Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e3132332e302f32342d3234203d3e203231383539.roa
File: 38322e32392e3132332e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: aax+QhxoC52A8GM6dp3kTlXB5kU8Nsg55JrET/Xr+SE=
Subject key identifier: EA:75:CB:86:8B:07:F8:81:F8:82:8F:7A:10:60:42:B9:E5:F2:F0:D0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 778BD32608F15064500F131B68BEF8EC6FC2465D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e3132332e302f32342d3234203d3e203231383539.roa
Signing time: Tue 31 Dec 2024 04:12:56 +0000
ROA not before: Tue 31 Dec 2024 04:07:56 +0000
ROA not after: Tue 30 Dec 2025 04:12:56 +0000
asID: 21859
IP address blocks: 82.29.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:8b:d3:26:08:f1:50:64:50:0f:13:1b:68:be:f8:ec:6f:c2:46:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 31 04:07:56 2024 GMT
Not After : Dec 30 04:12:56 2025 GMT
Subject: CN=EA75CB868B07F881F8828F7A106042B9E5F2F0D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:2c:3e:19:96:04:63:fb:3f:9c:ef:dc:aa:
82:8a:01:56:59:b4:cb:db:5f:45:a3:3f:5c:a7:c0:
e3:50:aa:8d:0e:0f:b1:e3:00:5f:12:fe:44:eb:29:
cf:af:09:07:42:19:c4:68:fe:80:63:94:ac:af:64:
41:a5:44:ee:e7:63:d4:23:ba:e5:5b:8b:ba:f1:e9:
95:21:a4:b9:c0:c9:9f:a5:65:16:90:42:86:02:11:
bd:55:49:46:58:2d:22:43:fa:0e:93:00:5d:11:8e:
97:aa:96:33:a5:db:5f:e2:52:cd:d0:e4:d0:3b:7d:
66:4d:d2:81:16:4b:a8:ec:e5:1d:b7:63:6f:39:a3:
02:33:14:3e:c1:1c:e1:dd:2c:ff:10:fa:c5:8a:4c:
0f:62:e3:84:a8:06:3d:2a:97:52:b6:09:b9:a4:41:
fe:95:45:e8:ce:2f:6d:2f:36:d1:48:0a:66:ec:c8:
f9:fb:7b:aa:99:1e:ad:76:12:62:81:e3:c9:ec:b7:
74:74:55:82:6c:04:20:3c:e6:13:b8:3a:c4:e5:80:
00:10:7b:94:78:5a:08:8c:57:15:8f:53:87:bf:0d:
4c:59:b4:8c:e5:c8:d4:b1:86:6a:3f:93:63:81:e8:
16:e4:03:b8:cc:1f:f2:62:d9:78:70:da:46:79:71:
c0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:75:CB:86:8B:07:F8:81:F8:82:8F:7A:10:60:42:B9:E5:F2:F0:D0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e3132332e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.123.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:00:88:fb:ad:69:40:10:61:50:09:2a:e0:4d:a3:6f:85:df:
62:d6:c5:87:66:a8:35:4a:4a:79:a0:39:1d:29:a9:0b:0e:33:
52:06:01:54:f5:f4:5b:35:10:40:6f:08:6b:77:32:2a:23:90:
a5:4e:bb:d2:26:db:42:5f:d9:08:95:f4:13:02:a7:79:10:fd:
66:f3:fe:13:88:0c:4a:f4:f0:25:81:fe:81:fc:4d:c8:15:ae:
61:32:4f:fa:f1:bc:26:13:da:c8:d0:a3:5e:c8:c8:2d:07:7c:
93:b6:fb:0d:38:06:5a:10:26:4e:db:03:8b:fc:86:be:f2:9b:
a4:c5:f9:ad:58:16:9b:aa:07:de:da:a7:79:b1:81:f0:40:2b:
5e:06:c8:97:bb:a6:33:69:82:4a:6c:79:cb:15:62:b6:0e:42:
48:b4:29:d7:82:ee:35:5f:21:c0:25:74:d9:39:23:6d:38:38:
c0:27:d7:5c:1f:75:7f:4e:b3:3f:50:03:27:26:28:45:00:d4:
39:66:89:81:67:72:57:ff:5d:ba:88:99:6e:ff:80:01:eb:7a:
d6:8c:91:61:c6:aa:0d:9f:c3:e6:eb:07:13:e3:8e:6f:80:7c:
15:48:c3:71:8a:1d:66:9c:af:48:8a:db:54:2c:29:89:af:e5:
ca:5e:db:0b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUd4vTJgjxUGRQDxMbaL747G/CRl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMzEwNDA3NTZaFw0yNTEyMzAwNDEyNTZaMDMxMTAvBgNV
BAMTKEVBNzVDQjg2OEIwN0Y4ODFGODgyOEY3QTEwNjA0MkI5RTVGMkYwRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTgCw+GZYEY/s/nO/cqoKKAVZZ
tMvbX0WjP1ynwONQqo0OD7HjAF8S/kTrKc+vCQdCGcRo/oBjlKyvZEGlRO7nY9Qj
uuVbi7rx6ZUhpLnAyZ+lZRaQQoYCEb1VSUZYLSJD+g6TAF0RjpeqljOl21/iUs3Q
5NA7fWZN0oEWS6js5R23Y285owIzFD7BHOHdLP8Q+sWKTA9i44SoBj0ql1K2Cbmk
Qf6VRejOL20vNtFICmbsyPn7e6qZHq12EmKB48nst3R0VYJsBCA85hO4OsTlgAAQ
e5R4WgiMVxWPU4e/DUxZtIzlyNSxhmo/k2OB6BbkA7jMH/Ji2Xhw2kZ5ccCLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU6nXLhosH+IH4go96EGBCueXy8NAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzOTJlMzEzMjMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM4MzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFId
ezANBgkqhkiG9w0BAQsFAAOCAQEALgCI+61pQBBhUAkq4E2jb4XfYtbFh2aoNUpK
eaA5HSmpCw4zUgYBVPX0WzUQQG8Ia3cyKiOQpU670ibbQl/ZCJX0EwKneRD9ZvP+
E4gMSvTwJYH+gfxNyBWuYTJP+vG8JhPayNCjXsjILQd8k7b7DTgGWhAmTtsDi/yG
vvKbpMX5rVgWm6oH3tqnebGB8EArXgbIl7umM2mCSmx5yxVitg5CSLQp14LuNV8h
wCV02TkjbTg4wCfXXB91f06zP1ADJyYoRQDUOWaJgWdyV/9duoiZbv+AAet61oyR
YcaqDZ/D5usHE+OOb4B8FUjDcYodZpyvSIrbVCwpia/lyl7bCw==
-----END CERTIFICATE-----
Generated at Wed May 7 02:34:03 2025 by rpki-client