Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36362e302f32342d3234203d3e2035303635.roa
File: 34352e39352e36362e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: oRWO5vtbq4gtuSFOYgmbl6wxY2vAShNHGkzOCnJUGxI=
Subject key identifier: 21:16:7F:56:67:C7:64:51:2B:A1:EF:0A:23:31:61:B3:13:02:80:C5
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 51E47A5B2AFACDB3F39929A85006C05B7CB26C5B
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36362e302f32342d3234203d3e2035303635.roa
Signing time: Sun 22 Dec 2024 08:31:59 +0000
ROA not before: Sun 22 Dec 2024 08:26:59 +0000
ROA not after: Sun 21 Dec 2025 08:31:59 +0000
asID: 5065
IP address blocks: 45.95.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 16:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:e4:7a:5b:2a:fa:cd:b3:f3:99:29:a8:50:06:c0:5b:7c:b2:6c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Dec 22 08:26:59 2024 GMT
Not After : Dec 21 08:31:59 2025 GMT
Subject: CN=21167F5667C764512BA1EF0A233161B3130280C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:f2:fa:98:f8:2c:9b:83:88:ef:f8:9a:97:19:
52:6a:3f:6f:3d:c8:ad:1e:3c:77:ae:13:19:cf:20:
69:06:59:3b:7a:5d:f3:1a:a7:74:1d:4b:37:2b:00:
c1:7a:be:c2:a8:be:0e:f9:c1:03:1d:9b:49:4b:82:
f6:d2:55:56:e0:d2:65:38:dc:10:92:db:c5:33:05:
6b:81:8f:a8:52:9b:12:34:a7:59:6d:e5:2b:87:ca:
57:8c:e5:6a:79:6f:f2:85:3b:bd:2a:32:8d:f5:14:
4d:5c:cb:af:cd:88:b4:aa:c4:f2:42:01:ce:b7:d5:
2c:62:db:fe:27:75:65:e5:cc:e6:ad:69:02:72:af:
43:c1:c7:dc:01:56:74:11:1b:74:85:1d:6a:d3:fe:
0a:7a:9a:8a:77:c5:3d:e6:1d:29:de:e3:4e:62:a4:
9d:93:a2:40:1f:af:e5:10:10:33:e5:56:7f:c0:a6:
05:74:56:e2:5f:15:fc:14:8c:62:24:de:6f:45:6c:
d8:1f:79:4a:cc:c4:10:a3:49:b8:95:fc:66:ef:c1:
95:8e:c1:a5:7b:01:2d:46:06:0d:de:ae:be:20:34:
47:38:b6:d3:33:03:f5:33:6d:cc:f3:70:6c:7d:8e:
48:89:a7:60:41:19:32:b6:b0:40:56:6a:9d:09:cc:
7d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:16:7F:56:67:C7:64:51:2B:A1:EF:0A:23:31:61:B3:13:02:80:C5
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36362e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.66.0/24
Signature Algorithm: sha256WithRSAEncryption
99:03:92:73:48:c0:6b:86:e1:2c:d8:da:7e:1a:5a:40:53:c1:
88:a4:1c:dd:4f:94:93:e2:41:c3:f2:98:cd:35:f3:ae:04:64:
66:73:49:9c:d0:6e:d3:05:1b:26:b0:5e:23:cc:c4:d3:7d:e6:
d0:3b:38:7e:d2:7f:53:21:dd:8e:c8:e4:c2:86:69:94:0b:65:
41:b9:de:25:36:0b:b2:6a:f4:4e:26:f7:ec:d5:5d:2d:24:9a:
4f:32:56:bf:04:47:e6:0f:3b:1f:6c:a1:71:cf:ee:02:58:76:
02:2c:d1:b4:55:09:00:00:bb:06:1f:89:87:86:d6:24:fe:3d:
ae:ab:bf:c7:ec:57:0b:d1:f2:84:9d:7b:4b:fd:56:fb:1c:6f:
73:41:30:7d:f7:41:6b:da:71:56:0c:e4:40:34:67:79:ab:9f:
7e:de:bd:f1:7c:26:d4:2a:af:28:99:b1:18:f7:59:c6:08:31:
c2:99:21:ce:c4:3a:a0:e8:f2:05:ac:3e:74:e1:6e:36:e0:61:
31:c3:bd:4a:41:77:b3:f3:3e:98:0e:84:46:3d:4f:18:b8:9f:
e1:74:92:4d:0b:81:78:26:7f:58:94:92:97:f9:30:08:41:65:
6a:29:f6:8d:09:b8:ef:f3:7e:c3:d7:e0:e0:49:ab:4c:40:be:
dc:8e:0f:72
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUUeR6Wyr6zbPzmSmoUAbAW3yybFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNDEyMjIwODI2NTlaFw0yNTEyMjEwODMxNTlaMDMxMTAvBgNV
BAMTKDIxMTY3RjU2NjdDNzY0NTEyQkExRUYwQTIzMzE2MUIzMTMwMjgwQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw8vqY+Cybg4jv+JqXGVJqP289
yK0ePHeuExnPIGkGWTt6XfMap3QdSzcrAMF6vsKovg75wQMdm0lLgvbSVVbg0mU4
3BCS28UzBWuBj6hSmxI0p1lt5SuHyleM5Wp5b/KFO70qMo31FE1cy6/NiLSqxPJC
Ac631Sxi2/4ndWXlzOataQJyr0PBx9wBVnQRG3SFHWrT/gp6mop3xT3mHSne405i
pJ2TokAfr+UQEDPlVn/ApgV0VuJfFfwUjGIk3m9FbNgfeUrMxBCjSbiV/GbvwZWO
waV7AS1GBg3err4gNEc4ttMzA/UzbczzcGx9jkiJp2BBGTK2sEBWap0JzH1BAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUIRZ/VmfHZFEroe8KIzFhsxMCgMUwHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzkzNTJlMzYzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzAzNjM1LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9CMA0G
CSqGSIb3DQEBCwUAA4IBAQCZA5JzSMBrhuEs2Np+GlpAU8GIpBzdT5ST4kHD8pjN
NfOuBGRmc0mc0G7TBRsmsF4jzMTTfebQOzh+0n9TId2OyOTChmmUC2VBud4lNguy
avROJvfs1V0tJJpPMla/BEfmDzsfbKFxz+4CWHYCLNG0VQkAALsGH4mHhtYk/j2u
q7/H7FcL0fKEnXtL/Vb7HG9zQTB990Fr2nFWDORANGd5q59+3r3xfCbUKq8ombEY
91nGCDHCmSHOxDqg6PIFrD504W424GExw71KQXez8z6YDoRGPU8YuJ/hdJJNC4F4
Jn9YlJKX+TAIQWVqKfaNCbjv837D1+DgSatMQL7cjg9y
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:46:51 2025 by rpki-client