Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
File: 34352e382e3231372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: D7PJlGzaEbF4pV9J8oBEsWG5Vvb/FrRBzN9U9eQZafA=
Subject key identifier: B2:FD:2B:95:DB:1C:23:57:27:9A:0D:D8:B1:AC:F2:32:AC:55:6F:BF
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 1392769C9ADEAF17C933A4F11CEA286C414EB192
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
Signing time: Sat 18 Jan 2025 00:02:08 +0000
ROA not before: Fri 17 Jan 2025 23:57:08 +0000
ROA not after: Sat 17 Jan 2026 00:02:08 +0000
asID: 834
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 14:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:92:76:9c:9a:de:af:17:c9:33:a4:f1:1c:ea:28:6c:41:4e:b1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 17 23:57:08 2025 GMT
Not After : Jan 17 00:02:08 2026 GMT
Subject: CN=B2FD2B95DB1C2357279A0DD8B1ACF232AC556FBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1f:31:1c:06:a3:c6:41:da:28:44:52:83:f7:
8d:48:b0:5f:c2:30:de:97:56:ae:ba:40:fc:00:0c:
2b:86:c5:b2:29:f6:0b:22:36:71:6c:3f:5f:93:97:
2e:40:2a:a5:dd:14:a8:da:79:0d:0a:8e:25:ba:82:
ed:0e:03:77:97:6a:7a:fe:a4:34:33:17:e1:8a:57:
c1:62:ba:21:ab:75:fb:49:43:03:c0:03:df:31:c9:
97:49:dd:46:a0:15:c2:98:51:56:73:01:6b:62:dd:
62:da:0f:a2:fe:b3:a2:e9:63:cb:8f:cb:f0:ec:2d:
d4:e7:e4:1a:ae:f9:4d:09:05:f9:1f:c9:8e:16:37:
ee:ee:98:6e:48:e9:8b:50:51:df:78:c8:e9:88:b8:
10:b2:c5:57:9e:60:59:ba:3c:f7:25:52:06:8a:e0:
10:27:f1:99:56:fb:71:01:bb:7c:fd:42:79:f9:b8:
d8:70:48:36:5c:18:81:f7:88:f5:55:c8:f0:dc:63:
fc:28:bb:50:eb:75:74:59:f9:35:6b:15:2c:dc:9d:
dc:a5:a4:d3:9b:71:ab:5c:6c:a9:25:c2:81:a5:60:
ed:ba:79:b8:d6:64:16:f7:b6:52:39:f6:2b:df:91:
ae:aa:bd:b1:71:a3:fe:d6:fc:51:c7:92:8b:e6:5e:
71:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FD:2B:95:DB:1C:23:57:27:9A:0D:D8:B1:AC:F2:32:AC:55:6F:BF
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:b5:a8:50:fe:75:5a:4d:9b:d4:c5:a3:62:fa:27:3f:e1:73:
ad:a2:5f:b4:5b:ab:84:86:d2:e3:73:59:0a:de:ef:06:b0:00:
00:df:5b:cc:a0:0f:65:77:6e:e2:0c:a8:65:78:8a:d6:73:9d:
ac:6b:0d:25:d2:aa:d8:a5:4e:e1:5a:33:6a:be:c3:2b:6d:49:
bb:b5:e7:78:46:cd:77:88:3a:85:fc:41:a8:c0:0e:75:14:54:
48:19:af:81:75:f2:66:69:64:f5:68:e4:72:52:8e:35:f8:d0:
37:d1:d6:a7:a9:34:c6:6a:02:72:de:d1:69:e9:c3:52:eb:26:
df:86:04:d9:b1:d5:7d:8e:cd:e8:f3:46:ad:a3:56:49:13:d4:
cf:55:54:2b:e8:b6:84:d1:3a:e3:58:cd:22:e5:96:a7:1f:b5:
61:19:ef:e0:06:f9:57:73:1b:92:4a:f0:60:45:4a:18:90:08:
f3:c7:6d:33:bf:fc:a4:12:38:01:7f:a4:62:06:c6:25:3f:b8:
d8:a0:6e:ac:87:d8:fb:9f:38:d6:b8:87:17:b8:66:f6:d5:8d:
e8:27:6c:e2:d3:6e:3b:bb:43:eb:65:a9:8c:54:b5:52:c3:47:
86:b2:11:bd:72:2c:35:1d:31:98:cd:58:91:23:60:30:58:ec:
45:e5:9f:23
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUE5J2nJrerxfJM6TxHOoobEFOsZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAxMTcyMzU3MDhaFw0yNjAxMTcwMDAyMDhaMDMxMTAvBgNV
BAMTKEIyRkQyQjk1REIxQzIzNTcyNzlBMEREOEIxQUNGMjMyQUM1NTZGQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDHzEcBqPGQdooRFKD941IsF/C
MN6XVq66QPwADCuGxbIp9gsiNnFsP1+Tly5AKqXdFKjaeQ0KjiW6gu0OA3eXanr+
pDQzF+GKV8FiuiGrdftJQwPAA98xyZdJ3UagFcKYUVZzAWti3WLaD6L+s6LpY8uP
y/DsLdTn5Bqu+U0JBfkfyY4WN+7umG5I6YtQUd94yOmIuBCyxVeeYFm6PPclUgaK
4BAn8ZlW+3EBu3z9Qnn5uNhwSDZcGIH3iPVVyPDcY/wou1DrdXRZ+TVrFSzcndyl
pNObcatcbKklwoGlYO26ebjWZBb3tlI59ivfka6qvbFxo/7W/FHHkovmXnFLAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUsv0rldscI1cnmg3YsazyMqxVb78wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I2TANBgkq
hkiG9w0BAQsFAAOCAQEAybWoUP51Wk2b1MWjYvonP+FzraJftFurhIbS43NZCt7v
BrAAAN9bzKAPZXdu4gyoZXiK1nOdrGsNJdKq2KVO4Vozar7DK21Ju7XneEbNd4g6
hfxBqMAOdRRUSBmvgXXyZmlk9WjkclKONfjQN9HWp6k0xmoCct7RaenDUusm34YE
2bHVfY7N6PNGraNWSRPUz1VUK+i2hNE641jNIuWWpx+1YRnv4Ab5V3MbkkrwYEVK
GJAI88dtM7/8pBI4AX+kYgbGJT+42KBurIfY+5841riHF7hm9tWN6Cds4tNuO7tD
62WpjFS1UsNHhrIRvXIsNR0xmM1YkSNgMFjsReWfIw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:28 2025 by rpki-client