Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32332d3234203d3e20383334.roa
File: 34352e3134362e3136322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: vvsQIHYWHADvPYgQyIxSU88j2ZB7nxIsrKkQK9U5PvA=
Subject key identifier: 2A:D2:D8:43:C2:16:76:1C:9D:07:8D:5C:BA:A7:97:E0:74:8F:62:E4
Certificate issuer: /CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Certificate serial: 18D6AA302DB714D3B656DC8110B470E31EF256A7
Authority key identifier: 5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32332d3234203d3e20383334.roa
Signing time: Sat 12 Oct 2024 00:43:25 +0000
ROA not before: Sat 12 Oct 2024 00:38:25 +0000
ROA not after: Sat 11 Oct 2025 00:43:25 +0000
asID: 834
IP address blocks: 45.146.162.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 00:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:d6:aa:30:2d:b7:14:d3:b6:56:dc:81:10:b4:70:e3:1e:f2:56:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5defe0922f4f55270dcd5c08f04f1c7bf26073c3
Validity
Not Before: Oct 12 00:38:25 2024 GMT
Not After : Oct 11 00:43:25 2025 GMT
Subject: CN=2AD2D843C216761C9D078D5CBAA797E0748F62E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:76:38:63:44:db:3c:ae:7d:a3:17:9f:1e:2c:
94:c6:3f:10:0a:3d:8b:56:87:fd:74:75:e6:53:73:
1a:67:35:53:a0:7a:73:08:2d:e8:fc:25:3b:f7:52:
36:8e:ab:65:59:8b:76:ef:37:e0:81:8f:1d:60:8f:
37:43:e9:bb:f2:dc:44:e7:56:45:00:9b:13:77:5f:
86:cd:8b:28:93:4a:8a:82:6f:20:c3:9c:79:e0:5e:
96:0f:9b:db:fc:48:78:f5:88:8f:35:91:be:23:6d:
04:55:08:3b:0c:42:08:7c:8d:86:6a:73:32:f1:be:
0f:9c:da:16:01:64:b8:b0:33:cd:f7:78:c1:e9:7f:
86:28:61:13:02:a0:48:ea:0f:ec:c6:2c:93:06:5a:
80:66:15:7e:45:d9:e3:0e:83:ad:d5:00:45:06:f8:
df:99:74:08:8b:2c:05:3c:5c:f8:55:03:ea:2a:f7:
35:48:4b:b4:82:4e:ea:d1:a7:cb:c9:99:1d:3b:77:
e1:88:d6:32:9d:26:25:5a:df:c9:6c:40:ae:c4:be:
58:14:66:11:dd:be:ad:34:5e:03:bb:a7:a7:c9:7f:
ed:8f:5d:81:0e:27:aa:5e:97:22:54:c2:e4:7b:55:
ef:17:aa:21:75:8a:b1:8c:de:56:22:ce:04:a8:54:
e3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D2:D8:43:C2:16:76:1C:9D:07:8D:5C:BA:A7:97:E0:74:8F:62:E4
X509v3 Authority Key Identifier:
keyid:5D:EF:E0:92:2F:4F:55:27:0D:CD:5C:08:F0:4F:1C:7B:F2:60:73:C3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/5DEFE0922F4F55270DCD5C08F04F1C7BF26073C3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xe_gki9PVScNzVwI8E8ce_Jgc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2fe2b27a-1ec5-4ab7-978e-6da9cf9f3790/0/34352e3134362e3136322e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.162.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:ed:0a:a3:1c:cf:eb:3d:f0:c3:a5:49:c1:c6:bd:20:2a:48:
