Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e3132352e302f32342d3234203d3e203634323637.roa
File: 38322e32392e3132352e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: VvPotUmrcmqkNalf2OWZaYKKqzQEdjtJXZpvI7li5Co=
Subject key identifier: E7:AF:9C:88:CF:90:CB:AA:54:2F:E1:B1:E5:A0:6E:A1:DA:22:8F:BE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0FE4317F2A4109237A4B8D08C6A3C5AE8ABEBE4B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e3132352e302f32342d3234203d3e203634323637.roa
Signing time: Mon 30 Dec 2024 08:10:02 +0000
ROA not before: Mon 30 Dec 2024 08:05:02 +0000
ROA not after: Mon 29 Dec 2025 08:10:02 +0000
asID: 64267
IP address blocks: 82.29.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:e4:31:7f:2a:41:09:23:7a:4b:8d:08:c6:a3:c5:ae:8a:be:be:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 30 08:05:02 2024 GMT
Not After : Dec 29 08:10:02 2025 GMT
Subject: CN=E7AF9C88CF90CBAA542FE1B1E5A06EA1DA228FBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:68:ab:38:0a:a5:f2:6d:25:da:06:b4:8f:04:
f1:ea:51:96:d1:af:6b:ee:ea:1b:19:7c:02:83:ac:
13:7c:b1:49:43:b0:5d:56:ca:3d:2a:fc:74:ab:6e:
5a:96:d9:57:96:54:18:41:8d:e9:fe:21:d0:6a:d7:
18:d7:ab:f7:a6:bb:4a:fd:c0:c4:b0:bb:ba:6e:4a:
87:62:23:1b:c3:b4:66:c2:b0:8b:15:b3:94:f8:43:
14:32:76:65:89:0e:0a:cb:11:5e:de:44:76:7b:97:
db:23:3f:49:58:13:0b:eb:b4:eb:5c:42:40:7d:f9:
1c:d7:2d:df:96:e4:4a:df:7f:61:0f:43:06:c6:5e:
c9:83:59:d5:a5:e6:dc:b4:13:93:5f:97:63:2c:36:
f2:f0:1d:2c:06:9f:ab:df:cb:0e:fb:25:c2:df:0a:
f5:ec:df:6c:79:66:6b:b4:10:81:a4:30:66:85:53:
b1:42:e9:51:b0:1e:90:35:27:4c:17:10:7f:0b:c9:
2d:98:f0:f7:9c:4f:9d:eb:88:db:d4:a4:3f:7f:28:
69:5d:55:eb:c5:a9:51:4c:af:cd:ba:ce:0c:74:07:
33:de:1d:d1:55:2f:c2:d1:c0:20:e3:81:f6:0e:e2:
12:5c:8d:3c:6e:cb:e9:4f:0e:35:37:22:1e:c6:f5:
c7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:AF:9C:88:CF:90:CB:AA:54:2F:E1:B1:E5:A0:6E:A1:DA:22:8F:BE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e3132352e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.125.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:0d:6b:be:e7:36:1b:ed:85:e7:76:5a:7a:53:9d:2d:b1:fd:
94:f0:b7:c9:25:a8:d4:40:73:ae:45:64:97:91:60:89:c2:c2:
a5:cd:76:87:ed:04:e3:90:b9:09:77:bc:8d:f2:f0:ae:43:86:
cc:5f:c5:42:4a:83:d5:f7:9b:8d:f6:3a:6a:12:96:37:53:a9:
1f:c5:41:34:3c:2c:0e:34:4b:0a:bf:b1:30:b9:44:24:17:a1:
90:fb:75:99:3f:c3:f0:0d:7f:3b:59:a9:c9:ea:4c:a7:f4:c9:
8e:d2:dc:9d:03:f3:0a:d6:91:86:57:43:38:83:83:71:82:99:
1f:af:a5:a4:1a:1a:6e:ba:a4:d0:43:12:a8:c7:3a:a4:06:f0:
22:21:af:85:6d:d4:04:ff:9b:0a:78:b6:c7:41:26:64:51:c5:
68:89:5a:b4:b3:2a:c5:bb:51:f7:e6:02:fc:f6:6a:f0:f2:83:
07:1d:5b:23:c3:0b:41:26:92:4b:76:94:7b:ea:ea:ae:05:73:
1e:de:fa:45:30:62:98:c9:fb:75:18:dd:f2:ec:b6:c6:3a:94:
f3:95:a4:cb:32:4f:dd:3b:dc:31:90:f3:9d:64:1a:f7:7b:ad:
95:38:31:f1:b8:79:a0:0a:df:1d:b8:35:06:75:57:72:9e:16:
52:cd:5f:9a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUD+QxfypBCSN6S40IxqPFroq+vkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMzAwODA1MDJaFw0yNTEyMjkwODEwMDJaMDMxMTAvBgNV
BAMTKEU3QUY5Qzg4Q0Y5MENCQUE1NDJGRTFCMUU1QTA2RUExREEyMjhGQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+aKs4CqXybSXaBrSPBPHqUZbR
r2vu6hsZfAKDrBN8sUlDsF1Wyj0q/HSrblqW2VeWVBhBjen+IdBq1xjXq/emu0r9
wMSwu7puSodiIxvDtGbCsIsVs5T4QxQydmWJDgrLEV7eRHZ7l9sjP0lYEwvrtOtc
QkB9+RzXLd+W5Erff2EPQwbGXsmDWdWl5ty0E5Nfl2MsNvLwHSwGn6vfyw77JcLf
CvXs32x5Zmu0EIGkMGaFU7FC6VGwHpA1J0wXEH8LyS2Y8PecT53riNvUpD9/KGld
VevFqVFMr826zgx0BzPeHdFVL8LRwCDjgfYO4hJcjTxuy+lPDjU3Ih7G9cerAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU56+ciM+Qy6pUL+Gx5aBuodoij74wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzOTJlMzEzMjM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzNDMyMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFId
fTANBgkqhkiG9w0BAQsFAAOCAQEAPQ1rvuc2G+2F53ZaelOdLbH9lPC3ySWo1EBz
rkVkl5FgicLCpc12h+0E45C5CXe8jfLwrkOGzF/FQkqD1febjfY6ahKWN1OpH8VB
NDwsDjRLCr+xMLlEJBehkPt1mT/D8A1/O1mpyepMp/TJjtLcnQPzCtaRhldDOIOD
cYKZH6+lpBoabrqk0EMSqMc6pAbwIiGvhW3UBP+bCni2x0EmZFHFaIlatLMqxbtR
9+YC/PZq8PKDBx1bI8MLQSaSS3aUe+rqrgVzHt76RTBimMn7dRjd8uy2xjqU85Wk
yzJP3TvcMZDznWQa93utlTgx8bh5oArfHbg1BnVXcp4WUs1fmg==
-----END CERTIFICATE-----
Generated at Wed May 7 09:42:11 2025 by rpki-client