Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234382e302f32342d3234203d3e20383334.roa
File: 37382e33312e3234382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: oXNzNznN8/eiVsEEaF8QJRTCW7I6G9QQMwAB3uZYkN0=
Subject key identifier: AF:C7:0F:B1:0C:66:38:8E:ED:81:3F:D2:9D:48:32:6D:F2:BA:69:29
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 03C416350E6B754378A389061D32F9675BC7855F
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234382e302f32342d3234203d3e20383334.roa
Signing time: Wed 20 Aug 2025 11:34:08 +0000
ROA not before: Wed 20 Aug 2025 11:29:08 +0000
ROA not after: Wed 19 Aug 2026 11:34:08 +0000
asID: 834
IP address blocks: 78.31.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Aug 2025 07:27:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c4:16:35:0e:6b:75:43:78:a3:89:06:1d:32:f9:67:5b:c7:85:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Aug 20 11:29:08 2025 GMT
Not After : Aug 19 11:34:08 2026 GMT
Subject: CN=AFC70FB10C66388EED813FD29D48326DF2BA6929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:83:36:a6:89:1d:53:29:69:e7:8c:fa:ab:dd:
78:83:d6:ff:af:96:6e:69:ef:87:7f:51:ec:a0:02:
d6:fc:ab:69:7f:be:9a:2b:3a:3b:46:c2:27:28:a7:
6b:00:6b:88:ec:f4:62:69:01:c1:cd:c1:f8:d3:68:
1e:cd:35:09:29:ac:25:b0:9a:40:5b:29:d2:6e:ed:
92:30:ec:21:08:5e:c8:b9:a7:44:27:dc:de:87:24:
86:73:55:79:83:cf:fd:c8:5c:8f:53:58:29:c6:97:
c1:51:0b:a4:e6:40:b8:8f:ae:5e:99:d1:65:0d:83:
c5:df:8b:eb:23:85:4e:1f:17:46:3e:e1:9a:0b:33:
af:73:c3:ab:0a:b7:ca:58:6a:f6:ab:76:60:c0:6d:
35:4d:4b:87:68:dc:1a:c1:de:c0:2e:c0:35:8b:c6:
bc:bf:67:f6:ba:de:e7:84:3d:9c:82:66:9b:3a:c7:
5a:d9:f6:66:9f:d2:bb:e5:c9:08:d0:bf:b2:47:63:
3d:8c:d3:cf:8c:a4:85:1a:6c:68:5d:3a:9f:64:b9:
65:8e:2f:4c:9d:05:ba:0e:5b:34:84:3c:4b:f9:e2:
2f:75:92:a8:40:d9:fc:50:44:de:6c:72:cc:21:cb:
a6:ba:8a:6c:d4:f6:b9:15:fa:b9:75:93:f2:5a:f6:
6a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C7:0F:B1:0C:66:38:8E:ED:81:3F:D2:9D:48:32:6D:F2:BA:69:29
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/37382e33312e3234382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.248.0/24
Signature Algorithm: sha256WithRSAEncryption
65:03:ad:20:94:77:62:6f:e3:03:3e:5d:4a:64:b6:76:6c:e0:
c8:9b:2a:9e:b1:8a:b6:8c:10:2c:e4:4a:de:ed:05:05:a0:cd:
56:5e:c1:e6:2a:b2:71:39:90:b6:b1:ca:a7:6e:ce:07:a8:ea:
0d:ad:01:0e:66:35:1d:82:4f:eb:ce:92:fc:66:68:13:bc:8d:
a4:62:3e:af:6e:8d:88:87:d8:64:be:4a:d9:8e:1d:9d:db:69:
7a:97:37:82:bf:81:24:af:97:33:24:73:8d:fd:d3:c9:01:0f:
6a:f0:95:4a:87:c8:20:76:e9:d7:e7:d6:05:f5:f6:e5:6a:67:
58:18:ec:3a:ee:a6:4a:d2:03:c7:b8:95:56:18:7a:0f:3f:cf:
62:63:bd:e9:c8:f7:9a:34:98:a0:44:b8:28:c4:6e:2a:17:8a:
c3:1e:f4:27:c7:e5:33:a5:3b:19:86:79:0a:cd:d9:8a:18:4f:
ca:30:4a:b6:cf:f7:95:ec:76:89:5e:39:e3:17:72:eb:d1:5b:
d1:64:2c:38:a5:36:0f:02:ea:42:ed:03:e8:f9:30:fc:b9:aa:
56:e8:4d:ec:1e:8b:42:6b:e8:83:d3:1c:95:74:6d:e7:b1:22:
1c:b3:01:49:11:1e:0a:91:35:bc:d1:2f:ab:ab:86:e9:26:b1:
86:4d:42:6b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUA8QWNQ5rdUN4o4kGHTL5Z1vHhV8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA4MjAxMTI5MDhaFw0yNjA4MTkxMTM0MDhaMDMxMTAvBgNV
BAMTKEFGQzcwRkIxMEM2NjM4OEVFRDgxM0ZEMjlENDgzMjZERjJCQTY5MjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsgzamiR1TKWnnjPqr3XiD1v+v
lm5p74d/UeygAtb8q2l/vporOjtGwicop2sAa4js9GJpAcHNwfjTaB7NNQkprCWw
mkBbKdJu7ZIw7CEIXsi5p0Qn3N6HJIZzVXmDz/3IXI9TWCnGl8FRC6TmQLiPrl6Z
0WUNg8Xfi+sjhU4fF0Y+4ZoLM69zw6sKt8pYavardmDAbTVNS4do3BrB3sAuwDWL
xry/Z/a63ueEPZyCZps6x1rZ9maf0rvlyQjQv7JHYz2M08+MpIUabGhdOp9kuWWO
L0ydBboOWzSEPEv54i91kqhA2fxQRN5scswhy6a6imzU9rkV+rl1k/Ja9mp7AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUr8cPsQxmOI7tgT/SnUgybfK6aSkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzczODJlMzMzMTJlMzIzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATh/4MA0G
CSqGSIb3DQEBCwUAA4IBAQBlA60glHdib+MDPl1KZLZ2bODImyqesYq2jBAs5Ere
7QUFoM1WXsHmKrJxOZC2scqnbs4HqOoNrQEOZjUdgk/rzpL8ZmgTvI2kYj6vbo2I
h9hkvkrZjh2d22l6lzeCv4Ekr5czJHON/dPJAQ9q8JVKh8ggdunX59YF9fblamdY
GOw67qZK0gPHuJVWGHoPP89iY73pyPeaNJigRLgoxG4qF4rDHvQnx+UzpTsZhnkK
zdmKGE/KMEq2z/eV7HaJXjnjF3Lr0VvRZCw4pTYPAupC7QPo+TD8uapW6E3sHotC
a+iD0xyVdG3nsSIcswFJER4KkTW80S+rq4bpJrGGTUJr
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:14:29 2025 by rpki-client