Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e39332e302f32342d3234203d3e2039333034.roa
File: 38322e32392e39332e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: HY1tL2HR1HFJBbqEKRIyVQutOTENZCP5N9fsEBCdmuM=
Subject key identifier: F0:B6:E4:AC:30:2C:8F:14:11:61:64:AE:55:EB:26:04:10:E0:FC:E8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 71B05CA3A6956812EB1E93E7504D01B1097F0791
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e39332e302f32342d3234203d3e2039333034.roa
Signing time: Mon 30 Dec 2024 09:43:32 +0000
ROA not before: Mon 30 Dec 2024 09:38:32 +0000
ROA not after: Mon 29 Dec 2025 09:43:32 +0000
asID: 9304
IP address blocks: 82.29.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:b0:5c:a3:a6:95:68:12:eb:1e:93:e7:50:4d:01:b1:09:7f:07:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 30 09:38:32 2024 GMT
Not After : Dec 29 09:43:32 2025 GMT
Subject: CN=F0B6E4AC302C8F14116164AE55EB260410E0FCE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4e:e1:52:35:f8:2b:f2:c4:c5:41:16:f4:59:
ef:0d:cc:6a:5b:a5:af:11:f0:f6:21:27:10:5a:3b:
24:67:9b:18:1f:cb:71:56:12:4e:02:2a:6e:24:7a:
ee:13:72:08:f2:10:0e:e0:3e:0d:7b:3f:88:f1:77:
4f:95:17:a0:76:9e:16:a5:6b:71:1b:11:cc:52:49:
ec:bb:3f:a7:8c:38:6e:09:d3:05:6a:65:21:47:8a:
e3:4d:5f:21:bb:6a:c6:e9:34:fc:71:0c:70:74:20:
97:5c:0f:ec:c7:ad:3c:31:50:24:67:a7:96:02:5f:
c1:ad:4a:44:df:5b:7f:fd:9f:21:48:a0:e4:95:9a:
f7:b1:ba:21:9a:c6:6d:53:db:96:0c:db:7d:ea:05:
75:87:fd:27:5f:d7:ac:ee:46:23:01:d3:7d:eb:5a:
54:92:51:21:0e:3a:26:4a:02:22:cf:89:2e:79:1d:
e8:33:e2:b4:f0:0d:fd:dc:2b:89:5e:8c:0b:be:7d:
1b:f2:5d:7a:47:78:67:24:5e:37:99:82:21:4b:89:
78:5a:8d:d8:92:d7:ec:f2:ec:7d:7e:f6:a6:32:58:
bc:83:19:cd:c5:58:0e:39:03:e8:e0:bf:00:7c:1b:
d8:ea:13:79:a2:31:d0:9c:d9:60:a1:6b:21:a2:3b:
f6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B6:E4:AC:30:2C:8F:14:11:61:64:AE:55:EB:26:04:10:E0:FC:E8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32392e39332e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.29.93.0/24
Signature Algorithm: sha256WithRSAEncryption
57:be:76:e5:46:19:e1:57:5c:7f:75:3a:e3:80:f2:e8:54:06:
f3:db:f2:80:8b:67:34:e1:ee:19:bf:12:b2:9a:ce:24:90:0e:
53:08:f9:22:78:39:08:08:83:d6:c3:ce:43:b6:99:f9:58:9c:
65:0e:a3:28:bd:e2:12:ec:b9:cc:09:83:d3:fb:17:80:42:09:
af:7d:7d:74:b7:56:f0:f2:f5:a9:92:04:f3:97:00:ed:ee:da:
65:4f:bb:e0:9c:ab:88:6e:98:38:80:2e:aa:05:31:97:37:48:
76:5c:3a:ff:02:75:98:cb:36:2e:70:7e:3f:c8:84:48:16:17:
73:3b:96:92:c3:ff:f2:2e:70:ea:33:90:c1:e0:e3:50:df:ac:
80:c2:c6:5d:33:69:cd:91:c2:f1:89:1c:e5:be:7d:8d:47:4c:
da:cf:1d:2e:f6:8e:11:37:42:14:00:5f:e1:a8:e7:b7:94:e3:
89:60:03:ff:b6:81:cd:84:ed:9b:9f:3b:ca:1a:55:7c:e1:ca:
5d:5e:0a:74:b3:60:1b:2f:5e:34:46:e4:9b:bf:b8:e0:6a:ca:
2e:e7:d6:69:f1:5d:e7:42:50:57:e3:66:8e:00:12:f6:b3:46:
f0:19:2d:34:a3:1d:e2:06:77:d0:82:2f:5d:2e:ba:05:46:6b:
e4:a5:b7:47
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUcbBco6aVaBLrHpPnUE0BsQl/B5EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMzAwOTM4MzJaFw0yNTEyMjkwOTQzMzJaMDMxMTAvBgNV
BAMTKEYwQjZFNEFDMzAyQzhGMTQxMTYxNjRBRTU1RUIyNjA0MTBFMEZDRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjTuFSNfgr8sTFQRb0We8NzGpb
pa8R8PYhJxBaOyRnmxgfy3FWEk4CKm4keu4TcgjyEA7gPg17P4jxd0+VF6B2nhal
a3EbEcxSSey7P6eMOG4J0wVqZSFHiuNNXyG7asbpNPxxDHB0IJdcD+zHrTwxUCRn
p5YCX8GtSkTfW3/9nyFIoOSVmvexuiGaxm1T25YM233qBXWH/Sdf16zuRiMB033r
WlSSUSEOOiZKAiLPiS55Hegz4rTwDf3cK4lejAu+fRvyXXpHeGckXjeZgiFLiXha
jdiS1+zy7H1+9qYyWLyDGc3FWA45A+jgvwB8G9jqE3miMdCc2WChayGiO/YDAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU8LbkrDAsjxQRYWSuVesmBBDg/OgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzOTJlMzkzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUh1dMA0G
CSqGSIb3DQEBCwUAA4IBAQBXvnblRhnhV1x/dTrjgPLoVAbz2/KAi2c04e4ZvxKy
ms4kkA5TCPkieDkICIPWw85Dtpn5WJxlDqMoveIS7LnMCYPT+xeAQgmvfX10t1bw
8vWpkgTzlwDt7tplT7vgnKuIbpg4gC6qBTGXN0h2XDr/AnWYyzYucH4/yIRIFhdz
O5aSw//yLnDqM5DB4ONQ36yAwsZdM2nNkcLxiRzlvn2NR0zazx0u9o4RN0IUAF/h
qOe3lOOJYAP/toHNhO2bnzvKGlV84cpdXgp0s2AbL140RuSbv7jgasou59Zp8V3n
QlBX42aOABL2s0bwGS00ox3iBnfQgi9dLroFRmvkpbdH
-----END CERTIFICATE-----
Generated at Tue May 6 19:19:39 2025 by rpki-client