Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32332d3233203d3e20383334.roa
File: 3231332e3135372e3132322e302f32332d3233203d3e20383334.roa (raw, json)
Hash identifier: hnKymvHR15X89gL1yhhUTqHiwPTrLxbVxe5TDKCU9go=
Subject key identifier: A8:B6:C6:4D:F6:20:AB:B5:54:98:25:E3:6F:23:4A:F3:D4:09:95:8C
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 1D4865362229CABD2025324B5AD1BD370571C95E
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32332d3233203d3e20383334.roa
Signing time: Sun 06 Apr 2025 10:07:48 +0000
ROA not before: Sun 06 Apr 2025 10:02:48 +0000
ROA not after: Sun 05 Apr 2026 10:07:48 +0000
asID: 834
IP address blocks: 213.157.122.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 11 Apr 2025 10:15:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:48:65:36:22:29:ca:bd:20:25:32:4b:5a:d1:bd:37:05:71:c9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Apr 6 10:02:48 2025 GMT
Not After : Apr 5 10:07:48 2026 GMT
Subject: CN=A8B6C64DF620ABB5549825E36F234AF3D409958C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:db:72:36:df:1f:53:fd:18:cb:26:bc:c8:
3a:91:af:bb:36:84:dd:0d:1f:3a:aa:c2:04:a2:78:
e7:44:f7:ce:0c:94:37:e4:df:b4:45:eb:87:a2:cc:
7a:1c:9f:82:c8:46:4b:cc:02:0a:fa:7c:c0:2a:38:
58:ac:b2:8a:bd:64:45:5c:5e:74:86:cc:6f:92:04:
54:50:ed:5d:45:07:4e:e6:ac:fe:a2:eb:ed:e7:8d:
79:de:2c:03:3c:72:92:e7:d1:dc:be:5e:32:8a:b1:
fc:78:5f:72:eb:8d:b8:fa:fc:a7:0f:da:7f:51:3a:
a8:aa:ee:df:80:ec:a3:4e:90:b0:92:d9:2a:76:88:
d0:72:d1:2d:74:18:e0:8c:a2:b3:b0:a6:b1:9b:a6:
74:d4:37:1d:c2:83:42:e0:a9:4d:36:2b:95:9c:da:
d1:5a:a3:e8:54:35:34:90:86:25:2f:0a:c6:49:48:
3b:e1:90:d1:11:21:54:48:0b:ba:34:ac:da:eb:5c:
36:fd:df:6c:fb:4a:56:59:f0:7a:07:5d:66:54:2f:
f0:d0:4c:4f:24:9c:d6:b8:ea:a3:cc:12:77:0a:e4:
e0:bb:36:9f:6f:7e:d7:2f:c7:6e:85:40:f4:eb:35:
ed:c1:a9:46:c6:f2:f3:29:fa:ed:3c:04:78:3b:6e:
35:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B6:C6:4D:F6:20:AB:B5:54:98:25:E3:6F:23:4A:F3:D4:09:95:8C
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132322e302f32332d3233203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.122.0/23
Signature Algorithm: sha256WithRSAEncryption
86:dd:8b:9e:65:db:4c:b6:a8:e3:1d:c7:c0:bd:fc:27:f9:39:
58:77:d4:4a:f3:af:77:4c:76:2c:46:4c:38:f8:74:51:da:44:
64:2a:5a:5f:96:ab:70:b7:00:96:dc:d3:2f:e6:ae:00:20:ad:
41:55:5d:d2:c2:20:1d:af:13:cd:39:95:40:55:8c:3e:e4:86:
e3:be:0c:e2:c9:5d:b1:d3:c0:48:53:38:82:e9:dc:72:82:e9:
bd:3b:db:40:aa:9a:ea:5e:21:71:23:69:76:27:30:90:2f:2e:
51:8d:df:7d:42:54:43:30:23:71:a7:34:6e:ef:2a:98:d9:d4:
7a:d9:d2:ff:b2:f2:ec:e9:b7:6a:93:a6:bc:e4:f5:f9:15:64:
c4:b7:a3:57:ad:dd:df:6d:9c:53:8d:50:b5:23:af:5d:3c:df:
ac:55:6f:22:0c:0f:6d:e5:b4:75:3a:68:9c:5d:e4:af:67:e0:
9b:62:2b:b9:f1:52:bc:16:9f:d3:4e:26:60:85:b9:b9:89:e2:
84:0a:78:51:49:97:25:c4:6e:73:4a:02:cb:d3:c0:0b:a4:7f:
57:52:c1:05:9a:bd:49:0d:d4:23:e0:d6:64:01:c8:26:d6:47:
4e:6c:33:bd:25:06:24:35:bd:41:6c:f1:a3:8d:78:41:c2:b0:
bf:e9:4d:bc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHUhlNiIpyr0gJTJLWtG9NwVxyV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNTA0MDYxMDAyNDhaFw0yNjA0MDUxMDA3NDhaMDMxMTAvBgNV
BAMTKEE4QjZDNjRERjYyMEFCQjU1NDk4MjVFMzZGMjM0QUYzRDQwOTk1OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6gttyNt8fU/0Yyya8yDqRr7s2
hN0NHzqqwgSieOdE984MlDfk37RF64eizHocn4LIRkvMAgr6fMAqOFissoq9ZEVc
XnSGzG+SBFRQ7V1FB07mrP6i6+3njXneLAM8cpLn0dy+XjKKsfx4X3Lrjbj6/KcP
2n9ROqiq7t+A7KNOkLCS2Sp2iNBy0S10GOCMorOwprGbpnTUNx3Cg0LgqU02K5Wc
2tFao+hUNTSQhiUvCsZJSDvhkNERIVRIC7o0rNrrXDb932z7SlZZ8HoHXWZUL/DQ
TE8knNa46qPMEncK5OC7Np9vftcvx26FQPTrNe3BqUbG8vMp+u08BHg7bjWrAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqLbGTfYgq7VUmCXjbyNK89QJlYwwHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzIzMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdWd
ejANBgkqhkiG9w0BAQsFAAOCAQEAht2LnmXbTLao4x3HwL38J/k5WHfUSvOvd0x2
LEZMOPh0UdpEZCpaX5arcLcAltzTL+auACCtQVVd0sIgHa8TzTmVQFWMPuSG474M
4sldsdPASFM4gunccoLpvTvbQKqa6l4hcSNpdicwkC8uUY3ffUJUQzAjcac0bu8q
mNnUetnS/7Ly7Om3apOmvOT1+RVkxLejV63d322cU41QtSOvXTzfrFVvIgwPbeW0
dTponF3kr2fgm2IrufFSvBaf004mYIW5uYnihAp4UUmXJcRuc0oCy9PAC6R/V1LB
BZq9SQ3UI+DWZAHIJtZHTmwzvSUGJDW9QWzxo414QcKwv+lNvA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:31:26 2025 by rpki-client