58:c7:e6:a4:46:2b:51:24:de:91:e2:54:95:26:b2:f3:04:de:
92:19:f7:97:de:03:29:fb:60:5c:b9:ea:c3:fb:85:29:0a:ef:
28:c3:82:91:5b:c7:c7:3f:11:17:01:39:28:a8:62:ac:96:70:
ad:d8:6d:d8:bd:fb:44:42:a9:b9:86:83:87:47:03:fc:b0:a2:
ee:e0:a2:d2:84:92:86:b9:b3:3d:72:9d:37:97:d3:5d:d9:70:
f5:5a:ba:f9:38:38:75:81:b4:0c:35:ec:40:65:12:7d:43:9c:
c8:e3:db:50
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUB5Hmm3pcZVWKKN2juM6x9uGgZn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjNaFw0yNTEyMjgyMzI1MjNaMDMxMTAvBgNV
BAMTKDQzRUFEMTZGNENGRDAzMDk4NjgzODgzQzYyMDUwRjlCRUUyRUJCMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1LJguzhIno0UTQmyfY045vyPZ
NZ7vZ/2i3ThkdDKv9MfAwFhI9r9lUs98Z+FbsfSjJtZMbaQ0ife9t0gynHsYN++r
EsoF8Lz4HnYraf1qNS7rIfKlEODQTUSMYO4dwDp7a0MTWlWpByhLW9IhWv0ACRqL
cssLq6PnMVNOp/bZYDbtUrLSMg7oJq86PIS+67rol1ORCcE9C2q5qo92l2Xds1Zy
IX5sfO8+Ttm3VG4t/wqIo3oVGW79EDzZZnctuXRpkMSNpkH6oaobsuXEWNB85FLA
whppdJpVTgU623PBv8KxSCPkzngYpb2ZjSkFcbnCVi2gd6ttuTtsnt+YC8QdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQ+rRb0z9AwmGg4g8YgUPm+4uuw4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
/jANBgkqhkiG9w0BAQsFAAOCAQEAMKrkMMISZwFY+y75wa81cJSt5KhhBHDNExLk
/BZ63VBrqUHauBH9fzV0ID0AQLTpQV110p9ukxB0io9wIdZeknrN0evGkuy+nVBb
fFwA9BpXXo5WaJNn71M5ORZ1fdBcwE8KF9NdlXwoURf3tTw09KFMYzUduSOMEBJV
GgVpl6Hn4l+EPPGX3LZ0Z+E0b9NuWMfmpEYrUSTekeJUlSay8wTekhn3l94DKftg
XLnqw/uFKQrvKMOCkVvHxz8RFwE5KKhirJZwrdht2L37REKpuYaDh0cD/LCi7uCi
0oSShrmzPXKdN5fTXdlw9Vq6+Tg4dYG0DDXsQGUSfUOcyOPbUA==
-----END CERTIFICATE-----
Generated at Tue May 6 22:02:35 2025 by rpki-client