Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32332d3234203d3e20383334.roa
File: 3138352e3231332e3235302e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: WEMAhyhInq3/Q1/ifKPvmaLr+09mJwnecyO7p/JRBbw=
Subject key identifier: 12:8F:57:A7:DB:32:0D:85:DE:FA:5A:5C:5D:33:25:2A:1D:D5:3F:4D
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 590A704FB587B65A39AF27C7BCBB2C71FD671C6E
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32332d3234203d3e20383334.roa
Signing time: Tue 11 Feb 2025 00:02:16 +0000
ROA not before: Mon 10 Feb 2025 23:57:16 +0000
ROA not after: Tue 10 Feb 2026 00:02:16 +0000
asID: 834
IP address blocks: 185.213.250.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 09:15:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:0a:70:4f:b5:87:b6:5a:39:af:27:c7:bc:bb:2c:71:fd:67:1c:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 10 23:57:16 2025 GMT
Not After : Feb 10 00:02:16 2026 GMT
Subject: CN=128F57A7DB320D85DEFA5A5C5D33252A1DD53F4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:72:e6:ff:cf:aa:ac:99:1b:c4:7f:6a:df:1a:
1c:5e:81:8d:96:84:9d:cd:4c:36:5a:e6:82:bd:53:
ee:f9:8a:bc:e6:5e:d3:cd:1c:eb:e7:a9:31:a2:52:
da:6d:7f:4d:c2:e0:e4:2d:ee:82:dc:8c:36:ab:7e:
60:1a:66:1d:fb:19:db:e0:19:76:24:43:f2:34:a0:
0f:52:c6:e8:e1:5c:67:fd:aa:9f:7f:7b:fd:92:70:
e2:e2:1e:05:35:f2:3d:65:10:94:dd:8b:95:2b:d9:
c6:f9:0b:9e:5c:0c:73:78:b6:b0:bf:ab:b7:ff:b0:
52:63:15:0e:a6:c2:06:e9:06:40:1d:ca:5f:45:e3:
74:d7:79:e0:4c:0e:23:2b:a8:e1:01:dc:69:2e:e9:
0d:9a:b0:2d:7f:4f:e6:81:54:36:f2:ed:f1:65:a1:
cc:71:3c:11:a1:2a:14:46:30:ae:57:21:a6:ce:77:
9b:ff:d9:57:2d:e7:25:4f:7d:f7:52:f7:05:85:c2:
62:ec:58:e3:0d:e2:b0:a4:fa:68:0d:4d:24:7f:6c:
96:67:59:79:8f:cb:d5:26:44:14:c3:ae:95:69:5e:
ed:55:f3:a7:b2:03:0d:5f:49:be:cc:30:7c:be:56:
70:03:f2:e5:d9:43:e5:32:5f:49:06:1d:e1:1c:da:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8F:57:A7:DB:32:0D:85:DE:FA:5A:5C:5D:33:25:2A:1D:D5:3F:4D
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.250.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:fe:f4:6a:81:57:bb:88:79:8b:f8:aa:d4:2b:65:dc:95:38:
7a:4f:29:95:1b:89:c8:08:cd:b2:e2:b7:b5:d3:fb:c8:bc:6b:
64:a9:23:f5:72:60:99:50:b7:70:5d:87:a6:dc:e2:52:85:63:
fd:2a:38:7e:09:63:d1:c4:8f:c7:70:77:5a:df:e9:81:6e:65:
47:49:0e:5a:44:80:4e:d1:9a:73:e7:c0:8a:b2:f1:17:9c:3d:
5f:12:0a:f4:4e:e5:27:bb:0c:59:f6:b6:94:c1:74:a6:21:6d:
78:ba:fd:3b:eb:34:9c:bb:2b:2c:22:33:ac:7a:3f:fa:b3:a1:
69:49:c9:e2:74:e3:ef:1f:50:30:d2:40:4f:2d:b7:f1:c2:96:
96:90:c7:8d:b0:3d:0d:05:fb:6c:2f:47:62:13:43:3e:b7:b8:
79:aa:fb:03:2e:34:43:3f:eb:0d:be:d6:37:f7:3f:7f:3b:70:
cf:f2:1b:e9:17:9e:cf:b8:c6:8c:db:b8:66:96:51:e5:2e:4d:
7e:60:e3:11:c5:5c:1b:f9:ab:dc:a8:d9:e9:a5:0f:ec:45:57:
70:ee:52:ea:c8:da:06:d9:a7:c7:7f:88:9d:be:bf:bf:8a:f5:
1c:c0:75:94:32:d7:cd:6a:06:0a:56:e0:44:5f:3a:b1:bc:cf:
76:24:96:c1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWQpwT7WHtlo5ryfHvLsscf1nHG4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAyMTAyMzU3MTZaFw0yNjAyMTAwMDAyMTZaMDMxMTAvBgNV
BAMTKDEyOEY1N0E3REIzMjBEODVERUZBNUE1QzVEMzMyNTJBMURENTNGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZcub/z6qsmRvEf2rfGhxegY2W
hJ3NTDZa5oK9U+75irzmXtPNHOvnqTGiUtptf03C4OQt7oLcjDarfmAaZh37Gdvg
GXYkQ/I0oA9SxujhXGf9qp9/e/2ScOLiHgU18j1lEJTdi5Ur2cb5C55cDHN4trC/
q7f/sFJjFQ6mwgbpBkAdyl9F43TXeeBMDiMrqOEB3Gku6Q2asC1/T+aBVDby7fFl
ocxxPBGhKhRGMK5XIabOd5v/2Vct5yVPffdS9wWFwmLsWOMN4rCk+mgNTSR/bJZn
WXmPy9UmRBTDrpVpXu1V86eyAw1fSb7MMHy+VnAD8uXZQ+UyX0kGHeEc2t/hAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEo9Xp9syDYXe+lpcXTMlKh3VP00wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnV
+jANBgkqhkiG9w0BAQsFAAOCAQEAG/70aoFXu4h5i/iq1Ctl3JU4ek8plRuJyAjN
suK3tdP7yLxrZKkj9XJgmVC3cF2HptziUoVj/So4fglj0cSPx3B3Wt/pgW5lR0kO
WkSATtGac+fAirLxF5w9XxIK9E7lJ7sMWfa2lMF0piFteLr9O+s0nLsrLCIzrHo/
+rOhaUnJ4nTj7x9QMNJATy238cKWlpDHjbA9DQX7bC9HYhNDPre4ear7Ay40Qz/r
Db7WN/c/fztwz/Ib6Reez7jGjNu4ZpZR5S5NfmDjEcVcG/mr3KjZ6aUP7EVXcO5S
6sjaBtmnx3+Inb6/v4r1HMB1lDLXzWoGClbgRF86sbzPdiSWwQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:42:43 2025 by rpki-client