Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/38342e35342e302e302f32332d3234203d3e20313938333736.roa
File: 38342e35342e302e302f32332d3234203d3e20313938333736.roa (raw, json)
Hash identifier: a1rS/rcQRikh/XZAomoGCDBGvxE5MlAXJb+9GpsR32Q=
Subject key identifier: D6:E3:0A:FF:EB:F6:0E:B9:BB:31:B8:94:E4:58:0F:84:AE:62:D5:E1
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 3478B4E1B27876AB32CFC08EE8580ED7CBCDA576
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/38342e35342e302e302f32332d3234203d3e20313938333736.roa
Signing time: Wed 15 Jan 2025 14:42:10 +0000
ROA not before: Wed 15 Jan 2025 14:37:10 +0000
ROA not after: Wed 14 Jan 2026 14:42:10 +0000
asID: 198376
IP address blocks: 84.54.0.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 16:37:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:78:b4:e1:b2:78:76:ab:32:cf:c0:8e:e8:58:0e:d7:cb:cd:a5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 15 14:37:10 2025 GMT
Not After : Jan 14 14:42:10 2026 GMT
Subject: CN=D6E30AFFEBF60EB9BB31B894E4580F84AE62D5E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f5:28:41:5d:cd:b0:6e:40:b9:e1:b4:8a:12:
37:1c:b0:66:0e:87:ad:b4:51:a6:14:d8:9a:a7:d7:
7d:24:c5:45:7e:1a:8d:07:2e:23:f0:d5:b9:76:44:
cc:94:e3:8c:4e:fc:f7:bb:b8:95:5c:41:d4:e9:c4:
fe:2f:f2:57:9c:b3:da:ae:f2:2e:17:c6:3c:7b:af:
24:1e:de:f6:d3:66:42:87:b8:5d:86:a0:b1:61:dd:
63:63:cf:4b:a4:e4:40:72:9e:f1:9d:ad:21:40:7e:
5b:0c:b4:63:5b:ed:5c:f8:bb:e6:41:50:5d:7d:f0:
a6:5f:43:17:75:1c:2e:10:05:15:96:84:1e:a9:88:
be:c3:70:ad:af:1e:70:d1:8b:26:02:d5:14:31:e1:
c4:ef:0a:2e:11:f4:fb:85:12:7f:e9:39:2e:19:52:
9e:56:e5:1c:e8:c3:06:a3:e3:44:a7:e6:ec:c9:f2:
2d:78:04:4c:77:f0:5a:70:5a:df:7b:75:9b:ee:3f:
75:7b:17:01:73:1f:b5:15:1b:df:f9:81:09:e6:06:
49:e5:aa:2d:b8:5d:3e:2d:7f:ed:95:70:11:71:91:
48:8d:3d:de:80:94:18:60:19:99:ad:bf:87:49:b0:
9f:41:3b:13:c9:0b:e1:c1:d8:3b:15:ef:61:35:de:
1a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E3:0A:FF:EB:F6:0E:B9:BB:31:B8:94:E4:58:0F:84:AE:62:D5:E1
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/38342e35342e302e302f32332d3234203d3e20313938333736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/23
Signature Algorithm: sha256WithRSAEncryption
04:8a:03:7b:62:60:5c:e3:ff:9b:6f:6e:d8:ef:fe:70:64:1d:
2f:f1:aa:86:e8:2b:e6:93:d5:ae:9e:b4:42:6f:f9:82:c6:32:
a0:4a:ff:3e:ab:98:ce:3c:31:a4:12:d5:b7:1a:62:91:9f:54:
32:71:56:f2:84:1d:6d:45:5d:c5:32:7a:88:63:e3:4e:32:eb:
c9:89:18:0b:6d:22:a4:4e:f9:96:18:55:70:b8:f9:d0:da:f9:
ad:ce:a0:d8:5b:2a:d0:67:ad:dc:3e:d3:43:db:80:fa:19:bf:
b6:92:52:58:dd:1c:3b:6c:8f:b1:b4:d6:a3:32:5e:e4:6f:7c:
f5:2a:a9:bf:52:65:2f:ab:07:12:d7:34:7d:6e:42:53:ac:ea:
5e:85:3d:72:5a:03:00:39:ee:6c:14:8a:b4:89:71:f5:3b:3e:
e1:8b:a0:1f:02:02:42:c3:25:d4:a6:1d:c3:ee:50:ed:61:42:
20:54:63:9b:dd:06:96:71:a1:e9:e8:7a:43:48:a7:67:98:36:
ae:45:41:a1:51:9b:83:3e:de:68:fd:1c:98:7a:47:55:a4:76:
42:3f:eb:c6:7b:9c:00:fd:3c:6d:a5:a7:2f:74:86:8e:63:37:
f6:23:69:bf:91:94:45:df:30:23:63:92:55:4b:9d:8f:9a:96:
a8:85:02:a5
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUNHi04bJ4dqsyz8CO6FgO18vNpXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMTUxNDM3MTBaFw0yNjAxMTQxNDQyMTBaMDMxMTAvBgNV
BAMTKEQ2RTMwQUZGRUJGNjBFQjlCQjMxQjg5NEU0NTgwRjg0QUU2MkQ1RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb9ShBXc2wbkC54bSKEjccsGYO
h620UaYU2Jqn130kxUV+Go0HLiPw1bl2RMyU44xO/Pe7uJVcQdTpxP4v8lecs9qu
8i4Xxjx7ryQe3vbTZkKHuF2GoLFh3WNjz0uk5EBynvGdrSFAflsMtGNb7Vz4u+ZB
UF198KZfQxd1HC4QBRWWhB6piL7DcK2vHnDRiyYC1RQx4cTvCi4R9PuFEn/pOS4Z
Up5W5Rzowwaj40Sn5uzJ8i14BEx38FpwWt97dZvuP3V7FwFzH7UVG9/5gQnmBknl
qi24XT4tf+2VcBFxkUiNPd6AlBhgGZmtv4dJsJ9BOxPJC+HB2DsV72E13hpDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU1uMK/+v2Drm7MbiU5FgPhK5i1eEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEt
OWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0ODkzLzAvMzgzNDJlMzUzNDJlMzAyZTMw
MmYzMjMzMmQzMjM0MjAzZDNlMjAzMTM5MzgzMzM3MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFUNgAw
DQYJKoZIhvcNAQELBQADggEBAASKA3tiYFzj/5tvbtjv/nBkHS/xqoboK+aT1a6e
tEJv+YLGMqBK/z6rmM48MaQS1bcaYpGfVDJxVvKEHW1FXcUyeohj404y68mJGAtt
IqRO+ZYYVXC4+dDa+a3OoNhbKtBnrdw+00PbgPoZv7aSUljdHDtsj7G01qMyXuRv
fPUqqb9SZS+rBxLXNH1uQlOs6l6FPXJaAwA57mwUirSJcfU7PuGLoB8CAkLDJdSm
HcPuUO1hQiBUY5vdBpZxoenoekNIp2eYNq5FQaFRm4M+3mj9HJh6R1WkdkI/68Z7
nAD9PG2lpy90ho5jN/Yjab+RlEXfMCNjklVLnY+alqiFAqU=
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:56:14 2025 by rpki-client