Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20383334.roa
File: 3138352e3231332e3235302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: H3F7L0q8jrZNsEllaNF2uk41ZbnoF0PVXB/TwDtvvQc=
Subject key identifier: 17:86:2E:8A:09:45:28:91:35:AF:D4:4D:85:69:BE:5C:32:F6:A0:4B
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 43C9E8A19C87BB509A4632FA4FE76D863EC774DC
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20383334.roa
Signing time: Thu 13 Feb 2025 09:16:39 +0000
ROA not before: Thu 13 Feb 2025 09:11:39 +0000
ROA not after: Thu 12 Feb 2026 09:16:39 +0000
asID: 834
IP address blocks: 185.213.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 10:41:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c9:e8:a1:9c:87:bb:50:9a:46:32:fa:4f:e7:6d:86:3e:c7:74:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 13 09:11:39 2025 GMT
Not After : Feb 12 09:16:39 2026 GMT
Subject: CN=17862E8A0945289135AFD44D8569BE5C32F6A04B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:27:74:af:e6:d7:ac:0f:77:a8:a1:cc:41:a1:
99:46:b9:af:99:eb:0b:42:a7:37:26:64:64:b3:7f:
e1:94:b5:6d:19:23:4d:4d:15:7c:b4:e0:ea:aa:c5:
6c:17:ca:8d:6b:ca:e3:24:11:07:56:d5:42:89:dd:
c2:b0:a1:ba:30:5e:fe:0f:26:21:c1:bd:81:a0:29:
24:c3:9a:11:51:7f:52:34:f6:78:6e:2e:96:9d:fa:
ca:ac:36:b2:62:70:50:27:b6:05:29:f2:79:12:e9:
46:e4:f9:7c:37:07:6c:cd:e5:73:80:97:33:2e:87:
dd:0b:1f:2f:c9:f3:a7:0e:ad:1d:02:b0:4a:c2:76:
aa:a8:ac:43:50:84:75:f7:5b:23:ee:4d:c5:7e:74:
82:1a:0d:53:4f:4a:04:88:1d:df:3b:b6:85:03:46:
69:6e:89:31:63:74:51:27:c9:d1:50:95:8a:f2:3e:
98:92:09:1a:66:65:94:26:5a:2e:18:92:ae:86:e4:
7f:24:ff:ae:b8:fc:35:c5:87:d5:d2:2e:f6:42:37:
ec:72:7d:2d:47:4e:1c:4c:54:8d:f8:b4:48:2d:5a:
a5:f4:3d:94:2e:4c:01:e1:08:77:f8:0d:1f:67:92:
0a:30:3d:fc:fa:a7:e2:35:a4:8b:16:fe:2a:8b:4a:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:86:2E:8A:09:45:28:91:35:AF:D4:4D:85:69:BE:5C:32:F6:A0:4B
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.250.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a3:1b:4a:d4:74:66:70:ed:9b:45:06:c3:13:91:df:60:08:
a2:af:7a:e6:40:ac:00:b8:d9:a1:44:4b:af:19:db:d4:67:57:
27:a8:d5:b4:1c:fb:85:3a:5c:e5:c8:97:96:d1:9f:b8:bd:07:
15:ec:c9:c6:5a:5b:0d:6d:55:b1:2b:cf:20:d2:21:ed:36:d2:
41:8e:34:4d:ee:b9:21:77:e7:d2:a9:df:44:32:ea:b0:7c:44:
c7:3b:bf:2d:f7:1b:09:45:81:b4:07:84:ea:b2:b8:ff:2e:cc:
c4:2c:45:f0:e0:b5:69:a0:05:77:97:5f:c2:9b:f3:97:c7:30:
0c:a2:da:70:1f:6e:e7:e3:5a:6e:ad:86:db:b4:99:94:ff:2f:
5a:f8:0a:97:e8:f5:43:f5:82:c5:81:33:36:7e:09:00:c7:01:
b5:bf:84:91:1a:fd:78:9c:b3:f1:7e:94:9e:16:3e:55:70:bf:
74:45:64:ad:11:86:0b:57:d6:16:7d:55:cd:b2:87:34:69:fb:
2f:37:de:d9:2f:e0:53:2a:27:3e:0b:a6:91:af:12:15:2b:b9:
17:d3:91:19:2e:84:dd:0c:1d:79:39:af:bf:de:df:34:b4:93:
c2:61:ec:95:eb:f8:1b:95:c9:80:f9:d4:cc:de:58:55:55:9d:
d5:50:3a:89
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQ8nooZyHu1CaRjL6T+dthj7HdNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAyMTMwOTExMzlaFw0yNjAyMTIwOTE2MzlaMDMxMTAvBgNV
BAMTKDE3ODYyRThBMDk0NTI4OTEzNUFGRDQ0RDg1NjlCRTVDMzJGNkEwNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqJ3Sv5tesD3eoocxBoZlGua+Z
6wtCpzcmZGSzf+GUtW0ZI01NFXy04OqqxWwXyo1ryuMkEQdW1UKJ3cKwobowXv4P
JiHBvYGgKSTDmhFRf1I09nhuLpad+sqsNrJicFAntgUp8nkS6Ubk+Xw3B2zN5XOA
lzMuh90LHy/J86cOrR0CsErCdqqorENQhHX3WyPuTcV+dIIaDVNPSgSIHd87toUD
RmluiTFjdFEnydFQlYryPpiSCRpmZZQmWi4Ykq6G5H8k/664/DXFh9XSLvZCN+xy
fS1HThxMVI34tEgtWqX0PZQuTAHhCHf4DR9nkgowPfz6p+I1pIsW/iqLSudtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUF4YuiglFKJE1r9RNhWm+XDL2oEswHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnV
+jANBgkqhkiG9w0BAQsFAAOCAQEAUKMbStR0ZnDtm0UGwxOR32AIoq965kCsALjZ
oURLrxnb1GdXJ6jVtBz7hTpc5ciXltGfuL0HFezJxlpbDW1VsSvPINIh7TbSQY40
Te65IXfn0qnfRDLqsHxExzu/LfcbCUWBtAeE6rK4/y7MxCxF8OC1aaAFd5dfwpvz
l8cwDKLacB9u5+Nabq2G27SZlP8vWvgKl+j1Q/WCxYEzNn4JAMcBtb+EkRr9eJyz
8X6UnhY+VXC/dEVkrRGGC1fWFn1VzbKHNGn7Lzfe2S/gUyonPgumka8SFSu5F9OR
GS6E3QwdeTmvv97fNLSTwmHslev4G5XJgPnUzN5YVVWd1VA6iQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:10:20 2025 by rpki-client