Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e2030.roa
File: 34352e38382e31302e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: duT3m01YOyGsJt6Lkm1axyDs4ktqLeDNQxZNvy8+yrc=
Subject key identifier: 49:2A:81:15:9B:88:F7:B7:D0:36:86:8C:C1:A8:32:97:95:52:4B:09
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 22C13E34E25EDD3E688B2E9538E2FD58EE6E51E7
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e2030.roa
Signing time: Fri 02 Aug 2024 11:10:38 +0000
ROA not before: Fri 02 Aug 2024 11:05:38 +0000
ROA not after: Fri 01 Aug 2025 11:10:38 +0000
asID: 0
IP address blocks: 45.88.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 07:19:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:c1:3e:34:e2:5e:dd:3e:68:8b:2e:95:38:e2:fd:58:ee:6e:51:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Aug 2 11:05:38 2024 GMT
Not After : Aug 1 11:10:38 2025 GMT
Subject: CN=492A81159B88F7B7D036868CC1A8329795524B09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:44:4a:fb:42:28:50:dc:da:f5:3b:05:a9:b3:
0b:94:8a:dd:c5:ec:49:a5:1c:94:ef:a0:bb:f3:57:
9e:6e:86:83:31:3a:e1:bf:ae:19:6b:95:eb:d3:93:
4b:c1:13:9c:dc:ca:3c:8c:a4:6e:17:b1:de:c7:b1:
3f:2d:cb:7d:a7:a4:4b:84:37:f9:18:8c:1e:6b:53:
7b:78:1b:b0:70:c6:ca:fe:3e:3f:05:1e:f4:ad:2a:
34:a3:56:12:10:d5:95:30:68:06:bd:e7:4e:c2:4e:
cb:70:67:ad:41:aa:72:b1:69:a5:90:17:97:ca:7a:
83:6e:88:1a:8a:21:74:c1:8b:67:91:13:78:fa:9a:
02:c5:7f:53:52:ca:d6:d1:49:8f:c7:5a:ec:bb:1b:
38:1e:7e:5c:63:d9:2e:59:dc:12:2b:59:30:6a:f3:
a0:f0:a3:24:11:9d:a1:3e:45:5a:51:f0:70:8a:3a:
83:a7:55:5d:34:8d:9a:f2:b4:1e:4e:fe:08:a8:c6:
43:a0:44:53:83:08:da:8c:b1:05:4a:85:fe:69:39:
9d:90:56:8b:a1:5d:31:b7:5c:15:71:d3:67:5b:4e:
0f:83:84:cc:0a:62:78:15:3c:cb:24:03:c6:3a:31:
72:cf:1c:a7:ba:35:f6:7d:bc:30:0c:03:4c:d3:57:
c1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2A:81:15:9B:88:F7:B7:D0:36:86:8C:C1:A8:32:97:95:52:4B:09
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.10.0/24
Signature Algorithm: sha256WithRSAEncryption
13:e8:74:2c:d3:7a:62:0b:81:ae:1a:bc:bc:4c:af:75:fe:c8:
d9:35:33:b6:3d:14:83:30:53:4a:70:a3:10:74:c5:b0:92:24:
3c:1c:18:b8:ea:0b:a4:35:79:dd:63:5e:74:82:8b:c0:d7:bd:
b5:46:47:d8:94:66:18:5d:85:d3:55:79:6f:56:71:74:13:68:
d6:21:c8:69:34:a1:04:a4:b8:f0:08:45:bd:de:2c:ce:ee:8c:
09:43:25:d3:1a:02:dd:56:f7:32:55:40:a7:1f:11:66:7b:51:
80:7f:97:d9:0c:99:98:7b:28:8d:b7:76:99:74:ea:89:81:84:
42:e9:dd:87:63:81:ea:fb:5e:6f:fe:0f:e7:6a:5b:5e:d8:2f:
d6:b1:3f:bb:85:b2:d8:ca:fa:d3:96:22:17:74:59:4b:59:6c:
36:cc:26:4b:60:ac:35:5f:ed:fd:47:a3:5e:19:61:9b:f8:89:
b6:00:7b:a9:71:3a:af:e7:bd:b7:71:0b:fb:79:44:0c:9a:f7:
e3:da:c9:36:a9:b9:18:e4:b3:04:46:c9:67:ab:fc:80:0f:1a:
a6:12:1b:2a:5f:70:ee:9f:cf:32:ba:c0:04:31:56:e1:97:4e:
6c:d2:c4:0b:66:fb:9d:85:fd:c0:a9:2f:00:c5:b2:06:a5:bc:
66:a1:d4:8b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUIsE+NOJe3T5oiy6VOOL9WO5uUecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDA4MDIxMTA1MzhaFw0yNTA4MDExMTEwMzhaMDMxMTAvBgNV
BAMTKDQ5MkE4MTE1OUI4OEY3QjdEMDM2ODY4Q0MxQTgzMjk3OTU1MjRCMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/REr7QihQ3Nr1OwWpswuUit3F
7EmlHJTvoLvzV55uhoMxOuG/rhlrlevTk0vBE5zcyjyMpG4Xsd7HsT8ty32npEuE
N/kYjB5rU3t4G7Bwxsr+Pj8FHvStKjSjVhIQ1ZUwaAa9507CTstwZ61BqnKxaaWQ
F5fKeoNuiBqKIXTBi2eRE3j6mgLFf1NSytbRSY/HWuy7Gzgeflxj2S5Z3BIrWTBq
86DwoyQRnaE+RVpR8HCKOoOnVV00jZrytB5O/gioxkOgRFODCNqMsQVKhf5pOZ2Q
VouhXTG3XBVx02dbTg+DhMwKYngVPMskA8Y6MXLPHKe6NfZ9vDAMA0zTV8GNAgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUSSqBFZuI97fQNoaMwagyl5VSSwkwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgaEGCCsGAQUFBwELBIGUMIGRMIGOBggrBgEFBQcwC4aBgXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzgzODJlMzEzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVgKMA0GCSqGSIb3
DQEBCwUAA4IBAQAT6HQs03piC4GuGry8TK91/sjZNTO2PRSDMFNKcKMQdMWwkiQ8
HBi46gukNXndY150govA1721RkfYlGYYXYXTVXlvVnF0E2jWIchpNKEEpLjwCEW9
3izO7owJQyXTGgLdVvcyVUCnHxFme1GAf5fZDJmYeyiNt3aZdOqJgYRC6d2HY4Hq
+15v/g/nalte2C/WsT+7hbLYyvrTliIXdFlLWWw2zCZLYKw1X+39R6NeGWGb+Im2
AHupcTqv5723cQv7eUQMmvfj2sk2qbkY5LMERslnq/yADxqmEhsqX3Dun88yusAE
MVbhl05s0sQLZvudhf3AqS8AxbIGpbxmodSL
-----END CERTIFICATE-----
Generated at Wed Oct 2 08:53:01 2024 by rpki-client on console-fra.rpki-client.org