Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32332d3234203d3e20383334.roa
File: 34352e38392e3134382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: 1Dxr0SF5cFplsYNIAtNeu0hWE9sfCrKr+JIerD58fUk=
Subject key identifier: 8E:FC:0A:EF:8C:BA:17:74:44:09:5D:35:DC:6B:5A:B7:FD:6C:1B:0A
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 56CFA5CF53CF76C3FAD06065BBE3145F188D4996
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32332d3234203d3e20383334.roa
Signing time: Fri 31 Mar 2023 14:47:15 +0000
ROA not before: Fri 31 Mar 2023 14:42:15 +0000
ROA not after: Fri 29 Mar 2024 14:47:15 +0000
asID: 834
IP address blocks: 45.89.148.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:cf:a5:cf:53:cf:76:c3:fa:d0:60:65:bb:e3:14:5f:18:8d:49:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Mar 31 14:42:15 2023 GMT
Not After : Mar 29 14:47:15 2024 GMT
Subject: CN=8EFC0AEF8CBA177444095D35DC6B5AB7FD6C1B0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:48:34:cd:38:e8:7a:66:65:ee:27:95:3b:aa:
73:19:89:2e:e8:86:bb:3a:3d:84:74:f6:7d:78:d1:
a6:e8:8d:1a:51:28:90:b9:8b:ae:01:37:70:ac:3f:
14:18:d8:b3:f8:d0:89:39:46:d4:01:4d:e4:6c:97:
39:ba:45:0d:47:8a:80:5b:36:47:8a:d9:fc:60:81:
ac:2f:4d:28:52:7e:09:92:89:64:d6:5f:c6:3d:a9:
69:dd:f5:2d:80:9e:52:79:7a:cc:e6:a1:5c:56:a3:
aa:9e:af:ba:13:43:87:e0:8c:15:2d:2e:d0:30:30:
c4:c9:d3:c1:54:d2:43:bc:6c:53:f0:d9:5d:ed:27:
2d:71:19:23:02:14:74:16:31:c0:a8:22:69:6f:05:
ea:24:6d:c6:5f:bc:f4:0f:29:c6:cc:84:8b:a1:5f:
e2:a8:98:51:b7:4b:ea:34:62:66:88:09:9f:12:39:
42:04:0a:cf:8a:bd:4c:f1:95:d6:ef:ca:10:b8:e4:
80:97:74:6f:19:d4:ba:a9:50:11:8f:e8:47:a8:d4:
c7:c7:87:a8:6d:36:29:85:6d:d6:2e:07:87:c9:6b:
7f:42:c1:f5:33:8b:27:ac:bc:06:d3:f1:e9:b1:6b:
5a:a3:a8:02:3a:38:1f:20:46:d8:d7:c7:38:d1:59:
08:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FC:0A:EF:8C:BA:17:74:44:09:5D:35:DC:6B:5A:B7:FD:6C:1B:0A
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.148.0/23
Signature Algorithm: sha256WithRSAEncryption
90:2f:8b:e9:5b:77:d9:47:fc:f3:67:12:53:53:a6:43:93:2d:
ee:f8:df:c2:ee:39:8f:47:ec:80:bd:25:ae:6e:6c:dc:f8:51:
81:5c:64:96:34:d0:36:5b:a9:82:cf:a6:7c:ff:0d:82:1d:7d:
d2:c8:da:b7:e8:90:ca:9f:05:a7:69:51:86:ec:5b:e1:dc:fa:
40:cb:47:36:01:5d:de:3c:30:5d:7a:56:20:62:15:c0:8c:c1:
7a:42:e2:48:ec:14:32:77:29:eb:59:a8:95:16:a9:24:86:63:
2a:bc:41:85:a0:ae:57:bc:a1:a2:95:12:15:db:c3:1e:45:61:
ec:2a:0d:cd:9b:0a:7e:43:11:34:dd:e7:aa:a5:da:da:62:3e:
8e:c7:5b:16:43:8a:66:d4:1f:23:83:65:ef:fc:08:72:cf:f4:
9d:21:3c:94:7c:4c:18:94:6a:4d:92:03:63:c4:d8:2d:57:17:
61:6a:14:9e:40:c7:d9:1e:9e:93:7c:46:7f:6a:bb:bb:82:d3:
2a:2f:73:c6:d7:5d:3c:df:75:67:c1:12:db:4c:eb:5d:22:65:
0d:9d:28:9c:ba:ed:3d:15:14:84:e7:a4:29:98:89:c1:fc:04:
4a:9f:ce:c4:72:8d:23:c4:aa:e9:ee:6d:93:a9:91:87:f0:a0:
9e:7b:e5:ce
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUVs+lz1PPdsP60GBlu+MUXxiNSZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzAzMzExNDQyMTVaFw0yNDAzMjkxNDQ3MTVaMDMxMTAvBgNV
BAMTKDhFRkMwQUVGOENCQTE3NzQ0NDA5NUQzNURDNkI1QUI3RkQ2QzFCMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBSDTNOOh6ZmXuJ5U7qnMZiS7o
hrs6PYR09n140abojRpRKJC5i64BN3CsPxQY2LP40Ik5RtQBTeRslzm6RQ1HioBb
NkeK2fxggawvTShSfgmSiWTWX8Y9qWnd9S2AnlJ5eszmoVxWo6qer7oTQ4fgjBUt
LtAwMMTJ08FU0kO8bFPw2V3tJy1xGSMCFHQWMcCoImlvBeokbcZfvPQPKcbMhIuh
X+KomFG3S+o0YmaICZ8SOUIECs+KvUzxldbvyhC45ICXdG8Z1LqpUBGP6Eeo1MfH
h6htNimFbdYuB4fJa39CwfUziyesvAbT8emxa1qjqAI6OB8gRtjXxzjRWQipAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUjvwK74y6F3RECV013Gtat/1sGwowHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzgzOTJlMzEzNDM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVmUMA0G
CSqGSIb3DQEBCwUAA4IBAQCQL4vpW3fZR/zzZxJTU6ZDky3u+N/C7jmPR+yAvSWu
bmzc+FGBXGSWNNA2W6mCz6Z8/w2CHX3SyNq36JDKnwWnaVGG7Fvh3PpAy0c2AV3e
PDBdelYgYhXAjMF6QuJI7BQydynrWaiVFqkkhmMqvEGFoK5XvKGilRIV28MeRWHs
Kg3Nmwp+QxE03eeqpdraYj6Ox1sWQ4pm1B8jg2Xv/Ahyz/SdITyUfEwYlGpNkgNj
xNgtVxdhahSeQMfZHp6TfEZ/aru7gtMqL3PG110833VnwRLbTOtdImUNnSicuu09
FRSE56QpmInB/ARKn87Eco0jxKrp7m2TqZGH8KCee+XO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:57 2023 by rpki-client on console-fra.rpki-client.org