Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31322e302f32332d3234203d3e2033333230.roa
File: 34352e3132382e31322e302f32332d3234203d3e2033333230.roa (raw, json)
Hash identifier: ZZaXLAZJIMYfbi5vIB2mVlOiPlBnN5YY+/D7bTeJB9Q=
Subject key identifier: 91:5C:C6:80:EA:FE:65:61:CE:AB:FA:FA:FC:9D:8D:73:D4:DD:F1:02
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 0194CA3566C98462B0E260BB4161B231C2034DE6
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31322e302f32332d3234203d3e2033333230.roa
Signing time: Wed 05 Apr 2023 11:55:31 +0000
ROA not before: Wed 05 Apr 2023 11:50:31 +0000
ROA not after: Wed 03 Apr 2024 11:55:31 +0000
asID: 3320
IP address blocks: 45.128.12.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:35:66:c9:84:62:b0:e2:60:bb:41:61:b2:31:c2:03:4d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Apr 5 11:50:31 2023 GMT
Not After : Apr 3 11:55:31 2024 GMT
Subject: CN=915CC680EAFE6561CEABFAFAFC9D8D73D4DDF102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9a:c3:75:a1:6e:f5:42:31:56:26:8a:65:3e:
01:2f:86:0e:43:bb:f6:72:2e:74:1a:d6:35:ea:70:
ab:1c:71:a8:66:a5:80:02:c3:a2:c7:f5:b8:34:7b:
99:c3:39:c1:69:b5:00:3c:d1:a5:a1:16:b7:17:42:
97:10:4e:9c:8b:f6:e4:8d:ce:6d:d7:4f:19:c2:c4:
49:68:ac:9b:d0:38:03:67:a6:12:50:33:d4:4d:99:
16:68:23:ac:41:88:db:38:f0:85:07:70:38:de:83:
20:1a:ae:48:5a:97:36:15:a7:ce:bf:ac:1c:4d:d8:
81:87:6a:4b:4a:79:78:61:c1:5b:6c:03:d9:0c:aa:
de:95:07:ae:de:4c:4e:e6:a6:aa:aa:64:5d:5f:41:
9a:87:c9:e6:82:b2:94:e6:fb:f8:20:ac:d9:96:37:
09:40:13:33:bd:c6:33:83:05:b0:47:6c:e4:99:c4:
ec:86:ed:19:71:72:a7:5b:c2:9a:e7:0b:4d:c8:b8:
54:d7:62:58:fe:33:23:d8:13:8e:49:73:34:96:8f:
1f:a0:ee:c9:0e:9e:31:ae:12:66:40:48:52:57:0c:
40:a5:c4:a3:fc:09:e8:d9:41:60:99:9f:8d:c1:86:
57:27:46:59:1f:b0:ed:d4:68:25:4a:31:fc:c9:0a:
90:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5C:C6:80:EA:FE:65:61:CE:AB:FA:FA:FC:9D:8D:73:D4:DD:F1:02
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31322e302f32332d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.12.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:4a:7e:b5:e0:f8:6f:3b:c3:f3:c4:85:fa:3a:3e:24:bf:79:
ab:7d:50:29:6a:df:2b:5a:03:37:9f:4b:f2:6b:fc:76:67:55:
f6:fe:01:ba:20:d9:ed:bd:ca:3e:d8:87:62:90:eb:da:df:6c:
a8:0b:3d:fc:9c:24:20:a9:30:68:a0:c4:32:5f:85:d8:8d:0f:
0e:d8:f7:ee:b6:63:d9:39:78:b6:e6:14:ba:3d:9d:29:35:cc:
35:a4:ab:4b:4a:ef:b9:13:04:0c:86:d4:b9:89:09:d0:b8:84:
3c:99:9e:50:4e:85:6d:29:b0:5b:a2:07:f9:ae:7a:a9:5a:2b:
b9:c9:12:09:45:66:d5:98:6a:67:32:37:43:01:4d:67:2a:e3:
76:41:e3:85:b7:99:39:0d:c4:a0:34:6e:61:06:08:8f:b0:0c:
87:78:b2:4f:e9:68:23:28:5b:a4:6b:fb:39:a0:fe:dd:53:55:
01:91:3d:82:ad:1f:2b:90:d9:9d:0b:d8:ae:75:0d:7e:14:98:
81:a4:75:d8:f5:61:e8:dc:62:ee:59:16:a0:5d:81:ec:65:6b:
05:ad:83:93:4c:6d:2b:91:cd:77:63:7a:26:af:f6:4e:d8:a9:
da:9e:18:36:5e:ab:0b:07:66:c6:4c:fd:ed:a8:f4:a4:58:bf:
d5:2f:46:21
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUAZTKNWbJhGKw4mC7QWGyMcIDTeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzA0MDUxMTUwMzFaFw0yNDA0MDMxMTU1MzFaMDMxMTAvBgNV
BAMTKDkxNUNDNjgwRUFGRTY1NjFDRUFCRkFGQUZDOUQ4RDczRDREREYxMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXmsN1oW71QjFWJoplPgEvhg5D
u/ZyLnQa1jXqcKsccahmpYACw6LH9bg0e5nDOcFptQA80aWhFrcXQpcQTpyL9uSN
zm3XTxnCxElorJvQOANnphJQM9RNmRZoI6xBiNs48IUHcDjegyAarkhalzYVp86/
rBxN2IGHaktKeXhhwVtsA9kMqt6VB67eTE7mpqqqZF1fQZqHyeaCspTm+/ggrNmW
NwlAEzO9xjODBbBHbOSZxOyG7RlxcqdbwprnC03IuFTXYlj+MyPYE45JczSWjx+g
7skOnjGuEmZASFJXDEClxKP8CejZQWCZn43BhlcnRlkfsO3UaCVKMfzJCpDnAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUkVzGgOr+ZWHOq/r6/J2Nc9Td8QIwHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzEzMjM4MmUzMTMy
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzMzMzMyMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtgAww
DQYJKoZIhvcNAQELBQADggEBAGpKfrXg+G87w/PEhfo6PiS/eat9UClq3ytaAzef
S/Jr/HZnVfb+Abog2e29yj7Yh2KQ69rfbKgLPfycJCCpMGigxDJfhdiNDw7Y9+62
Y9k5eLbmFLo9nSk1zDWkq0tK77kTBAyG1LmJCdC4hDyZnlBOhW0psFuiB/mueqla
K7nJEglFZtWYamcyN0MBTWcq43ZB44W3mTkNxKA0bmEGCI+wDId4sk/paCMoW6Rr
+zmg/t1TVQGRPYKtHyuQ2Z0L2K51DX4UmIGkddj1YejcYu5ZFqBdgexlawWtg5NM
bSuRzXdjeiav9k7YqdqeGDZeqwsHZsZM/e2o9KRYv9UvRiE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:57 2023 by rpki-client on console-fra.rpki-client.org