Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323030343832.roa
File: 34352e3135382e35372e302f32342d3234203d3e20323030343832.roa (raw, json)
Hash identifier: ZzArpf+75RLQ71PJwc4CqgxdIYX9YKuBSiqZFwP1fUg=
Subject key identifier: 02:98:EC:21:01:4B:2D:02:B5:11:E5:23:D3:A7:29:39:2E:81:2E:83
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 2829B86DB15F70E17BF0718D4B7DA29F5E1D7980
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323030343832.roa
Signing time: Fri 23 Jun 2023 16:01:04 +0000
ROA not before: Fri 23 Jun 2023 15:56:04 +0000
ROA not after: Fri 21 Jun 2024 16:01:04 +0000
asID: 200482
IP address blocks: 45.158.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 08:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:29:b8:6d:b1:5f:70:e1:7b:f0:71:8d:4b:7d:a2:9f:5e:1d:79:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 23 15:56:04 2023 GMT
Not After : Jun 21 16:01:04 2024 GMT
Subject: CN=0298EC21014B2D02B511E523D3A729392E812E83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1f:c6:de:86:20:83:37:e9:16:4b:8e:c5:63:
a2:b6:7f:11:a2:73:3c:49:4a:89:7b:57:29:6f:b7:
83:c3:5b:4e:5d:39:cb:fa:aa:46:18:11:c0:60:20:
e0:67:4c:a2:8a:e7:81:e9:a1:c9:2a:47:03:4f:47:
b0:0e:fe:65:e9:58:47:2b:d6:3b:87:c4:14:43:fa:
1c:7d:9e:05:60:de:66:3d:10:83:63:b1:b0:fd:61:
dd:27:cb:5c:49:89:13:8f:c2:d8:53:9d:c0:57:f4:
b8:b3:0a:cc:ff:20:36:c1:6b:8e:51:5d:1f:e9:96:
f8:1b:6d:6a:36:7d:39:55:d4:ab:90:c6:e1:8b:b9:
e9:bc:23:11:e9:54:ca:f8:cf:2c:61:8d:79:24:88:
1f:dc:07:7e:cd:17:cf:aa:46:b2:88:03:b1:f5:85:
98:23:31:e8:96:fa:63:f8:2a:fb:36:19:2c:71:fc:
8f:f8:f6:98:05:c4:53:86:87:36:f9:d2:44:56:f3:
f7:d2:0d:fb:d6:f5:fb:b9:0a:a1:d0:66:38:53:87:
fa:f2:af:d7:fd:13:94:0a:b1:e0:59:77:0f:dd:6d:
71:2d:6e:f4:0b:fe:6f:fa:cd:fa:61:b4:dd:4f:cb:
21:37:ec:99:df:89:f6:a3:2c:78:73:be:30:4f:07:
e9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:98:EC:21:01:4B:2D:02:B5:11:E5:23:D3:A7:29:39:2E:81:2E:83
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20323030343832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:4b:2d:00:ec:f4:f1:0e:f6:02:4f:87:8b:97:b7:76:84:14:
0e:a4:68:a0:b0:7a:a8:d9:bf:82:af:56:2c:fb:b8:dd:d9:05:
ed:37:2b:5b:63:64:da:65:e1:d6:37:f3:4a:70:8b:af:7e:5b:
2a:18:a0:7c:b9:01:e3:9f:17:02:83:1d:7e:a1:45:e2:06:a5:
8f:7b:e0:a3:ba:ef:0b:aa:5e:4c:f8:bb:5a:d8:d7:8e:53:4e:
0b:8f:eb:8c:7b:2e:7a:bc:28:0f:b1:68:81:38:7e:9d:ee:05:
87:0e:34:f9:e5:ef:97:ac:43:1e:fe:bc:ad:86:7a:62:4a:20:
42:e5:b3:fc:9f:03:ff:65:67:68:30:56:43:89:20:eb:c9:10:
f6:09:2e:f4:01:e2:2f:0b:f9:a3:1c:f4:42:d1:7a:df:9a:c2:
63:67:0a:a5:ae:36:5d:51:cf:fa:16:f9:18:92:73:8f:3b:0d:
8c:47:4a:05:6b:d6:3d:ff:79:f5:d3:41:2b:74:a5:b3:6f:a6:
bb:f1:49:b5:7f:c8:06:c0:a6:56:0c:bc:2b:26:9d:80:cc:8d:
06:1e:0a:ba:88:79:6d:9f:5c:21:9b:4b:1b:d4:a8:b7:cb:d1:
7d:44:00:a7:87:bc:17:f8:b8:f0:2a:8b:c7:36:0c:e5:ef:0c:
dc:3d:2d:79
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKCm4bbFfcOF78HGNS32in14deYAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA2MjMxNTU2MDRaFw0yNDA2MjExNjAxMDRaMDMxMTAvBgNV
BAMTKDAyOThFQzIxMDE0QjJEMDJCNTExRTUyM0QzQTcyOTM5MkU4MTJFODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPH8behiCDN+kWS47FY6K2fxGi
czxJSol7Vylvt4PDW05dOcv6qkYYEcBgIOBnTKKK54HpockqRwNPR7AO/mXpWEcr
1juHxBRD+hx9ngVg3mY9EINjsbD9Yd0ny1xJiROPwthTncBX9LizCsz/IDbBa45R
XR/plvgbbWo2fTlV1KuQxuGLuem8IxHpVMr4zyxhjXkkiB/cB37NF8+qRrKIA7H1
hZgjMeiW+mP4Kvs2GSxx/I/49pgFxFOGhzb50kRW8/fSDfvW9fu5CqHQZjhTh/ry
r9f9E5QKseBZdw/dbXEtbvQL/m/6zfphtN1PyyE37JnfifajLHhzvjBPB+nhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUApjsIQFLLQK1EeUj06cpOS6BLoMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMwMzQzODMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ45MA0GCSqGSIb3DQEBCwUAA4IBAQDDSy0A7PTxDvYCT4eLl7d2hBQOpGigsHqo
2b+Cr1Ys+7jd2QXtNytbY2TaZeHWN/NKcIuvflsqGKB8uQHjnxcCgx1+oUXiBqWP
e+Cjuu8Lql5M+Lta2NeOU04Lj+uMey56vCgPsWiBOH6d7gWHDjT55e+XrEMe/ryt
hnpiSiBC5bP8nwP/ZWdoMFZDiSDryRD2CS70AeIvC/mjHPRC0XrfmsJjZwqlrjZd
Uc/6FvkYknOPOw2MR0oFa9Y9/3n100ErdKWzb6a78Um1f8gGwKZWDLwrJp2AzI0G
Hgq6iHltn1whm0sb1Ki3y9F9RACnh7wX+LjwKovHNgzl7wzcPS15
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org