Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32332d3234203d3e20383334.roa
File: 38352e3131372e3232382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: 9qna5lHSNV2Krgu+vRTeRhfuCX0EoXO0xgtWYmAK8io=
Subject key identifier: 17:B2:E5:41:60:DD:23:CA:BE:5A:BC:8E:4F:86:4E:C8:12:10:EA:75
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0250C7E9078934F617CE20C5B384E57715D656E3
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32332d3234203d3e20383334.roa
Signing time: Tue 11 Feb 2025 00:02:13 +0000
ROA not before: Mon 10 Feb 2025 23:57:13 +0000
ROA not after: Tue 10 Feb 2026 00:02:13 +0000
asID: 834
IP address blocks: 85.117.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 23:21:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:50:c7:e9:07:89:34:f6:17:ce:20:c5:b3:84:e5:77:15:d6:56:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Feb 10 23:57:13 2025 GMT
Not After : Feb 10 00:02:13 2026 GMT
Subject: CN=17B2E54160DD23CABE5ABC8E4F864EC81210EA75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b1:3e:da:a9:2e:1d:92:e1:da:06:b2:b3:02:
f1:aa:1d:d9:0a:46:db:02:a1:15:57:a1:f2:be:96:
f7:92:ba:d6:9b:73:c9:fc:a2:fe:1d:8d:61:24:35:
13:70:8b:b3:a0:36:66:fc:75:1d:35:c8:88:03:77:
7f:1a:c5:07:4c:89:40:f9:95:92:90:e2:d1:db:b2:
a8:f6:a1:5e:e0:75:ab:36:33:86:7c:63:9d:75:a3:
e0:7d:41:f4:5f:3c:a2:49:4a:12:95:42:cd:24:f2:
84:fe:fb:5f:c3:85:8e:f6:20:f2:6d:5b:df:3c:74:
b0:5c:b7:82:30:29:e5:b7:55:37:54:33:ee:5a:9f:
be:8f:cd:58:e4:f9:e8:6c:32:5f:2a:9e:7f:14:7b:
59:0c:74:ef:9d:46:f5:87:d2:01:47:f8:c0:5f:48:
8b:73:0a:23:4a:6b:37:6d:6e:3f:2b:79:fd:c5:da:
18:06:c9:46:6a:13:47:a5:89:bb:4d:9d:1c:c5:85:
2a:99:c2:86:8f:e4:67:26:d2:c7:b5:a6:bb:cf:88:
f8:54:3c:fb:02:bb:66:6e:fe:e1:a3:50:4f:3b:29:
79:f3:22:34:8b:53:87:88:91:ed:8b:b5:22:55:39:
69:d6:5b:d3:f9:91:2f:43:fb:67:4d:ae:e9:c1:f9:
c1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B2:E5:41:60:DD:23:CA:BE:5A:BC:8E:4F:86:4E:C8:12:10:EA:75
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.228.0/23
Signature Algorithm: sha256WithRSAEncryption
83:db:be:3d:82:b8:dd:d5:74:d6:72:ee:e6:88:df:33:ac:7a:
70:69:b3:54:07:62:8a:1f:45:4e:72:01:ee:01:6d:77:c9:38:
9a:b4:cb:04:37:52:d9:4a:ff:ff:59:98:65:75:c7:e3:bf:3b:
96:d3:1b:fa:06:9c:2b:e7:6c:9d:f3:09:5c:f4:47:b1:4b:65:
68:bf:20:0d:d9:f3:48:f8:bc:01:7b:69:ff:94:77:96:6d:7a:
ee:19:25:fd:57:4f:a4:7c:15:16:8c:04:9c:dc:00:8f:1c:70:
80:87:3a:3d:40:45:a6:b3:c6:79:62:17:9d:1b:5d:e5:87:79:
ed:51:4a:92:e9:e5:90:34:28:f3:fb:a3:4c:01:74:86:b0:5c:
cf:a7:8e:b8:f0:1f:54:5c:52:65:ab:ac:2a:55:0a:2a:b1:7e:
f7:bb:8e:81:0b:64:cf:85:16:85:05:47:b4:6a:68:4a:64:ad:
cf:d8:0a:fe:2c:b0:75:39:7f:14:5c:42:f1:b1:9d:9a:a7:5d:
88:cd:58:f6:9a:fc:9d:87:2f:04:8d:ca:68:4d:16:34:19:60:
de:76:64:5c:c1:b9:36:91:73:73:f6:24:14:f1:ba:91:13:b1:
7b:3b:34:8c:03:20:89:b6:82:56:e1:b5:f3:a7:73:fb:90:4d:
a4:04:e6:67
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUAlDH6QeJNPYXziDFs4TldxXWVuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAyMTAyMzU3MTNaFw0yNjAyMTAwMDAyMTNaMDMxMTAvBgNV
BAMTKDE3QjJFNTQxNjBERDIzQ0FCRTVBQkM4RTRGODY0RUM4MTIxMEVBNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzsT7aqS4dkuHaBrKzAvGqHdkK
RtsCoRVXofK+lveSutabc8n8ov4djWEkNRNwi7OgNmb8dR01yIgDd38axQdMiUD5
lZKQ4tHbsqj2oV7gdas2M4Z8Y511o+B9QfRfPKJJShKVQs0k8oT++1/DhY72IPJt
W988dLBct4IwKeW3VTdUM+5an76PzVjk+ehsMl8qnn8Ue1kMdO+dRvWH0gFH+MBf
SItzCiNKazdtbj8ref3F2hgGyUZqE0elibtNnRzFhSqZwoaP5Gcm0se1prvPiPhU
PPsCu2Zu/uGjUE87KXnzIjSLU4eIke2LtSJVOWnWW9P5kS9D+2dNrunB+cHVAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUF7LlQWDdI8q+WryOT4ZOyBIQ6nUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMy
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFVdeQw
DQYJKoZIhvcNAQELBQADggEBAIPbvj2CuN3VdNZy7uaI3zOsenBps1QHYoofRU5y
Ae4BbXfJOJq0ywQ3UtlK//9ZmGV1x+O/O5bTG/oGnCvnbJ3zCVz0R7FLZWi/IA3Z
80j4vAF7af+Ud5Zteu4ZJf1XT6R8FRaMBJzcAI8ccICHOj1ARaazxnliF50bXeWH
ee1RSpLp5ZA0KPP7o0wBdIawXM+njrjwH1RcUmWrrCpVCiqxfve7joELZM+FFoUF
R7RqaEpkrc/YCv4ssHU5fxRcQvGxnZqnXYjNWPaa/J2HLwSNymhNFjQZYN52ZFzB
uTaRc3P2JBTxupETsXs7NIwDIIm2glbhtfOnc/uQTaQE5mc=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:00:07 2025 by rpki-client