Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e20383334.roa
File: 34352e39352e38312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 6FC2h9KNPZUy5HMfRu0ybrf+3aOq34XskjjHVLw7PSE=
Subject key identifier: D6:5D:3B:81:FD:DF:F7:03:73:5C:D7:24:40:AF:BA:40:BF:EC:0F:AB
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 05B3AAD35E6CA6BAA24DA72F86C8449B0F95157F
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e20383334.roa
Signing time: Thu 02 Jan 2025 07:42:55 +0000
ROA not before: Thu 02 Jan 2025 07:37:55 +0000
ROA not after: Thu 01 Jan 2026 07:42:55 +0000
asID: 834
IP address blocks: 45.95.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 06:09:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:b3:aa:d3:5e:6c:a6:ba:a2:4d:a7:2f:86:c8:44:9b:0f:95:15:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Jan 2 07:37:55 2025 GMT
Not After : Jan 1 07:42:55 2026 GMT
Subject: CN=D65D3B81FDDFF703735CD72440AFBA40BFEC0FAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4f:f3:c1:bb:ca:f7:0f:74:8b:9f:e3:38:da:
40:00:dc:a9:41:bc:44:6a:65:3d:78:61:62:2e:c4:
bb:ed:25:3e:0f:1e:31:52:ae:aa:18:a7:d8:91:94:
5f:d9:ce:39:1b:dd:53:66:63:2d:2f:96:63:9a:ee:
36:ee:0d:83:2f:b0:02:bf:03:68:e9:0e:50:b7:f1:
fd:49:78:0e:31:d8:25:c9:37:8c:c7:f5:23:16:11:
04:13:68:ed:f9:b2:e9:b9:c7:dc:30:8f:ce:c5:b2:
6c:64:85:17:73:6a:c0:bd:78:1e:c6:33:48:24:93:
c7:c0:70:55:69:34:c5:10:6d:22:4b:ab:41:26:5b:
1d:69:b5:21:c7:b8:ed:b2:e6:28:cb:4a:3a:ed:a5:
ed:14:73:a2:78:12:8a:bd:8e:3b:60:d7:6c:cc:eb:
b4:26:2a:c6:61:48:77:71:00:39:bf:16:68:dd:8d:
4e:0b:24:5d:4e:20:1f:dc:b8:16:6b:0e:e9:b2:90:
84:ea:24:15:6d:5c:dc:91:f4:cf:c6:f4:1f:8a:90:
2a:69:35:b6:88:e5:4b:a7:c4:06:cb:86:3a:52:d3:
5a:e6:c5:f6:94:57:cc:4a:21:49:94:1a:ed:26:f0:
6a:bd:f9:e8:55:f2:3e:51:5a:26:90:87:51:81:92:
bc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:5D:3B:81:FD:DF:F7:03:73:5C:D7:24:40:AF:BA:40:BF:EC:0F:AB
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.81.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:59:cb:77:3e:3b:19:c5:e6:ae:9e:1b:e7:88:d4:cc:a1:5d:
68:b1:26:c5:6d:27:c2:ea:25:34:ad:02:44:84:f0:d8:df:b5:
4b:21:10:64:56:2a:50:ba:53:e4:ea:d4:d0:d3:4a:a4:9a:99:
10:1f:d6:60:8b:f3:b2:6e:ba:bd:97:4d:d0:83:f9:8c:a9:11:
d1:8c:a6:5e:72:27:34:79:69:67:2a:7c:37:f1:4c:a9:a0:cb:
a0:ba:34:9c:39:5a:38:bc:b7:eb:88:6a:7c:45:1f:78:d9:ed:
35:ec:db:fa:35:6e:c7:62:ce:b2:98:ea:dd:a9:df:63:67:f8:
48:5a:95:43:c2:6f:1c:b9:74:98:19:91:6e:39:e8:60:23:ef:
ac:a1:b1:ed:c6:79:86:93:5d:c4:05:6a:a9:0b:d0:30:0f:ea:
a3:21:fa:fe:bc:ee:b0:66:63:9e:d9:fa:d3:9d:9a:e1:20:c8:
2f:d0:53:b9:23:8c:1a:3e:4b:1c:b2:5d:d9:f1:dc:83:dc:b5:
db:8d:47:ae:95:da:88:77:80:92:db:fd:28:30:ae:02:0f:8b:
9d:3c:46:98:96:7d:ab:10:ab:c5:96:20:77:84:0b:d6:f3:b0:
57:69:54:60:b2:38:e4:92:be:59:49:72:0b:63:87:78:54:b4:
41:7a:38:64
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUBbOq015sprqiTacvhshEmw+VFX8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTAxMDIwNzM3NTVaFw0yNjAxMDEwNzQyNTVaMDMxMTAvBgNV
BAMTKEQ2NUQzQjgxRkRERkY3MDM3MzVDRDcyNDQwQUZCQTQwQkZFQzBGQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfT/PBu8r3D3SLn+M42kAA3KlB
vERqZT14YWIuxLvtJT4PHjFSrqoYp9iRlF/Zzjkb3VNmYy0vlmOa7jbuDYMvsAK/
A2jpDlC38f1JeA4x2CXJN4zH9SMWEQQTaO35sum5x9wwj87FsmxkhRdzasC9eB7G
M0gkk8fAcFVpNMUQbSJLq0EmWx1ptSHHuO2y5ijLSjrtpe0Uc6J4Eoq9jjtg12zM
67QmKsZhSHdxADm/FmjdjU4LJF1OIB/cuBZrDumykITqJBVtXNyR9M/G9B+KkCpp
NbaI5UunxAbLhjpS01rmxfaUV8xKIUmUGu0m8Gq9+ehV8j5RWiaQh1GBkrwtAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU1l07gf3f9wNzXNckQK+6QL/sD6swHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzQzNTJlMzkzNTJlMzgzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1fUTANBgkq
hkiG9w0BAQsFAAOCAQEATVnLdz47GcXmrp4b54jUzKFdaLEmxW0nwuolNK0CRITw
2N+1SyEQZFYqULpT5OrU0NNKpJqZEB/WYIvzsm66vZdN0IP5jKkR0YymXnInNHlp
Zyp8N/FMqaDLoLo0nDlaOLy364hqfEUfeNntNezb+jVux2LOspjq3anfY2f4SFqV
Q8JvHLl0mBmRbjnoYCPvrKGx7cZ5hpNdxAVqqQvQMA/qoyH6/rzusGZjntn6052a
4SDIL9BTuSOMGj5LHLJd2fHcg9y1241HrpXaiHeAktv9KDCuAg+LnTxGmJZ9qxCr
xZYgd4QL1vOwV2lUYLI45JK+WUlyC2OHeFS0QXo4ZA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:14:18 2025 by rpki-client