Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20383334.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: FNXZmOU3/wxqLBhpktvHZpT6JKCPhIOn3yY1iWVeDjk=
Subject key identifier: A1:A2:E5:9D:92:2C:65:C9:92:E3:6A:90:55:19:B3:A7:B1:97:03:92
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6CB10150A6306DDB9AAB354E5CC10D0C863D2806
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20383334.roa
Signing time: Tue 11 Mar 2025 11:16:40 +0000
ROA not before: Tue 11 Mar 2025 11:11:40 +0000
ROA not after: Tue 10 Mar 2026 11:16:40 +0000
asID: 834
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 15:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:b1:01:50:a6:30:6d:db:9a:ab:35:4e:5c:c1:0d:0c:86:3d:28:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 11 11:11:40 2025 GMT
Not After : Mar 10 11:16:40 2026 GMT
Subject: CN=A1A2E59D922C65C992E36A905519B3A7B1970392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:11:31:4d:a0:73:85:e6:bb:b1:c0:28:6e:
42:2b:2c:e5:b3:80:4c:47:ba:e6:5e:c3:52:4b:36:
37:10:fa:0f:73:8b:39:03:34:c0:25:22:65:21:54:
15:19:02:b5:38:69:bf:ce:bd:4e:9e:6d:0f:75:34:
89:0d:59:c3:07:aa:8f:d4:d4:fe:9f:0f:5b:25:15:
02:32:7a:da:10:84:a8:a8:ed:b6:c8:57:34:86:77:
ee:b4:b2:d5:d5:80:4e:8f:3d:6e:8a:de:79:cb:a0:
53:99:3b:d2:01:83:93:76:58:c9:e9:10:4e:36:e5:
d3:6c:19:26:ba:01:86:3d:34:26:1c:b7:bf:c7:74:
4a:6f:74:39:56:1a:57:d0:70:e9:6b:e1:0e:e8:7d:
9f:52:f8:65:bc:00:0c:3a:53:b2:d8:32:48:db:49:
58:37:41:4e:28:12:3d:a8:ea:70:e5:30:78:20:93:
4f:17:03:78:d6:fe:2f:50:be:e9:f1:fe:bc:c5:b8:
45:06:52:ba:7c:1a:c6:2d:49:0b:3f:73:c3:bf:e8:
96:38:60:9a:ee:74:e4:5b:5f:59:3a:16:15:d2:e3:
77:15:b7:1d:58:c5:f6:fc:a2:c6:02:41:e5:9e:45:
75:3e:b8:24:06:0e:59:1a:10:45:0b:0b:4a:f7:10:
74:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A2:E5:9D:92:2C:65:C9:92:E3:6A:90:55:19:B3:A7:B1:97:03:92
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
08:6d:02:33:27:f0:66:9a:85:25:c2:9f:78:1b:f7:2e:c5:0b:
bf:d0:cd:19:a1:31:a8:21:83:7e:8b:3b:89:7e:5c:a2:9e:33:
36:bd:ab:73:c1:d4:51:82:c3:76:c0:e8:a9:b0:82:cf:dd:2a:
48:76:58:1a:88:d4:0d:7f:b7:4e:2e:04:13:82:f7:c1:5c:47:
08:c4:82:16:d9:71:32:e0:6c:2c:54:ad:14:30:c4:ea:32:20:
a3:10:0a:ae:a7:2a:d8:23:b3:04:36:1b:6a:ef:c0:a0:15:d2:
68:f3:3b:a6:9d:67:1f:27:b2:af:b1:fa:aa:01:c2:32:5c:1a:
4b:56:07:a3:b2:18:c5:55:0d:77:3d:5b:36:64:5e:a5:c0:d5:
79:17:05:5a:de:66:d3:ae:69:32:c5:78:0e:28:22:b3:98:af:
df:35:c1:be:90:24:cc:28:3f:78:3d:21:3e:a5:d8:61:b8:59:
de:58:3b:9a:d3:51:bc:7e:a6:e0:30:6a:03:31:fd:45:dc:cf:
af:73:27:a1:94:20:a4:a7:a3:1f:a6:3f:db:c3:7e:2f:b9:c7:
eb:8d:47:8f:80:fe:38:95:ae:98:50:80:76:14:c9:1a:3b:b7:
f6:2f:3f:f1:8d:9b:12:68:a2:94:9f:26:3d:be:cf:2f:69:0f:
05:fe:bf:20
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUbLEBUKYwbduaqzVOXMENDIY9KAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMTExMTExNDBaFw0yNjAzMTAxMTE2NDBaMDMxMTAvBgNV
BAMTKEExQTJFNTlEOTIyQzY1Qzk5MkUzNkE5MDU1MTlCM0E3QjE5NzAzOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3iBExTaBzhea7scAobkIrLOWz
gExHuuZew1JLNjcQ+g9zizkDNMAlImUhVBUZArU4ab/OvU6ebQ91NIkNWcMHqo/U
1P6fD1slFQIyetoQhKio7bbIVzSGd+60stXVgE6PPW6K3nnLoFOZO9IBg5N2WMnp
EE425dNsGSa6AYY9NCYct7/HdEpvdDlWGlfQcOlr4Q7ofZ9S+GW8AAw6U7LYMkjb
SVg3QU4oEj2o6nDlMHggk08XA3jW/i9Qvunx/rzFuEUGUrp8GsYtSQs/c8O/6JY4
YJrudORbX1k6FhXS43cVtx1Yxfb8osYCQeWeRXU+uCQGDlkaEEULC0r3EHSfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUoaLlnZIsZcmS42qQVRmzp7GXA5IwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALms
rDANBgkqhkiG9w0BAQsFAAOCAQEACG0CMyfwZpqFJcKfeBv3LsULv9DNGaExqCGD
fos7iX5cop4zNr2rc8HUUYLDdsDoqbCCz90qSHZYGojUDX+3Ti4EE4L3wVxHCMSC
FtlxMuBsLFStFDDE6jIgoxAKrqcq2COzBDYbau/AoBXSaPM7pp1nHyeyr7H6qgHC
MlwaS1YHo7IYxVUNdz1bNmRepcDVeRcFWt5m065pMsV4Digis5iv3zXBvpAkzCg/
eD0hPqXYYbhZ3lg7mtNRvH6m4DBqAzH9RdzPr3MnoZQgpKejH6Y/28N+L7nH641H
j4D+OJWumFCAdhTJGju39i8/8Y2bEmiilJ8mPb7PL2kPBf6/IA==
-----END CERTIFICATE-----
Generated at Tue May 13 06:27:08 2025 by rpki-client