Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e34382e302f32342d3234203d3e2039333034.roa
File: 38322e32392e34382e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: pMEkoToajLulfM7gmTy1QDLf0dMiNA9HeDN/etSK0l8=
Subject key identifier: DB:A5:F3:57:72:C6:78:C1:FA:0A:55:79:52:34:8A:29:5B:77:10:07
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2A618B89590AA03BBA70978ADE1AEDBB9F1AA9D7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e34382e302f32342d3234203d3e2039333034.roa
Signing time: Mon 30 Dec 2024 09:43:35 +0000
ROA not before: Mon 30 Dec 2024 09:38:35 +0000
ROA not after: Mon 29 Dec 2025 09:43:35 +0000
asID: 9304
IP address blocks: 82.29.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:61:8b:89:59:0a:a0:3b:ba:70:97:8a:de:1a:ed:bb:9f:1a:a9:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 30 09:38:35 2024 GMT
Not After : Dec 29 09:43:35 2025 GMT
Subject: CN=DBA5F35772C678C1FA0A557952348A295B771007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4a:62:cb:30:52:58:95:25:f1:98:a0:81:6d:
ef:af:55:1a:56:78:e1:51:45:13:0f:e7:3c:6d:25:
3f:6a:b2:f7:2e:3e:5f:32:c3:45:60:6b:34:d1:9f:
b3:d9:23:10:24:af:2c:12:38:84:32:ba:89:22:38:
e5:d0:20:22:0b:7c:cd:62:8a:a0:c3:86:7a:44:7f:
92:50:43:5b:1b:96:07:c8:c7:e0:0a:46:a6:29:d3:
b1:f6:9a:3f:2a:15:dd:44:93:d9:20:8e:16:81:64:
d9:b0:b6:55:3e:1f:0f:57:4f:3e:7c:fb:3c:54:5f:
0d:7c:8c:71:69:62:4d:9a:9a:f5:da:3d:2f:7e:2b:
14:90:d5:b0:cc:29:c4:aa:b9:21:2b:64:e3:f4:1f:
3f:1a:0d:aa:e2:c8:95:bb:cb:91:17:08:40:5e:23:
34:38:1d:43:48:c2:d0:16:e3:f8:63:84:9d:4c:22:
7c:d2:5c:6e:d1:12:37:2e:e3:d4:86:6f:d9:75:1d:
3a:48:8b:47:6d:f1:62:e7:be:12:4d:d5:e9:fb:11:
87:59:d9:bd:f1:50:d7:cc:e3:77:fb:66:72:ec:24:
9b:8c:c0:cf:39:ad:bd:2c:59:33:c0:58:64:6d:8b:
74:f6:fa:b0:ce:cc:c9:56:e6:3c:a2:4e:41:1f:23:
48:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A5:F3:57:72:C6:78:C1:FA:0A:55:79:52:34:8A:29:5B:77:10:07
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e34382e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.48.0/24
Signature Algorithm: sha256WithRSAEncryption
43:aa:8b:42:f8:1d:74:45:0c:fb:f4:f2:46:1c:ca:87:1b:24:
21:0f:1c:8d:9e:86:23:44:ce:b8:4a:f8:32:26:0a:e0:bd:61:
e2:45:49:5a:2c:35:45:f8:29:b4:e0:56:ca:99:05:f7:4d:9a:
9a:ba:ff:d5:1f:d8:d5:43:d2:c7:86:ca:39:34:7d:6f:d6:cb:
c4:98:97:80:77:41:57:ef:44:43:b0:95:ff:fe:1b:5b:05:47:
d5:84:1e:fd:dd:f7:b4:a9:55:aa:45:4b:65:bd:cb:7a:2c:c8:
98:13:d4:1d:f4:0c:af:a3:d0:52:25:db:4d:11:47:9e:80:5d:
c3:11:f2:2a:58:e9:7a:dc:bd:c8:e4:d8:72:fa:d0:1b:c2:8e:
85:b4:4e:82:31:27:64:7e:71:28:40:7f:49:6c:13:ca:f9:5a:
ab:d2:17:5c:77:37:a9:cf:13:90:4c:89:1f:cb:0f:8a:84:e4:
7a:f5:cb:f9:de:94:d3:43:ae:d8:fb:ce:49:9e:a2:59:c1:ea:
79:b5:24:b3:47:3a:a0:f6:31:93:75:2c:30:e4:4c:5a:a6:f7:
fc:4b:26:3f:cf:1f:15:75:24:07:d5:ed:e9:1b:17:c0:df:d6:
8f:f4:1d:5f:00:f5:6d:ca:c8:9c:bc:a4:d7:c3:6e:f1:70:0c:
0c:1a:db:d0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUKmGLiVkKoDu6cJeK3hrtu58aqdcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMzAwOTM4MzVaFw0yNTEyMjkwOTQzMzVaMDMxMTAvBgNV
BAMTKERCQTVGMzU3NzJDNjc4QzFGQTBBNTU3OTUyMzQ4QTI5NUI3NzEwMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsSmLLMFJYlSXxmKCBbe+vVRpW
eOFRRRMP5zxtJT9qsvcuPl8yw0VgazTRn7PZIxAkrywSOIQyuokiOOXQICILfM1i
iqDDhnpEf5JQQ1sblgfIx+AKRqYp07H2mj8qFd1Ek9kgjhaBZNmwtlU+Hw9XTz58
+zxUXw18jHFpYk2amvXaPS9+KxSQ1bDMKcSquSErZOP0Hz8aDariyJW7y5EXCEBe
IzQ4HUNIwtAW4/hjhJ1MInzSXG7REjcu49SGb9l1HTpIi0dt8WLnvhJN1en7EYdZ
2b3xUNfM43f7ZnLsJJuMwM85rb0sWTPAWGRti3T2+rDOzMlW5jyiTkEfI0gDAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU26XzV3LGeMH6ClV5UjSKKVt3EAcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzOTJlMzQzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh0wMA0G
CSqGSIb3DQEBCwUAA4IBAQBDqotC+B10RQz79PJGHMqHGyQhDxyNnoYjRM64Svgy
JgrgvWHiRUlaLDVF+Cm04FbKmQX3TZqauv/VH9jVQ9LHhso5NH1v1svEmJeAd0FX
70RDsJX//htbBUfVhB793fe0qVWqRUtlvct6LMiYE9Qd9Ayvo9BSJdtNEUeegF3D
EfIqWOl63L3I5Nhy+tAbwo6FtE6CMSdkfnEoQH9JbBPK+Vqr0hdcdzepzxOQTIkf
yw+KhOR69cv53pTTQ67Y+85JnqJZwep5tSSzRzqg9jGTdSww5Exapvf8SyY/zx8V
dSQH1e3pGxfA39aP9B1fAPVtysicvKTXw27xcAwMGtvQ
-----END CERTIFICATE-----
Generated at Thu May 8 22:28:16 2025 by rpki-client