Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32342d3234203d3e20383334.roa
File: 38352e3131372e3232382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 6S90bDNLou5tRSPL2yuBNqcftsvuKGIOVqwF5fPpgTo=
Subject key identifier: 94:43:CF:28:4E:6D:FC:F6:9E:52:20:3D:D8:AF:F4:3A:A7:69:44:DE
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0A4702E583F5E1D2B8A646363BC7E3343CAA7BCE
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32342d3234203d3e20383334.roa
Signing time: Wed 12 Mar 2025 00:01:53 +0000
ROA not before: Tue 11 Mar 2025 23:56:53 +0000
ROA not after: Wed 11 Mar 2026 00:01:53 +0000
asID: 834
IP address blocks: 85.117.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 11:27:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:47:02:e5:83:f5:e1:d2:b8:a6:46:36:3b:c7:e3:34:3c:aa:7b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 11 23:56:53 2025 GMT
Not After : Mar 11 00:01:53 2026 GMT
Subject: CN=9443CF284E6DFCF69E52203DD8AFF43AA76944DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:65:c7:ef:74:22:47:f9:e1:b9:2e:bc:00:f8:
e0:82:df:db:f5:c8:30:9a:ec:c3:7f:61:2a:9a:db:
78:44:5c:d6:ad:71:a6:50:82:80:d3:48:fd:16:6d:
7c:64:f2:61:24:e6:6f:46:c1:7a:9b:d2:0e:7a:6d:
b2:02:82:81:67:1b:25:6d:38:29:c3:39:89:50:e8:
72:6d:9c:dd:f8:f0:af:50:cd:1b:af:be:2d:ca:e1:
fb:d7:68:80:4b:0d:cd:b9:bc:04:1d:8d:53:90:84:
cf:bd:c4:38:30:a2:49:11:be:d7:0e:25:31:77:68:
a4:98:de:70:59:f0:e0:8b:b3:9c:72:da:db:3c:e5:
a1:11:3a:3a:45:3b:54:97:0e:eb:71:42:d3:69:87:
25:e2:87:ff:bf:f2:86:4b:a2:86:4e:36:08:6c:e4:
28:0a:93:65:5c:2a:11:cc:12:54:2e:70:ac:15:28:
fc:4e:19:1f:0f:c8:88:5f:d7:dc:c8:ff:db:58:04:
b3:b6:d1:1c:04:79:71:e7:38:20:8a:83:ee:fd:5d:
ce:d8:b3:40:b3:1b:8b:d6:9e:90:1c:b6:19:48:14:
ba:44:0a:de:5d:2c:7d:22:80:88:2f:a1:5d:fc:16:
b9:81:1c:8b:8e:fc:68:92:c8:3e:7c:75:50:29:9b:
5a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:43:CF:28:4E:6D:FC:F6:9E:52:20:3D:D8:AF:F4:3A:A7:69:44:DE
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.228.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:01:ba:39:6a:c5:9a:df:5b:bc:e8:8b:53:d6:cc:e2:d0:e8:
7f:0b:f9:19:25:e7:a4:fb:7a:e5:3d:d0:27:c3:d7:67:81:99:
f2:af:1c:df:63:c7:29:57:92:fd:5c:37:70:88:f7:6a:d2:c4:
b8:04:14:33:b7:2d:38:d4:a6:aa:23:d2:99:ec:0c:bf:c4:77:
aa:f5:db:f2:46:65:64:03:73:88:47:57:1d:34:4c:7f:2e:10:
85:f2:07:1b:53:6c:22:7e:1d:4b:24:df:eb:a3:7f:de:a4:aa:
e5:d1:0d:fe:bd:46:fc:ce:1f:37:db:57:5d:fc:1d:62:eb:64:
16:0b:48:b8:ef:05:b6:1a:fc:28:61:b2:d5:c9:46:b6:53:33:
ff:97:99:f5:09:e6:13:d7:6b:ae:70:eb:0f:73:90:f5:f4:40:
80:1f:a9:fc:b2:d4:bf:16:86:90:9a:61:0c:67:7c:aa:14:4d:
dc:a4:0a:fc:90:9b:03:4c:3a:ef:c4:6a:e8:60:ff:24:7b:d0:
a8:87:96:e9:ff:fe:64:aa:d3:17:b0:1f:11:a0:f8:98:72:61:
a3:62:13:45:68:23:65:2d:e9:89:7f:20:cf:bf:56:84:45:18:
97:7b:07:ae:ed:7f:84:4d:4b:ce:75:07:7f:fa:f1:77:b8:52:
32:cc:bb:97
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUCkcC5YP14dK4pkY2O8fjNDyqe84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAzMTEyMzU2NTNaFw0yNjAzMTEwMDAxNTNaMDMxMTAvBgNV
BAMTKDk0NDNDRjI4NEU2REZDRjY5RTUyMjAzREQ4QUZGNDNBQTc2OTQ0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDZcfvdCJH+eG5LrwA+OCC39v1
yDCa7MN/YSqa23hEXNatcaZQgoDTSP0WbXxk8mEk5m9GwXqb0g56bbICgoFnGyVt
OCnDOYlQ6HJtnN348K9QzRuvvi3K4fvXaIBLDc25vAQdjVOQhM+9xDgwokkRvtcO
JTF3aKSY3nBZ8OCLs5xy2ts85aEROjpFO1SXDutxQtNphyXih/+/8oZLooZONghs
5CgKk2VcKhHMElQucKwVKPxOGR8PyIhf19zI/9tYBLO20RwEeXHnOCCKg+79Xc7Y
s0CzG4vWnpActhlIFLpECt5dLH0igIgvoV38FrmBHIuO/GiSyD58dVApm1oJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUlEPPKE5t/PaeUiA92K/0OqdpRN4wHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVdeQw
DQYJKoZIhvcNAQELBQADggEBAB8BujlqxZrfW7zoi1PWzOLQ6H8L+Rkl56T7euU9
0CfD12eBmfKvHN9jxylXkv1cN3CI92rSxLgEFDO3LTjUpqoj0pnsDL/Ed6r12/JG
ZWQDc4hHVx00TH8uEIXyBxtTbCJ+HUsk3+ujf96kquXRDf69RvzOHzfbV138HWLr
ZBYLSLjvBbYa/ChhstXJRrZTM/+XmfUJ5hPXa65w6w9zkPX0QIAfqfyy1L8WhpCa
YQxnfKoUTdykCvyQmwNMOu/Eauhg/yR70KiHlun//mSq0xewHxGg+JhyYaNiE0Vo
I2Ut6Yl/IM+/VoRFGJd7B67tf4RNS851B3/68Xe4UjLMu5c=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:58:00 2025 by rpki-client