28:28:9c:4e:68:b0:e9:43:52:c6:d0:49:a1:cb:9c:5a:c9:08:
8b:61:e5:64:cc:ee:2a:0a:9f:00:24:8c:c8:75:96:b0:8a:60:
d3:66:b4:c2:1b:86:4e:68:7d:10:89:1a:2e:b9:fb:be:c4:d2:
bc:6c:de:e2:43:57:a7:b4:a1:96:da:04:b5:0b:5e:05:82:fe:
46:87:9b:5b:be:29:52:b5:7a:2b:80:14:dd:91:53:e6:61:62:
b1:0a:ec:16:ce:94:85:83:2c:4c:df:9d:5c:cd:26:e9:55:c5:
11:3b:f9:39:b2:e7:27:4a:7d:0c:47:32:1f:36:a2:2b:2b:15:
b3:78:b0:23:99:9d:58:df:ed:17:e3:6d:43:d0:31:51:09:9d:
d1:79:01:94:3b:3c:17:8d:76:09:1a:f9:ff:bb:a5:d6:34:54:
8f:e0:2a:62:2d:02:24:33:47:b8:e7:22:36:24:1f:45:5e:6d:
a1:6a:9b:99:27:56:d9:ae:24:57:37:13:5d:af:7d:f2:d1:a6:
22:9d:e3:0b:47:f5:33:a8:aa:1d:90:cf:61:82:f5:ac:7a:61:
98:7b:a6:f8:d0:04:fb:3b:e8:26:65:69:46:48:c2:73:04:e0:
41:89:4c:e6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUGNaqMC23FNO2VtyBELRw4x7yVqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRlZmUwOTIyZjRmNTUyNzBkY2Q1YzA4ZjA0ZjFjN2Jm
MjYwNzNjMzAeFw0yNDEwMTIwMDM4MjVaFw0yNTEwMTEwMDQzMjVaMDMxMTAvBgNV
BAMTKDJBRDJEODQzQzIxNjc2MUM5RDA3OEQ1Q0JBQTc5N0UwNzQ4RjYyRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrdjhjRNs8rn2jF58eLJTGPxAK
PYtWh/10deZTcxpnNVOgenMILej8JTv3UjaOq2VZi3bvN+CBjx1gjzdD6bvy3ETn
VkUAmxN3X4bNiyiTSoqCbyDDnHngXpYPm9v8SHj1iI81kb4jbQRVCDsMQgh8jYZq
czLxvg+c2hYBZLiwM833eMHpf4YoYRMCoEjqD+zGLJMGWoBmFX5F2eMOg63VAEUG
+N+ZdAiLLAU8XPhVA+oq9zVIS7SCTurRp8vJmR07d+GI1jKdJiVa38lsQK7EvlgU
ZhHdvq00XgO7p6fJf+2PXYEOJ6pelyJUwuR7Ve8XqiF1irGM3lYizgSoVONXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUKtLYQ8IWdhydB41cuqeX4HSPYuQwHwYDVR0j
BBgwFoAUXe/gki9PVScNzVwI8E8ce/Jgc8MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmZlMmIyN2EtMWVjNS00YWI3LTk3OGUtNmRhOWNmOWYz
NzkwLzAvNURFRkUwOTIyRjRGNTUyNzBEQ0Q1QzA4RjA0RjFDN0JGMjYwNzNDMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hlX2draTlQVlNjTnpWd0k4RThjZV9K
Z2M4TS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmZlMmIyN2Et
MWVjNS00YWI3LTk3OGUtNmRhOWNmOWYzNzkwLzAvMzQzNTJlMzEzNDM2MmUzMTM2
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtkqIw
DQYJKoZIhvcNAQELBQADggEBAE/tCqMcz+s98MOlScHGvSAqSCgonE5osOlDUsbQ
SaHLnFrJCIth5WTM7ioKnwAkjMh1lrCKYNNmtMIbhk5ofRCJGi65+77E0rxs3uJD
V6e0oZbaBLULXgWC/kaHm1u+KVK1eiuAFN2RU+ZhYrEK7BbOlIWDLEzfnVzNJulV
xRE7+Tmy5ydKfQxHMh82oisrFbN4sCOZnVjf7RfjbUPQMVEJndF5AZQ7PBeNdgka
+f+7pdY0VI/gKmItAiQzR7jnIjYkH0VebaFqm5knVtmuJFc3E12vffLRpiKd4wtH
9TOoqh2Qz2GC9ax6YZh7pvjQBPs76CZlaUZIwnME4EGJTOY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:40 2025 by rpki-client