Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e20383334.roa
File: 34352e39352e3231322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ZXvX7STXi/0R83QxT8iqEmnnnxj+DPct7V8i0q1tsE0=
Subject key identifier: 0B:E8:F7:97:B0:80:6C:62:85:FC:E7:02:58:CC:D1:32:13:11:93:E0
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 478785DECC40CFCA0A970DD0218A8EF8AE149FD2
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e20383334.roa
Signing time: Tue 24 Dec 2024 00:05:14 +0000
ROA not before: Tue 24 Dec 2024 00:00:14 +0000
ROA not after: Tue 23 Dec 2025 00:05:14 +0000
asID: 834
IP address blocks: 45.95.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 04:40:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:87:85:de:cc:40:cf:ca:0a:97:0d:d0:21:8a:8e:f8:ae:14:9f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 24 00:00:14 2024 GMT
Not After : Dec 23 00:05:14 2025 GMT
Subject: CN=0BE8F797B0806C6285FCE70258CCD132131193E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:03:e5:fd:bc:29:c2:cd:3e:a1:96:04:3b:f0:
06:19:3c:95:37:fc:c6:8f:ee:34:0b:66:2f:43:90:
bc:cd:a3:a1:28:db:f9:6a:b5:74:bf:fd:2e:63:ca:
ca:40:7c:b9:c1:fb:1a:f9:8d:2b:78:80:16:7d:66:
38:85:de:e7:6b:bf:70:70:b7:da:7e:7c:5e:62:25:
23:cd:dc:ab:20:f7:63:51:49:5d:e3:17:c5:08:d7:
7d:dd:5f:22:56:ff:41:e5:27:6a:0d:cb:b2:35:48:
6b:b9:b7:18:24:51:64:7f:1f:73:dc:b7:9c:16:ca:
21:53:b2:32:b9:9f:cc:87:e0:e6:c0:d3:48:6d:97:
de:12:d4:bc:90:22:5f:4b:26:13:83:10:62:3f:c0:
9a:54:60:15:a2:49:62:e1:33:07:85:41:ff:56:e2:
f8:39:e0:7f:de:cb:ab:90:21:a1:ac:5d:59:9b:c3:
38:03:28:24:1f:f4:e0:0c:6b:0f:09:5e:d1:c3:83:
d8:10:5e:78:b1:9e:21:f5:11:19:ff:02:1e:81:2a:
85:c2:18:a7:4c:d1:8e:c6:cb:dc:b3:f1:b9:db:b7:
e5:3f:87:83:c0:15:d2:d4:24:e5:1a:8f:97:66:60:
41:54:f0:a0:af:a9:1e:6a:5b:b5:96:8b:ab:0a:d4:
fc:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E8:F7:97:B0:80:6C:62:85:FC:E7:02:58:CC:D1:32:13:11:93:E0
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.212.0/24
Signature Algorithm: sha256WithRSAEncryption
57:63:e1:d9:e9:34:1f:f0:7a:a6:a7:6e:95:5a:69:f9:6d:fa:
4f:3e:34:da:98:e1:2d:28:49:ad:1f:32:b7:b3:74:4d:6b:ac:
8f:06:e7:f3:8b:4f:04:03:9c:2b:ea:d2:1e:66:fb:ca:a9:d3:
9a:c9:67:52:39:41:b3:33:f9:24:5e:9a:f8:16:9e:7d:0b:d4:
c0:9c:d5:09:17:86:f9:82:3c:df:fa:43:31:4b:0a:7a:58:14:
4f:f3:77:86:83:41:82:47:54:44:e9:ec:fa:3c:d1:ad:bb:b3:
52:df:6b:c7:63:ff:82:d4:ae:f8:93:eb:93:b5:b3:53:e4:d9:
69:a4:86:bc:57:e4:3c:2d:cb:81:f5:ea:40:1d:af:a8:88:3e:
1b:d5:7f:ed:0e:db:f1:b0:4e:c4:95:33:28:7a:03:98:4b:b2:
11:91:48:a8:3f:f2:d9:05:6d:48:00:5b:eb:7c:b4:3f:a4:5c:
e5:13:d0:b3:e9:1b:06:91:80:a0:2c:1e:de:38:3e:b0:0d:b5:
93:8b:77:d5:98:68:04:52:4a:fc:12:1b:f0:5b:96:f7:9e:d1:
26:ee:7a:e9:c0:61:ca:5e:cf:26:c9:ec:f2:ac:3d:68:55:3c:
a0:e1:2e:bb:a0:22:07:d3:a8:03:e7:e6:60:7b:ce:ee:5d:56:
79:99:08:85
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUR4eF3sxAz8oKlw3QIYqO+K4Un9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDEyMjQwMDAwMTRaFw0yNTEyMjMwMDA1MTRaMDMxMTAvBgNV
BAMTKDBCRThGNzk3QjA4MDZDNjI4NUZDRTcwMjU4Q0NEMTMyMTMxMTkzRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgA+X9vCnCzT6hlgQ78AYZPJU3
/MaP7jQLZi9DkLzNo6Eo2/lqtXS//S5jyspAfLnB+xr5jSt4gBZ9ZjiF3udrv3Bw
t9p+fF5iJSPN3Ksg92NRSV3jF8UI133dXyJW/0HlJ2oNy7I1SGu5txgkUWR/H3Pc
t5wWyiFTsjK5n8yH4ObA00htl94S1LyQIl9LJhODEGI/wJpUYBWiSWLhMweFQf9W
4vg54H/ey6uQIaGsXVmbwzgDKCQf9OAMaw8JXtHDg9gQXnixniH1ERn/Ah6BKoXC
GKdM0Y7Gy9yz8bnbt+U/h4PAFdLUJOUaj5dmYEFU8KCvqR5qW7WWi6sK1PwjAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUC+j3l7CAbGKF/OcCWMzRMhMRk+AwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/UMA0G
CSqGSIb3DQEBCwUAA4IBAQBXY+HZ6TQf8Hqmp26VWmn5bfpPPjTamOEtKEmtHzK3
s3RNa6yPBufzi08EA5wr6tIeZvvKqdOayWdSOUGzM/kkXpr4Fp59C9TAnNUJF4b5
gjzf+kMxSwp6WBRP83eGg0GCR1RE6ez6PNGtu7NS32vHY/+C1K74k+uTtbNT5Nlp
pIa8V+Q8LcuB9epAHa+oiD4b1X/tDtvxsE7ElTMoegOYS7IRkUioP/LZBW1IAFvr
fLQ/pFzlE9Cz6RsGkYCgLB7eOD6wDbWTi3fVmGgEUkr8EhvwW5b3ntEm7nrpwGHK
Xs8myezyrD1oVTyg4S67oCIH06gD5+Zge87uXVZ5mQiF
-----END CERTIFICATE-----
Generated at Fri Mar 14 00:41:52 2025 by rpki-client