Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20383334.roa
File: 3138352e3231332e3234392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 0iwHwgo0Dyv9GgKah9nRYZCtcWqODp6ie0fc5U49g54=
Subject key identifier: 51:44:51:DA:81:D9:98:E7:F6:87:DF:EB:4C:74:3C:95:83:10:07:25
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0EE734514089E902A6917F0190D00CAA753D2D57
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20383334.roa
Signing time: Sat 08 Mar 2025 00:02:33 +0000
ROA not before: Fri 07 Mar 2025 23:57:33 +0000
ROA not after: Sat 07 Mar 2026 00:02:33 +0000
asID: 834
IP address blocks: 185.213.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 15 Mar 2025 07:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:e7:34:51:40:89:e9:02:a6:91:7f:01:90:d0:0c:aa:75:3d:2d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 7 23:57:33 2025 GMT
Not After : Mar 7 00:02:33 2026 GMT
Subject: CN=514451DA81D998E7F687DFEB4C743C9583100725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5f:8d:ac:0d:ba:c5:b3:7b:0e:33:5e:c1:65:
fa:c7:dc:d3:c3:e0:be:aa:ad:b6:57:74:0e:16:92:
bf:fc:50:05:51:95:f7:77:5a:42:11:c3:72:e2:58:
2b:b7:14:c8:77:97:b6:89:f3:85:25:32:ee:a7:6c:
66:36:f2:7b:5f:29:65:1b:86:6a:3d:74:b5:5f:2e:
15:97:02:06:4c:15:3d:f8:c7:79:0f:9b:f4:fb:28:
51:2e:e9:b9:7a:bb:a9:20:21:87:55:cc:85:71:4a:
40:c6:23:b3:65:ff:bb:b3:79:2e:44:c5:b2:d3:52:
75:d0:64:25:f9:8e:2d:b1:bb:13:71:1d:db:75:8d:
0f:14:ac:18:59:da:1f:ba:ce:f9:52:d7:3a:cd:3d:
9e:15:1b:eb:19:cb:51:82:a0:de:aa:d1:bb:50:7b:
c7:76:8a:b2:95:a6:5b:99:3b:36:7f:ef:a2:8a:5f:
97:df:91:a1:07:20:9b:b2:fa:e3:f2:d8:33:31:7f:
dc:7e:20:bd:a1:1b:8c:22:b6:1a:ed:92:3a:2b:61:
10:d9:0a:57:30:e8:0f:71:cc:12:31:98:83:57:9a:
75:6e:a9:79:d8:0d:b0:98:cb:36:0d:d2:e5:95:b1:
0c:cd:10:d9:14:3d:b7:60:e9:da:de:4f:7d:a3:45:
b6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:44:51:DA:81:D9:98:E7:F6:87:DF:EB:4C:74:3C:95:83:10:07:25
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:70:92:51:f5:e7:1f:bf:f0:0d:2b:68:3a:2c:13:0c:1f:60:
6e:8d:98:75:7a:c5:38:28:38:32:5a:31:0d:e7:5a:24:8d:51:
e3:49:50:0b:38:d6:5a:13:54:66:7d:16:ad:d0:77:de:2a:59:
f0:6b:ca:29:f8:84:09:ab:d9:17:d2:84:42:2c:34:10:33:b9:
34:b7:fc:4f:d7:bf:da:89:13:1a:3e:69:18:9c:2c:c1:7d:18:
74:d9:c2:60:10:68:27:9b:71:c6:d3:74:46:d2:0c:8d:c6:9a:
d8:e3:70:50:98:8f:f4:59:7a:1d:01:55:8d:da:60:4f:24:f5:
d2:ad:d3:af:39:3f:bd:f3:c1:44:16:e3:0a:9a:40:b7:bf:0b:
68:a6:49:65:39:02:f6:0f:06:ae:59:b8:08:ce:05:9d:87:a2:
b7:75:31:41:c2:3f:67:b2:77:ac:91:b1:be:cf:7e:b4:c2:b4:
4c:7b:32:a9:18:d3:1f:89:4f:88:5d:59:63:32:56:b2:eb:b6:
fc:da:77:fa:5d:61:f2:ab:f5:56:f1:e3:78:d0:43:c8:69:06:
f0:45:33:a0:bc:0d:fa:ca:a7:c8:73:7a:21:b7:11:40:25:70:
1f:e5:1b:20:21:90:5d:ee:00:ad:f6:4d:47:c2:5d:85:46:be:
52:f9:a0:90
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDuc0UUCJ6QKmkX8BkNAMqnU9LVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAzMDcyMzU3MzNaFw0yNjAzMDcwMDAyMzNaMDMxMTAvBgNV
BAMTKDUxNDQ1MURBODFEOTk4RTdGNjg3REZFQjRDNzQzQzk1ODMxMDA3MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQX42sDbrFs3sOM17BZfrH3NPD
4L6qrbZXdA4Wkr/8UAVRlfd3WkIRw3LiWCu3FMh3l7aJ84UlMu6nbGY28ntfKWUb
hmo9dLVfLhWXAgZMFT34x3kPm/T7KFEu6bl6u6kgIYdVzIVxSkDGI7Nl/7uzeS5E
xbLTUnXQZCX5ji2xuxNxHdt1jQ8UrBhZ2h+6zvlS1zrNPZ4VG+sZy1GCoN6q0btQ
e8d2irKVpluZOzZ/76KKX5ffkaEHIJuy+uPy2DMxf9x+IL2hG4withrtkjorYRDZ
Clcw6A9xzBIxmINXmnVuqXnYDbCYyzYN0uWVsQzNENkUPbdg6dreT32jRbbzAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUUURR2oHZmOf2h9/rTHQ8lYMQByUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnV
+TANBgkqhkiG9w0BAQsFAAOCAQEAWnCSUfXnH7/wDStoOiwTDB9gbo2YdXrFOCg4
MloxDedaJI1R40lQCzjWWhNUZn0WrdB33ipZ8GvKKfiECavZF9KEQiw0EDO5NLf8
T9e/2okTGj5pGJwswX0YdNnCYBBoJ5txxtN0RtIMjcaa2ONwUJiP9Fl6HQFVjdpg
TyT10q3Trzk/vfPBRBbjCppAt78LaKZJZTkC9g8Grlm4CM4FnYeit3UxQcI/Z7J3
rJGxvs9+tMK0THsyqRjTH4lPiF1ZYzJWsuu2/Np3+l1h8qv1VvHjeNBDyGkG8EUz
oLwN+sqnyHN6IbcRQCVwH+UbICGQXe4ArfZNR8JdhUa+UvmgkA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:45:22 2025 by rpki-client