Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32332d3234203d3e20383334.roa
File: 3130332e34392e3132382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: dEaihCMRiePxTZjHwI0VrH1vKsIokDhWS42e8jJhipQ=
Subject key identifier: 07:C7:1B:B2:25:EA:9B:F1:AE:73:D7:6D:DD:0D:BC:3D:79:83:92:5D
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 0F6C873282AA0F473D5043C93AEF70AB6474D87B
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32332d3234203d3e20383334.roa
Signing time: Thu 10 Apr 2025 11:17:15 +0000
ROA not before: Thu 10 Apr 2025 11:12:15 +0000
ROA not after: Thu 09 Apr 2026 11:17:15 +0000
asID: 834
IP address blocks: 103.49.128.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 14:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:6c:87:32:82:aa:0f:47:3d:50:43:c9:3a:ef:70:ab:64:74:d8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Apr 10 11:12:15 2025 GMT
Not After : Apr 9 11:17:15 2026 GMT
Subject: CN=07C71BB225EA9BF1AE73D76DDD0DBC3D7983925D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:c3:33:56:77:c3:2a:c0:f1:a0:30:e6:e2:
2f:8c:1a:af:90:fb:b1:79:b8:a4:aa:e8:83:48:7f:
da:2f:76:39:67:e1:e3:97:80:bc:8d:c9:02:7a:7d:
6a:dc:f9:50:a5:3c:d4:52:4c:c8:67:a7:94:06:1a:
20:26:cf:8d:f4:15:b9:2f:cc:ae:a5:03:6b:72:3e:
62:8d:ac:e9:0e:e9:93:39:81:28:53:26:d0:0c:e5:
60:3f:97:7d:fe:14:e2:da:a8:c2:d1:1b:4d:c7:fa:
ac:d4:ef:9d:7a:23:77:06:2c:b4:b1:52:cc:2e:ec:
4f:17:4f:56:44:7e:97:b2:4b:2e:fc:27:95:34:0a:
35:0b:95:49:f2:fe:52:3b:59:99:c5:1f:ba:45:94:
fb:ba:a3:08:f8:e1:21:2c:e8:dd:dc:9c:20:27:a9:
84:88:56:1e:ea:8e:84:15:81:64:3f:67:1a:12:d3:
38:80:15:3f:8a:30:19:fb:57:10:1f:ff:4a:d9:7f:
d9:83:e6:22:76:a2:1f:ab:ef:db:62:7e:a8:1b:7f:
21:c6:3e:3b:eb:4e:c2:fa:4e:ac:7b:63:69:5c:d0:
f1:95:43:3a:1f:52:1e:07:5d:f3:11:59:0a:c6:35:
98:fd:7a:c7:6e:e1:a6:b5:ba:af:ad:e5:8c:52:bb:
2c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C7:1B:B2:25:EA:9B:F1:AE:73:D7:6D:DD:0D:BC:3D:79:83:92:5D
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/3130332e34392e3132382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.49.128.0/23
Signature Algorithm: sha256WithRSAEncryption
39:28:c8:0f:eb:ce:84:20:ca:14:fa:bf:a9:11:42:1a:cc:c7:
3e:26:8d:44:a5:67:0b:78:f2:27:bf:66:68:1c:24:d8:45:9d:
33:5d:05:ab:8f:7d:89:dd:91:af:cb:4f:2b:cb:3d:36:85:4c:
8f:9c:fc:79:35:89:38:2e:73:36:3f:b1:55:6f:9d:16:b8:d5:
92:9c:1a:90:e2:20:95:c8:cb:01:65:cd:9a:5d:1a:4f:fe:df:
84:72:f1:70:0b:79:97:67:70:65:fe:28:47:78:a3:9f:ca:da:
f4:ef:80:36:84:f5:a5:33:e7:36:5e:3b:fe:5c:e2:e6:15:89:
dc:76:03:d2:29:e4:1e:e7:0b:01:a7:01:9d:1f:c2:1b:2f:d7:
43:c0:2c:f0:3e:5b:4d:d7:f6:77:6d:0e:65:b3:7a:f6:e7:dd:
8c:bc:2c:0d:70:d4:1b:49:9a:76:fa:35:ca:52:84:69:c3:17:
fa:24:ce:37:9e:44:15:5b:91:b4:62:0e:36:d3:7e:89:ce:bc:
31:52:55:03:39:ae:02:47:6f:15:80:00:8b:34:f9:77:f4:74:
df:a4:e8:3a:86:ce:84:40:1d:cb:15:dc:04:be:df:64:9d:26:
1b:02:ce:b7:d2:2f:9b:ec:71:75:d5:d5:94:c0:e8:2e:ef:b9:
0e:5d:44:34
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUD2yHMoKqD0c9UEPJOu9wq2R02HswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTA0MTAxMTEyMTVaFw0yNjA0MDkxMTE3MTVaMDMxMTAvBgNV
BAMTKDA3QzcxQkIyMjVFQTlCRjFBRTczRDc2REREMERCQzNENzk4MzkyNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7M8MzVnfDKsDxoDDm4i+MGq+Q
+7F5uKSq6INIf9ovdjln4eOXgLyNyQJ6fWrc+VClPNRSTMhnp5QGGiAmz430Fbkv
zK6lA2tyPmKNrOkO6ZM5gShTJtAM5WA/l33+FOLaqMLRG03H+qzU7516I3cGLLSx
Uswu7E8XT1ZEfpeySy78J5U0CjULlUny/lI7WZnFH7pFlPu6owj44SEs6N3cnCAn
qYSIVh7qjoQVgWQ/ZxoS0ziAFT+KMBn7VxAf/0rZf9mD5iJ2oh+r79tifqgbfyHG
PjvrTsL6Tqx7Y2lc0PGVQzofUh4HXfMRWQrGNZj9esdu4aa1uq+t5YxSuyyTAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUB8cbsiXqm/Guc9dt3Q28PXmDkl0wHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzEzMDMzMmUzNDM5MmUzMTMy
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnMYAw
DQYJKoZIhvcNAQELBQADggEBADkoyA/rzoQgyhT6v6kRQhrMxz4mjUSlZwt48ie/
ZmgcJNhFnTNdBauPfYndka/LTyvLPTaFTI+c/Hk1iTguczY/sVVvnRa41ZKcGpDi
IJXIywFlzZpdGk/+34Ry8XALeZdncGX+KEd4o5/K2vTvgDaE9aUz5zZeO/5c4uYV
idx2A9Ip5B7nCwGnAZ0fwhsv10PALPA+W03X9ndtDmWzevbn3Yy8LA1w1BtJmnb6
NcpShGnDF/okzjeeRBVbkbRiDjbTfonOvDFSVQM5rgJHbxWAAIs0+Xf0dN+k6DqG
zoRAHcsV3AS+32SdJhsCzrfSL5vscXXV1ZTA6C7vuQ5dRDQ=
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:12:40 2025 by rpki-client