Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/3133392e32382e34382e302f32332d3234203d3e20323132323338.roa
File: 3133392e32382e34382e302f32332d3234203d3e20323132323338.roa (raw, json)
Hash identifier: tAvrrxtPaYhZS7lNPb3iwE/vZvg+D+RxRcZc2fUStVM=
Subject key identifier: 30:25:77:B4:F5:A8:EC:80:02:E0:9B:66:5B:CA:8B:65:F6:A4:3F:96
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 737DEA06AFC7F53525C6A07F01549F6743D19C80
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/3133392e32382e34382e302f32332d3234203d3e20323132323338.roa
Signing time: Wed 15 Jan 2025 14:35:28 +0000
ROA not before: Wed 15 Jan 2025 14:30:28 +0000
ROA not after: Wed 14 Jan 2026 14:35:28 +0000
asID: 212238
IP address blocks: 139.28.48.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 16:37:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:7d:ea:06:af:c7:f5:35:25:c6:a0:7f:01:54:9f:67:43:d1:9c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 14:30:28 2025 GMT
Not After : Jan 14 14:35:28 2026 GMT
Subject: CN=302577B4F5A8EC8002E09B665BCA8B65F6A43F96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1c:6c:b5:74:78:16:56:b4:98:60:4a:49:26:
ff:4a:0b:79:d9:86:3e:30:76:a4:75:3d:ee:05:d3:
a9:e1:20:5d:39:90:e0:13:02:93:4f:5d:5e:32:92:
19:f4:9e:4b:7f:d5:73:70:24:36:d6:1a:d0:1f:4c:
3a:43:67:df:55:d0:67:1e:18:b5:a0:a5:c2:48:fb:
51:84:b2:d5:93:02:e7:6d:c4:4a:29:ca:20:e2:6d:
ac:3b:8d:65:f9:f2:e2:ce:59:4e:62:02:c6:39:30:
e8:b6:d7:4c:10:b9:37:d1:eb:aa:d4:6a:33:81:ee:
8b:ec:31:89:c8:ad:9d:ed:c0:3a:a0:a8:47:cd:b8:
03:60:5e:35:50:93:36:81:cc:f7:28:bb:9c:1a:7d:
f5:cc:f9:fd:ed:24:1c:e6:5f:85:f8:ca:ce:f3:e4:
4d:b9:01:a7:e7:b6:e6:74:5c:24:b3:fd:bc:97:66:
76:27:08:06:05:17:8b:21:fb:7c:28:04:83:8b:a8:
ed:fb:18:f8:19:78:60:dd:0c:04:49:45:90:de:b5:
e8:dc:4e:9f:b6:07:f6:9c:1a:60:a3:d5:91:9f:25:
15:fe:59:49:7f:19:11:09:13:b2:00:8c:a4:5a:7e:
d7:12:fe:d8:8e:04:23:5b:2f:43:7e:f0:e5:21:ee:
0b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:25:77:B4:F5:A8:EC:80:02:E0:9B:66:5B:CA:8B:65:F6:A4:3F:96
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/3133392e32382e34382e302f32332d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.48.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:e3:b3:c6:5c:2c:35:34:ae:c4:e5:88:f8:f9:65:a5:e7:1a:
32:c2:e1:d4:87:26:0d:4b:69:55:2c:c3:5e:c1:59:93:19:64:
ba:51:6a:06:66:09:f7:bf:a0:f6:b8:ea:dc:e9:ec:04:11:cd:
91:47:30:55:12:1b:29:51:56:28:8e:d4:7b:04:0e:ec:43:c2:
f1:45:ee:ff:e8:4b:4a:df:a1:34:3e:9b:1c:26:41:a8:74:3b:
67:f7:b5:58:22:c5:33:b6:9e:30:63:1f:19:b1:7f:fb:2a:69:
73:fe:03:58:1e:df:ec:aa:8d:e9:71:09:6f:42:58:69:9a:88:
5e:e7:5d:d4:fe:fe:cc:69:2b:d7:ab:76:44:7e:f7:75:a2:1d:
08:b7:f4:64:4c:ab:c1:be:ed:c1:70:7d:2e:b1:bb:a9:bb:b0:
5c:7c:c7:2e:72:15:67:e5:f1:a7:b2:50:21:b0:e7:5a:6c:1b:
81:df:6d:d2:f9:10:29:40:ee:ca:bd:ed:34:63:dd:66:1c:71:
1d:86:bf:0e:bf:93:5a:72:9b:fc:b4:26:73:6f:3a:0f:34:22:
2d:02:c8:a8:e0:5d:c1:b0:75:5c:35:ab:20:bf:bf:c3:38:8f:
f2:f5:71:3b:3d:24:0b:2f:c0:49:3b:4d:a8:52:3d:b1:50:49:
90:76:f6:31
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc33qBq/H9TUlxqB/AVSfZ0PRnIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNDMwMjhaFw0yNjAxMTQxNDM1MjhaMDMxMTAvBgNV
BAMTKDMwMjU3N0I0RjVBOEVDODAwMkUwOUI2NjVCQ0E4QjY1RjZBNDNGOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8HGy1dHgWVrSYYEpJJv9KC3nZ
hj4wdqR1Pe4F06nhIF05kOATApNPXV4ykhn0nkt/1XNwJDbWGtAfTDpDZ99V0Gce
GLWgpcJI+1GEstWTAudtxEopyiDibaw7jWX58uLOWU5iAsY5MOi210wQuTfR66rU
ajOB7ovsMYnIrZ3twDqgqEfNuANgXjVQkzaBzPcou5waffXM+f3tJBzmX4X4ys7z
5E25AafntuZ0XCSz/byXZnYnCAYFF4sh+3woBIOLqO37GPgZeGDdDARJRZDetejc
Tp+2B/acGmCj1ZGfJRX+WUl/GREJE7IAjKRaftcS/tiOBCNbL0N+8OUh7gszAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUMCV3tPWo7IAC4JtmW8qLZfakP5YwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEt
OWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0ODkzLzAvMzEzMzM5MmUzMjM4MmUzNDM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
ixwwMA0GCSqGSIb3DQEBCwUAA4IBAQAO47PGXCw1NK7E5Yj4+WWl5xoywuHUhyYN
S2lVLMNewVmTGWS6UWoGZgn3v6D2uOrc6ewEEc2RRzBVEhspUVYojtR7BA7sQ8Lx
Re7/6EtK36E0PpscJkGodDtn97VYIsUztp4wYx8ZsX/7Kmlz/gNYHt/sqo3pcQlv
Qlhpmohe513U/v7MaSvXq3ZEfvd1oh0It/RkTKvBvu3BcH0usbupu7BcfMcuchVn
5fGnslAhsOdabBuB323S+RApQO7Kve00Y91mHHEdhr8Ov5Nacpv8tCZzbzoPNCIt
Asio4F3BsHVcNasgv7/DOI/y9XE7PSQLL8BJO02oUj2xUEmQdvYx
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:09:35 2025 by rpki-client