Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e2039333034.roa
File: 34332e3233302e38352e302f32342d3234203d3e2039333034.roa (raw, json)
Hash identifier: 8rEJIoM7zXyrGSQuJ5dhaKZrQ9e64onFY6DSKRjdZlA=
Subject key identifier: AF:D5:A6:32:E3:E4:EC:8A:ED:5E:B9:45:0A:DE:24:EC:5D:89:C6:12
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 3BB229AE8F4BB54356C1C344A7BD90C7FE905F02
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e2039333034.roa
Signing time: Wed 05 Feb 2025 05:29:12 +0000
ROA not before: Wed 05 Feb 2025 05:24:12 +0000
ROA not after: Wed 04 Feb 2026 05:29:12 +0000
asID: 9304
IP address blocks: 43.230.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Mar 2025 11:13:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:b2:29:ae:8f:4b:b5:43:56:c1:c3:44:a7:bd:90:c7:fe:90:5f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Feb 5 05:24:12 2025 GMT
Not After : Feb 4 05:29:12 2026 GMT
Subject: CN=AFD5A632E3E4EC8AED5EB9450ADE24EC5D89C612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7b:e8:27:3e:d9:d1:ca:c8:f3:d9:8e:20:4f:
f7:5b:d3:5f:bd:91:cd:e7:65:3a:c1:dc:d2:b7:ca:
6b:be:3c:04:29:ec:c2:21:d8:25:c1:d5:2d:5f:e9:
6d:48:5e:12:28:cc:fb:0e:91:52:6f:28:ff:13:68:
c1:d8:11:f8:c8:a3:86:2d:50:ed:57:fc:35:5a:40:
be:22:1c:4b:5a:04:cd:64:d8:c0:d0:96:d3:64:e1:
94:d7:07:a8:2b:8e:bc:6f:e4:f7:0d:b3:bb:a5:8e:
4b:c5:45:70:9c:83:a7:f0:ee:fa:3c:1b:82:39:77:
c6:b5:8f:e6:35:0f:db:5b:b1:fc:a2:85:93:88:c2:
b9:12:81:1f:45:03:a9:92:9a:b1:db:13:59:df:1c:
78:c8:87:10:26:17:6b:a3:ea:81:28:d0:47:4c:c8:
13:55:cb:51:04:2c:a5:ce:5e:5e:f3:3c:a9:9c:79:
48:7f:a4:6c:c6:bc:43:ca:d9:e0:15:34:de:1a:53:
f8:dc:e1:b0:43:fc:df:69:fc:77:8b:03:40:96:54:
21:a4:e1:9e:40:1e:51:2c:84:90:2b:a2:11:dd:a4:
06:3f:b4:82:90:43:45:36:c2:9f:b6:c4:5c:ca:90:
9b:9a:e9:2e:de:ca:ff:9a:7c:ff:e5:0f:cd:86:9c:
d8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:D5:A6:32:E3:E4:EC:8A:ED:5E:B9:45:0A:DE:24:EC:5D:89:C6:12
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/34332e3233302e38352e302f32342d3234203d3e2039333034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.230.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:40:7f:24:b7:e5:07:be:d8:1e:94:5c:15:df:93:af:b6:00:
af:34:9a:07:dd:99:dd:7b:e0:1e:ac:f2:a7:7f:cb:3e:18:cd:
91:07:c8:b7:b4:5c:46:4e:0b:60:50:b6:77:60:7f:c5:81:58:
36:3d:c3:27:6c:ba:dc:3b:4b:57:47:f9:fd:92:09:2f:1e:44:
3a:3c:9d:26:d4:99:3b:84:75:00:8d:b5:15:15:11:4d:e4:cb:
0c:16:d9:93:17:50:a1:49:a6:4c:bf:0a:0e:f5:5c:e9:d5:0d:
11:a7:e7:53:2b:07:38:04:51:48:67:1f:93:9c:0b:bd:cd:d0:
25:83:7b:b6:14:24:fc:7b:a2:82:1a:53:af:05:07:9e:02:cf:
f6:59:bc:ec:e0:07:d5:e8:f8:cd:c7:bf:e7:74:2e:0b:a8:27:
ea:63:b2:6f:75:05:d8:d5:65:61:9f:61:4d:76:45:d8:6d:9b:
8c:74:6b:27:36:f4:60:8b:af:eb:fd:ce:02:87:d2:19:6f:41:
6b:4c:96:81:a0:30:e9:7c:91:aa:72:e7:89:30:f3:45:6d:ce:
89:75:dc:ea:b5:27:64:08:ba:9d:7d:31:97:49:1b:a6:ec:b0:
79:56:79:09:69:8f:e8:d1:44:2a:13:33:e3:cd:d7:05:50:06:
f5:49:14:f3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUO7Ipro9LtUNWwcNEp72Qx/6QXwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNTAyMDUwNTI0MTJaFw0yNjAyMDQwNTI5MTJaMDMxMTAvBgNV
BAMTKEFGRDVBNjMyRTNFNEVDOEFFRDVFQjk0NTBBREUyNEVDNUQ4OUM2MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/e+gnPtnRysjz2Y4gT/db01+9
kc3nZTrB3NK3ymu+PAQp7MIh2CXB1S1f6W1IXhIozPsOkVJvKP8TaMHYEfjIo4Yt
UO1X/DVaQL4iHEtaBM1k2MDQltNk4ZTXB6grjrxv5PcNs7uljkvFRXCcg6fw7vo8
G4I5d8a1j+Y1D9tbsfyihZOIwrkSgR9FA6mSmrHbE1nfHHjIhxAmF2uj6oEo0EdM
yBNVy1EELKXOXl7zPKmceUh/pGzGvEPK2eAVNN4aU/jc4bBD/N9p/HeLA0CWVCGk
4Z5AHlEshJArohHdpAY/tIKQQ0U2wp+2xFzKkJua6S7eyv+afP/lD82GnNiRAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUr9WmMuPk7IrtXrlFCt4k7F2JxhIwHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzQzMzJlMzIzMzMwMmUzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzkzMzMwMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAr5lUw
DQYJKoZIhvcNAQELBQADggEBAAtAfyS35Qe+2B6UXBXfk6+2AK80mgfdmd174B6s
8qd/yz4YzZEHyLe0XEZOC2BQtndgf8WBWDY9wydsutw7S1dH+f2SCS8eRDo8nSbU
mTuEdQCNtRUVEU3kywwW2ZMXUKFJpky/Cg71XOnVDRGn51MrBzgEUUhnH5OcC73N
0CWDe7YUJPx7ooIaU68FB54Cz/ZZvOzgB9Xo+M3Hv+d0LguoJ+pjsm91BdjVZWGf
YU12Rdhtm4x0ayc29GCLr+v9zgKH0hlvQWtMloGgMOl8kapy54kw80Vtzol13Oq1
J2QIup19MZdJG6bssHlWeQlpj+jRRCoTM+PN1wVQBvVJFPM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:47:58 2025 by rpki-client