Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32362e3132382e302f31372d3234203d3e20383334.roa
File: 38322e32362e3132382e302f31372d3234203d3e20383334.roa (raw, json)
Hash identifier: z4RfN3Xn7I7vHqOx0DgWuon5iYV4C28iFs60InP1FNE=
Subject key identifier: 7B:89:D1:6D:04:00:49:87:2D:BF:6B:8D:9B:86:EA:71:1C:25:C2:90
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 551E183FC3125308789874CB823E5B3EF3F6DD55
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32362e3132382e302f31372d3234203d3e20383334.roa
Signing time: Fri 27 Dec 2024 10:06:37 +0000
ROA not before: Fri 27 Dec 2024 10:01:37 +0000
ROA not after: Fri 26 Dec 2025 10:06:37 +0000
asID: 834
IP address blocks: 82.26.128.0/17 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 11:22:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:1e:18:3f:c3:12:53:08:78:98:74:cb:82:3e:5b:3e:f3:f6:dd:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 10:01:37 2024 GMT
Not After : Dec 26 10:06:37 2025 GMT
Subject: CN=7B89D16D040049872DBF6B8D9B86EA711C25C290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1a:50:87:39:79:d5:31:f5:67:63:0f:03:3e:
21:a6:d8:ee:6b:ea:b2:8f:eb:0b:45:11:f4:ea:3a:
32:3c:39:cd:07:e5:d4:a6:72:71:2b:8b:09:67:6c:
1b:29:19:34:ba:f0:c2:b0:40:e9:02:34:2a:0e:c6:
09:29:38:18:d0:e3:98:bc:d8:75:c9:82:b5:2e:07:
92:46:65:ef:c5:b3:b8:6c:4a:cb:61:98:38:86:bd:
80:9c:0f:a7:26:62:3c:5d:c8:8d:bf:ee:21:fc:7d:
12:f7:14:91:ad:b9:b5:42:80:f2:f2:0a:1c:42:f5:
51:50:dc:b3:5c:a5:60:29:22:26:60:7a:34:5c:14:
b2:37:c7:fa:1d:71:5d:30:a0:17:6e:7d:b3:cc:60:
d8:8d:1a:ba:f8:51:38:77:b8:b6:a4:b1:a2:83:bf:
97:f3:1f:04:72:58:cd:dd:c4:db:14:c6:6f:9b:6c:
ac:b5:ea:2c:cb:76:b0:00:90:7f:78:4e:a2:40:0c:
1c:a8:cc:34:f2:99:7b:4b:50:6f:ba:13:16:7b:31:
5d:86:49:e3:ec:09:89:1f:a8:ff:fb:4a:e5:7f:42:
d6:83:ce:aa:08:08:10:e4:2d:18:ee:eb:21:bf:ce:
ed:46:92:0e:78:e2:fc:85:8e:b0:1f:d5:f4:cf:ed:
bf:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:89:D1:6D:04:00:49:87:2D:BF:6B:8D:9B:86:EA:71:1C:25:C2:90
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32362e3132382e302f31372d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.26.128.0/17
Signature Algorithm: sha256WithRSAEncryption
91:cb:5e:d5:85:41:a7:31:bc:2b:05:d0:5e:46:24:cd:3f:d9:
71:50:b2:51:36:78:e8:96:0d:d7:27:59:24:53:a8:6d:f5:96:
1b:b6:db:34:29:db:9d:7c:2d:61:7b:11:24:0d:76:d8:b3:a1:
97:d9:00:75:f9:7e:ad:f3:d4:73:49:77:a9:34:ec:4c:7b:4a:
5f:3b:99:c8:fe:85:9d:8d:cb:d6:dd:37:65:d2:19:e4:0a:b5:
7d:14:e5:4d:14:41:3c:41:7f:77:79:34:20:36:8b:26:5e:8b:
0f:8a:9f:85:52:a9:09:48:78:29:ba:31:cb:b1:99:f0:c8:f3:
19:fe:78:3a:ac:d4:29:cc:e4:06:13:d7:a1:8a:97:6b:cc:4d:
b9:ae:58:3e:74:1f:5b:a3:4a:15:75:d1:32:e0:3a:09:5e:65:
74:98:03:ee:60:bd:92:e6:ff:d4:c4:0e:39:30:4e:ca:87:e4:
27:ba:35:00:07:ae:01:ec:1a:dc:d4:2c:81:a6:1c:b0:38:1a:
72:c5:87:0e:a8:29:f5:93:07:f3:00:27:77:f6:0e:9f:9e:f9:
78:b6:fd:62:50:e8:06:7d:15:ab:46:fc:95:71:92:cb:50:eb:
6f:86:8c:8f:ba:98:1b:36:52:06:fa:8b:45:bf:8f:9b:cc:38:
f8:eb:d7:8f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUVR4YP8MSUwh4mHTLgj5bPvP23VUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcxMDAxMzdaFw0yNTEyMjYxMDA2MzdaMDMxMTAvBgNV
BAMTKDdCODlEMTZEMDQwMDQ5ODcyREJGNkI4RDlCODZFQTcxMUMyNUMyOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlGlCHOXnVMfVnYw8DPiGm2O5r
6rKP6wtFEfTqOjI8Oc0H5dSmcnEriwlnbBspGTS68MKwQOkCNCoOxgkpOBjQ45i8
2HXJgrUuB5JGZe/Fs7hsSsthmDiGvYCcD6cmYjxdyI2/7iH8fRL3FJGtubVCgPLy
ChxC9VFQ3LNcpWApIiZgejRcFLI3x/odcV0woBdufbPMYNiNGrr4UTh3uLaksaKD
v5fzHwRyWM3dxNsUxm+bbKy16izLdrAAkH94TqJADByozDTymXtLUG+6ExZ7MV2G
SePsCYkfqP/7SuV/QtaDzqoICBDkLRju6yG/zu1Gkg544vyFjrAf1fTP7b/jAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUe4nRbQQASYctv2uNm4bqcRwlwpAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzNjJlMzEzMjM4
MmUzMDJmMzEzNzJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHUhqAMA0G
CSqGSIb3DQEBCwUAA4IBAQCRy17VhUGnMbwrBdBeRiTNP9lxULJRNnjolg3XJ1kk
U6ht9ZYbtts0KdudfC1hexEkDXbYs6GX2QB1+X6t89RzSXepNOxMe0pfO5nI/oWd
jcvW3Tdl0hnkCrV9FOVNFEE8QX93eTQgNosmXosPip+FUqkJSHgpujHLsZnwyPMZ
/ng6rNQpzOQGE9ehipdrzE25rlg+dB9bo0oVddEy4DoJXmV0mAPuYL2S5v/UxA45
ME7Kh+QnujUAB64B7Brc1CyBphywOBpyxYcOqCn1kwfzACd39g6fnvl4tv1iUOgG
fRWrRvyVcZLLUOtvhoyPupgbNlIG+otFv4+bzDj469eP
-----END CERTIFICATE-----
Generated at Wed May 7 17:25:16 2025 by rpki-client