Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e20383334.roa
File: 34352e38382e31302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: I1oSUulSxMAdM5p2vrg3E2NHmtsPBAX8Lh3dLyePdjA=
Subject key identifier: 8C:78:49:68:99:0E:0D:63:D9:C3:55:9F:2F:6B:9E:92:E3:C1:EC:7D
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 503EF95D3D7BAA20B12B870EE636796AA21BD81D
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e20383334.roa
Signing time: Fri 03 Jan 2025 00:04:04 +0000
ROA not before: Thu 02 Jan 2025 23:59:04 +0000
ROA not after: Fri 02 Jan 2026 00:04:04 +0000
asID: 834
IP address blocks: 45.88.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:3e:f9:5d:3d:7b:aa:20:b1:2b:87:0e:e6:36:79:6a:a2:1b:d8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Jan 2 23:59:04 2025 GMT
Not After : Jan 2 00:04:04 2026 GMT
Subject: CN=8C784968990E0D63D9C3559F2F6B9E92E3C1EC7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:87:f9:5f:a9:df:8d:e9:4c:b2:aa:6d:b8:f4:
6b:66:ab:04:3e:a4:35:a4:0a:4f:21:79:9a:a5:12:
5b:d9:71:af:30:da:00:68:5b:dc:9f:d5:13:56:ad:
1e:1b:98:c0:ca:78:59:c3:48:b9:22:e5:ee:8b:e7:
f3:00:3b:86:3c:5d:a3:a8:fa:63:f5:e8:3e:ef:86:
3d:46:b1:5d:ea:da:9a:43:9b:24:dc:80:1b:10:64:
0c:e2:ce:b9:15:62:78:57:99:6c:f3:91:ab:a4:0f:
8a:67:6c:5e:d3:b1:e4:0e:45:db:57:3b:c4:d5:2c:
03:88:3f:89:57:53:e6:b0:32:7d:f9:92:27:62:e8:
f8:25:a7:5c:19:68:e1:99:b8:fd:58:12:b5:7c:53:
a0:17:4e:f9:55:27:9a:0a:fe:8f:33:e4:04:7b:7e:
6d:fa:65:7e:ea:ca:da:f0:b7:06:78:8b:47:0e:a1:
31:ba:8f:3e:47:99:8c:75:6d:fa:33:c8:40:86:4c:
06:cb:f1:05:f7:5f:74:18:3c:af:0f:7f:73:2d:02:
2e:46:69:ab:59:a3:3d:7c:30:b2:94:90:a4:9c:ba:
35:ae:14:45:cb:ff:96:fb:21:33:3a:61:f2:7e:e8:
e8:c0:ef:35:fc:cc:23:94:19:f7:6b:96:72:34:d9:
a8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:78:49:68:99:0E:0D:63:D9:C3:55:9F:2F:6B:9E:92:E3:C1:EC:7D
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e31302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.10.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:00:8a:f4:34:02:c1:6c:25:07:73:47:d6:69:ec:30:21:2e:
2b:45:89:84:eb:0f:df:bb:d2:21:35:d0:98:42:79:1d:a9:eb:
7e:d4:fb:7d:71:7a:63:ba:82:de:ed:27:93:b0:20:19:dc:a8:
92:ea:d9:af:82:66:35:19:b2:1f:47:3a:b5:9d:94:06:51:44:
f7:fa:38:42:f5:22:e9:c0:c7:94:6e:2c:90:91:67:90:ef:91:
4a:9a:a1:65:ac:21:cb:7f:69:b6:9e:b8:13:29:20:9c:dd:39:
66:3a:3b:99:b6:a1:a6:bf:df:1d:5e:f8:24:09:de:08:4a:bf:
01:12:e8:8a:ba:0f:f0:bb:41:cb:18:83:99:b0:ba:8b:26:90:
6c:f5:3d:77:ec:bf:39:b4:39:6b:6f:08:cc:62:e5:0f:40:97:
8a:1a:c4:8d:87:cf:9f:b7:d6:0a:9e:c4:2c:1a:9c:36:02:bf:
0a:a4:34:e3:ce:d3:bf:53:76:ac:b0:8c:6e:bc:6a:14:04:10:
6a:27:51:e6:6a:58:27:86:0d:94:64:85:18:53:36:b7:f0:6f:
30:d2:e0:8f:ad:8a:7a:78:ec:f1:ef:5d:9f:94:a9:b3:99:40:
53:ad:0a:e8:8a:43:07:73:c7:97:76:67:cd:6e:64:03:d3:d1:
0e:71:ad:43
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUUD75XT17qiCxK4cO5jZ5aqIb2B0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTAxMDIyMzU5MDRaFw0yNjAxMDIwMDA0MDRaMDMxMTAvBgNV
BAMTKDhDNzg0OTY4OTkwRTBENjNEOUMzNTU5RjJGNkI5RTkyRTNDMUVDN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNh/lfqd+N6Uyyqm249GtmqwQ+
pDWkCk8heZqlElvZca8w2gBoW9yf1RNWrR4bmMDKeFnDSLki5e6L5/MAO4Y8XaOo
+mP16D7vhj1GsV3q2ppDmyTcgBsQZAzizrkVYnhXmWzzkaukD4pnbF7TseQORdtX
O8TVLAOIP4lXU+awMn35kidi6Pglp1wZaOGZuP1YErV8U6AXTvlVJ5oK/o8z5AR7
fm36ZX7qytrwtwZ4i0cOoTG6jz5HmYx1bfozyECGTAbL8QX3X3QYPK8Pf3MtAi5G
aatZoz18MLKUkKScujWuFEXL/5b7ITM6YfJ+6OjA7zX8zCOUGfdrlnI02agLAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUjHhJaJkODWPZw1WfL2uekuPB7H0wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzgzODJlMzEzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1YCjANBgkq
hkiG9w0BAQsFAAOCAQEA3QCK9DQCwWwlB3NH1mnsMCEuK0WJhOsP37vSITXQmEJ5
HanrftT7fXF6Y7qC3u0nk7AgGdyokurZr4JmNRmyH0c6tZ2UBlFE9/o4QvUi6cDH
lG4skJFnkO+RSpqhZawhy39ptp64EykgnN05Zjo7mbahpr/fHV74JAneCEq/ARLo
iroP8LtByxiDmbC6iyaQbPU9d+y/ObQ5a28IzGLlD0CXihrEjYfPn7fWCp7ELBqc
NgK/CqQ0487Tv1N2rLCMbrxqFAQQaidR5mpYJ4YNlGSFGFM2t/BvMNLgj62Kenjs
8e9dn5Sps5lAU60K6IpDB3PHl3ZnzW5kA9PRDnGtQw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:22:09 2025 by rpki-client