Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235352e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3235352e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: SqSFiRSpvHgnezAZ1Jox15UsXqzR39vOx6SgIKr+4bE=
Subject key identifier: 2C:9C:97:43:B8:9D:8B:18:C1:BE:B6:18:9C:B7:9B:65:ED:46:A3:E2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 19A85229A2602604BE939AAAFC052FC94CC9E85A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235352e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:23 +0000
ROA not before: Sun 29 Dec 2024 23:20:23 +0000
ROA not after: Sun 28 Dec 2025 23:25:23 +0000
asID: 16276
IP address blocks: 82.23.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:a8:52:29:a2:60:26:04:be:93:9a:aa:fc:05:2f:c9:4c:c9:e8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:23 2024 GMT
Not After : Dec 28 23:25:23 2025 GMT
Subject: CN=2C9C9743B89D8B18C1BEB6189CB79B65ED46A3E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:34:0d:34:7a:98:d8:1f:97:95:cd:d0:4f:
d8:85:56:a3:54:aa:50:7a:57:87:e5:41:48:40:66:
b3:64:6e:34:41:90:73:d3:af:ca:4c:9f:2d:3e:8c:
c6:38:ef:c6:9b:c4:bc:23:68:af:aa:9a:27:c3:cd:
19:a4:98:96:80:ab:d9:23:33:95:34:d8:5d:47:63:
39:bd:a7:00:c4:32:db:16:d0:2e:13:14:d3:27:46:
0d:4c:b8:de:12:56:c0:4e:ad:ff:89:d1:ba:7e:82:
31:37:23:d8:01:93:c3:03:9b:b5:7d:72:22:0a:37:
8f:a9:01:c1:14:5f:2b:32:d1:6b:e7:89:92:4f:5c:
ab:a3:c5:ab:ce:b2:4e:f5:02:6d:c2:5c:23:fe:e0:
f2:ef:34:27:d6:95:69:9c:ae:d2:ac:b6:d8:5b:b4:
59:95:1b:22:50:4c:13:a5:57:88:2a:c6:75:c8:12:
b9:a1:56:f3:91:07:96:d7:37:bf:9b:ff:a5:64:a9:
1a:d7:2c:ae:45:c0:7b:ef:9d:74:28:11:66:fb:5a:
07:46:2d:b1:b5:c5:46:bc:92:6a:e8:c5:cb:c8:b6:
f7:d2:12:e9:0d:35:14:c3:11:fb:34:3f:5a:3a:56:
11:f3:ed:78:56:3b:43:81:b2:a6:b8:ca:37:6b:81:
70:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9C:97:43:B8:9D:8B:18:C1:BE:B6:18:9C:B7:9B:65:ED:46:A3:E2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235352e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.255.0/24
Signature Algorithm: sha256WithRSAEncryption
67:71:f1:86:66:cc:29:e4:61:66:ed:fe:51:04:81:22:b6:7e:
78:5c:ea:d3:7d:d4:da:92:29:a5:68:5b:27:c7:00:ba:fd:f1:
98:31:e4:4d:6e:0e:70:bc:c4:ef:53:cb:e6:ea:7c:73:a7:e9:
4b:23:55:24:04:45:4e:47:59:87:0d:7a:4f:8d:fc:95:19:b2:
b0:a4:47:6a:72:43:10:03:06:db:27:e8:13:30:f3:81:0b:3d:
1b:9d:c3:48:b9:7b:e1:75:91:2f:71:73:5b:9b:a8:dd:14:91:
e7:d8:5d:27:2d:1f:af:8b:dc:5b:c9:55:4d:38:65:d3:ad:db:
d3:9b:43:7b:26:ef:e0:41:78:29:61:ba:95:87:70:78:fd:18:
cb:3b:83:6c:bf:c8:56:6b:c5:f5:11:2e:f8:cd:02:59:5b:16:
bf:8f:3a:37:fb:3b:4c:ba:01:45:4d:21:8c:3b:eb:6a:af:86:
ef:01:f6:ea:fa:12:9d:7e:85:b0:fa:c6:0c:53:82:bd:80:4d:
f5:b9:aa:d1:06:d1:e8:05:b9:7a:cc:bc:ad:25:b5:27:09:cc:
43:4f:a7:b8:0a:9a:e1:a2:86:3b:07:cd:f4:6a:eb:e0:2a:c7:
a2:19:d7:e6:c3:91:fc:80:3f:15:40:77:77:91:f3:05:fe:50:
e1:ce:21:0f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGahSKaJgJgS+k5qq/AUvyUzJ6FowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjNaFw0yNTEyMjgyMzI1MjNaMDMxMTAvBgNV
BAMTKDJDOUM5NzQzQjg5RDhCMThDMUJFQjYxODlDQjc5QjY1RUQ0NkEzRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3fTQNNHqY2B+Xlc3QT9iFVqNU
qlB6V4flQUhAZrNkbjRBkHPTr8pMny0+jMY478abxLwjaK+qmifDzRmkmJaAq9kj
M5U02F1HYzm9pwDEMtsW0C4TFNMnRg1MuN4SVsBOrf+J0bp+gjE3I9gBk8MDm7V9
ciIKN4+pAcEUXysy0WvniZJPXKujxavOsk71Am3CXCP+4PLvNCfWlWmcrtKstthb
tFmVGyJQTBOlV4gqxnXIErmhVvORB5bXN7+b/6VkqRrXLK5FwHvvnXQoEWb7WgdG
LbG1xUa8kmroxcvItvfSEukNNRTDEfs0P1o6VhHz7XhWO0OBsqa4yjdrgXD3AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQULJyXQ7idixjBvrYYnLebZe1Go+IwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNTM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
/zANBgkqhkiG9w0BAQsFAAOCAQEAZ3HxhmbMKeRhZu3+UQSBIrZ+eFzq033U2pIp
pWhbJ8cAuv3xmDHkTW4OcLzE71PL5up8c6fpSyNVJARFTkdZhw16T438lRmysKRH
anJDEAMG2yfoEzDzgQs9G53DSLl74XWRL3FzW5uo3RSR59hdJy0fr4vcW8lVTThl
063b05tDeybv4EF4KWG6lYdweP0YyzuDbL/IVmvF9REu+M0CWVsWv486N/s7TLoB
RU0hjDvraq+G7wH26voSnX6FsPrGDFOCvYBN9bmq0QbR6AW5esy8rSW1JwnMQ0+n
uAqa4aKGOwfN9Grr4CrHohnX5sOR/IA/FUB3d5HzBf5Q4c4hDw==
-----END CERTIFICATE-----
Generated at Tue May 6 17:34:05 2025 by rpki-client