Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3135302e302f32332d3234203d3e2033333230.roa
File: 34352e38392e3135302e302f32332d3234203d3e2033333230.roa (raw, json)
Hash identifier: 3NIwwcs/I5ZtQTeYq42A5xcgYSn2T5PNyntVVyFUTTY=
Subject key identifier: D4:43:31:49:00:E1:37:C8:64:91:F4:A9:25:52:9B:16:B9:AF:E9:EF
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 55D903CFB9BC1BFA410BD3EA8ECDD6FC65D69761
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3135302e302f32332d3234203d3e2033333230.roa
Signing time: Fri 31 Mar 2023 14:48:36 +0000
ROA not before: Fri 31 Mar 2023 14:43:36 +0000
ROA not after: Fri 29 Mar 2024 14:48:36 +0000
asID: 3320
IP address blocks: 45.89.150.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d9:03:cf:b9:bc:1b:fa:41:0b:d3:ea:8e:cd:d6:fc:65:d6:97:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Mar 31 14:43:36 2023 GMT
Not After : Mar 29 14:48:36 2024 GMT
Subject: CN=D443314900E137C86491F4A925529B16B9AFE9EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ae:50:1c:ba:9d:78:92:37:1b:4a:be:6b:4d:
ec:0c:86:67:ce:16:7f:e7:6c:10:4f:6a:a7:15:0c:
f4:6b:82:20:b1:9a:7d:11:b7:79:5e:4d:9d:4f:f1:
c8:9e:5f:76:7a:1f:f9:fb:9a:84:24:ae:3c:f5:cd:
37:bf:40:55:4a:01:ea:ea:73:0e:14:ce:a6:9a:98:
a8:c2:24:3c:e1:30:1f:8f:15:6d:b5:b7:2d:49:b4:
47:3d:48:e4:c7:ee:f1:44:02:ed:e6:37:2b:82:5c:
2f:7c:05:4b:46:cb:be:f9:a9:ee:d7:5d:ed:a0:15:
f1:9d:75:e8:ec:00:de:ac:e3:f4:95:28:4d:82:98:
c3:b2:60:79:38:eb:df:a0:19:58:7c:ea:4b:58:c3:
4e:92:d7:35:c6:5f:2b:9f:25:1f:a5:9d:01:dc:19:
5b:3c:fc:28:e8:e0:16:d1:9c:81:8b:0f:61:55:f4:
8d:6e:90:01:0f:ad:22:9d:2a:2a:fb:2a:01:10:27:
a0:59:53:7a:59:a7:f5:bd:80:e6:17:67:84:70:82:
91:77:30:5b:67:a0:36:66:2e:3a:c9:f9:37:7e:9d:
1d:a5:d6:04:7e:cb:db:2d:3c:71:ca:fe:1c:9e:38:
56:68:95:65:b0:10:c3:f7:67:8b:c2:ac:50:01:3b:
24:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:43:31:49:00:E1:37:C8:64:91:F4:A9:25:52:9B:16:B9:AF:E9:EF
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3135302e302f32332d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.150.0/23
Signature Algorithm: sha256WithRSAEncryption
10:7c:6b:0d:a6:8e:86:fc:34:68:97:8a:80:70:be:15:fb:46:
cb:1e:f4:62:c2:c5:5a:95:b0:3b:89:9b:25:dc:e9:e4:33:61:
07:4f:73:59:2c:60:b5:4d:19:aa:6e:6a:db:ef:f7:e8:e6:bd:
b0:e7:46:94:7d:7d:81:6c:68:28:87:4e:ad:48:50:9b:5d:96:
44:8b:ec:e3:86:f3:d1:48:f1:bc:b4:f8:9e:e2:14:a8:5c:31:
0b:0e:b3:4d:08:ff:5a:d6:a4:64:88:d4:d7:fd:c0:e1:0e:44:
55:5b:2a:36:64:41:b7:7b:51:9e:d9:9f:f6:66:6f:e3:5a:48:
9b:d9:d3:98:85:e2:9f:48:37:94:15:3f:13:72:54:21:14:19:
0b:eb:57:f9:a2:d4:f7:a6:fa:dd:77:e2:d8:5a:b7:1e:50:9c:
c0:e1:1f:2f:2b:5a:ce:81:2b:b0:4c:4b:2c:dc:1d:6d:ce:b1:
12:4b:e5:f4:73:2d:56:d7:19:c4:a6:56:01:2b:2f:0f:cb:fc:
98:82:47:94:2d:a6:fc:a9:1a:4e:67:84:61:3c:bf:8f:73:b9:
95:65:e0:9d:47:47:6f:c3:e2:69:24:89:08:e3:6d:00:84:5f:
3c:f9:4d:1f:85:d8:b2:8d:50:0e:df:f3:d2:83:50:4e:0c:c7:
e8:29:72:3c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUVdkDz7m8G/pBC9Pqjs3W/GXWl2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzAzMzExNDQzMzZaFw0yNDAzMjkxNDQ4MzZaMDMxMTAvBgNV
BAMTKEQ0NDMzMTQ5MDBFMTM3Qzg2NDkxRjRBOTI1NTI5QjE2QjlBRkU5RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+rlAcup14kjcbSr5rTewMhmfO
Fn/nbBBPaqcVDPRrgiCxmn0Rt3leTZ1P8cieX3Z6H/n7moQkrjz1zTe/QFVKAerq
cw4UzqaamKjCJDzhMB+PFW21ty1JtEc9SOTH7vFEAu3mNyuCXC98BUtGy775qe7X
Xe2gFfGddejsAN6s4/SVKE2CmMOyYHk469+gGVh86ktYw06S1zXGXyufJR+lnQHc
GVs8/Cjo4BbRnIGLD2FV9I1ukAEPrSKdKir7KgEQJ6BZU3pZp/W9gOYXZ4RwgpF3
MFtnoDZmLjrJ+Td+nR2l1gR+y9stPHHK/hyeOFZolWWwEMP3Z4vCrFABOyQPAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU1EMxSQDhN8hkkfSpJVKbFrmv6e8wHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzgzOTJlMzEzNTMw
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzMzMzMyMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtWZYw
DQYJKoZIhvcNAQELBQADggEBABB8aw2mjob8NGiXioBwvhX7Rsse9GLCxVqVsDuJ
myXc6eQzYQdPc1ksYLVNGapuatvv9+jmvbDnRpR9fYFsaCiHTq1IUJtdlkSL7OOG
89FI8by0+J7iFKhcMQsOs00I/1rWpGSI1Nf9wOEORFVbKjZkQbd7UZ7Zn/Zmb+Na
SJvZ05iF4p9IN5QVPxNyVCEUGQvrV/mi1Pem+t134thatx5QnMDhHy8rWs6BK7BM
SyzcHW3OsRJL5fRzLVbXGcSmVgErLw/L/JiCR5QtpvypGk5nhGE8v49zuZVl4J1H
R2/D4mkkiQjjbQCEXzz5TR+F2LKNUA7f89KDUE4Mx+gpcjw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-fra.rpki-client.org