Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
File: 34352e382e3231372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: u22SNsZQkDYhMCE8/gUPZK/rAhVBURAN+6cRdwtl3Go=
Subject key identifier: 65:F5:26:37:1E:F1:BA:47:C9:32:08:E0:EE:65:AC:65:C8:5D:7C:65
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 6B643A65ABA237FE6E05BDAD55EC8962C8AB250B
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
Signing time: Sun 18 May 2025 00:02:53 +0000
ROA not before: Sat 17 May 2025 23:57:53 +0000
ROA not after: Sun 17 May 2026 00:02:53 +0000
asID: 834
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 May 2025 06:45:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:64:3a:65:ab:a2:37:fe:6e:05:bd:ad:55:ec:89:62:c8:ab:25:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 17 23:57:53 2025 GMT
Not After : May 17 00:02:53 2026 GMT
Subject: CN=65F526371EF1BA47C93208E0EE65AC65C85D7C65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a4:c7:47:36:1f:e5:a1:11:04:5a:a1:91:8c:
f0:62:17:f2:ca:3b:c0:c4:94:9a:c9:42:f8:24:5e:
e2:bc:e5:5c:44:64:cc:79:63:72:94:2e:23:3a:11:
7a:29:2e:12:46:42:2f:89:8b:51:65:34:ed:bd:32:
25:e5:73:ea:6c:a7:73:92:ab:a1:90:4a:20:a1:10:
13:79:3c:d6:f6:ce:39:9d:a9:a8:24:f2:d1:53:94:
cb:a0:ed:70:36:6e:1e:8d:a1:20:d3:14:9c:ab:66:
b9:31:4a:e5:31:86:fd:69:fc:21:ce:e9:b4:13:ee:
07:b5:91:46:54:1b:3e:04:39:74:f2:20:5e:21:a5:
68:2a:c5:3a:23:ea:d1:4f:82:47:8a:3d:1f:f3:3e:
46:62:6f:a2:ec:93:d2:38:6e:2f:36:af:88:b0:b6:
19:cd:05:b0:80:36:44:6a:3e:a8:81:f9:78:1a:64:
52:9c:cb:de:0c:5e:6c:33:f0:8e:9d:83:66:19:b5:
34:26:3e:dc:35:c3:f2:3e:f2:ff:49:9d:ed:74:dc:
9b:13:8a:13:65:64:5b:8c:73:e7:f0:f2:76:6c:ee:
89:32:b8:18:c8:ff:8a:15:9c:fd:25:36:7f:7f:f8:
6b:3c:62:86:cb:a3:fd:19:98:6f:9d:87:82:c0:94:
6f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F5:26:37:1E:F1:BA:47:C9:32:08:E0:EE:65:AC:65:C8:5D:7C:65
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:be:b7:61:19:f6:dc:58:8f:22:9f:28:c2:13:8a:5f:ba:e3:
2a:c2:35:07:e3:9a:fb:64:53:c4:8d:a2:f6:74:25:9c:3e:69:
09:79:39:98:ce:09:2d:f2:fd:f4:11:fa:e8:da:14:72:34:8c:
b2:18:36:dd:8c:45:c8:5e:5c:d8:76:15:f7:16:25:fe:b0:f1:
d1:e4:6e:4f:bb:75:1a:9c:d5:13:9c:c0:1e:c5:de:17:03:1c:
32:78:ef:35:a7:49:3e:7f:d0:c4:b7:16:87:97:1e:99:9d:ab:
fb:2e:98:78:72:b9:7b:9f:e4:52:78:06:d8:d0:85:52:07:05:
5b:10:00:48:c6:24:ad:fe:20:15:fa:72:b9:5b:d1:7b:fc:2c:
e3:b3:4b:e4:9d:94:95:f4:8e:f6:ac:bc:e8:5b:ee:8f:3b:99:
74:a2:bc:fa:0d:69:0b:71:9c:8b:f4:19:23:73:cf:f3:65:0b:
2d:19:b6:c8:50:8d:14:43:9c:75:c5:94:7e:e2:4c:f1:c2:cd:
d1:82:47:6e:e2:e8:20:60:4b:fa:5c:bb:1c:70:89:a6:34:d4:
97:09:1c:f3:35:41:f0:c9:08:1e:2a:13:a8:2b:59:a2:30:be:
d1:ab:89:f2:48:a5:ae:21:69:6a:6b:f5:e2:55:9f:17:c6:b5:
5b:e0:cf:c0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUa2Q6ZauiN/5uBb2tVeyJYsirJQswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA1MTcyMzU3NTNaFw0yNjA1MTcwMDAyNTNaMDMxMTAvBgNV
BAMTKDY1RjUyNjM3MUVGMUJBNDdDOTMyMDhFMEVFNjVBQzY1Qzg1RDdDNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzpMdHNh/loREEWqGRjPBiF/LK
O8DElJrJQvgkXuK85VxEZMx5Y3KULiM6EXopLhJGQi+Ji1FlNO29MiXlc+psp3OS
q6GQSiChEBN5PNb2zjmdqagk8tFTlMug7XA2bh6NoSDTFJyrZrkxSuUxhv1p/CHO
6bQT7ge1kUZUGz4EOXTyIF4hpWgqxToj6tFPgkeKPR/zPkZib6Lsk9I4bi82r4iw
thnNBbCANkRqPqiB+XgaZFKcy94MXmwz8I6dg2YZtTQmPtw1w/I+8v9Jne103JsT
ihNlZFuMc+fw8nZs7okyuBjI/4oVnP0lNn9/+Gs8YobLo/0ZmG+dh4LAlG8HAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUZfUmNx7xukfJMgjg7mWsZchdfGUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I2TANBgkq
hkiG9w0BAQsFAAOCAQEAS763YRn23FiPIp8owhOKX7rjKsI1B+Oa+2RTxI2i9nQl
nD5pCXk5mM4JLfL99BH66NoUcjSMshg23YxFyF5c2HYV9xYl/rDx0eRuT7t1GpzV
E5zAHsXeFwMcMnjvNadJPn/QxLcWh5cemZ2r+y6YeHK5e5/kUngG2NCFUgcFWxAA
SMYkrf4gFfpyuVvRe/ws47NL5J2UlfSO9qy86FvujzuZdKK8+g1pC3Gci/QZI3PP
82ULLRm2yFCNFEOcdcWUfuJM8cLN0YJHbuLoIGBL+ly7HHCJpjTUlwkc8zVB8MkI
HioTqCtZojC+0auJ8kilriFpamv14lWfF8a1W+DPwA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:38:47 2025 by rpki-client