Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38322e302f32332d3234203d3e20383334.roa
File: 34352e39352e38322e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: H5uKHadwt0ROUp/58KsYAmdruppp+to8OJm1se50zmM=
Subject key identifier: DA:E8:1C:06:50:B8:5A:3B:2F:2B:E2:15:BC:AF:B5:4D:56:A7:EF:AE
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 53B01BA373C3388A888F44397643C0A3C84B679E
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38322e302f32332d3234203d3e20383334.roa
Signing time: Sun 02 Feb 2025 11:01:13 +0000
ROA not before: Sun 02 Feb 2025 10:56:13 +0000
ROA not after: Sun 01 Feb 2026 11:01:13 +0000
asID: 834
IP address blocks: 45.95.82.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 18:35:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:b0:1b:a3:73:c3:38:8a:88:8f:44:39:76:43:c0:a3:c8:4b:67:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Feb 2 10:56:13 2025 GMT
Not After : Feb 1 11:01:13 2026 GMT
Subject: CN=DAE81C0650B85A3B2F2BE215BCAFB54D56A7EFAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:db:e7:4b:b2:e9:15:51:f1:41:89:4e:9e:ac:
ef:98:47:a4:c8:57:8a:d3:69:07:18:80:56:d3:4a:
e2:62:6b:5e:65:21:00:a6:b8:ff:49:09:9e:5a:e9:
1d:9d:0c:8a:3a:b7:22:c0:62:c8:2f:3a:de:f9:28:
7e:4f:99:72:ae:e8:31:44:59:ab:cf:4a:94:31:47:
46:3c:8a:eb:95:c1:15:ad:b6:16:86:12:5e:06:6b:
18:73:0c:95:2e:c6:1c:4a:a4:e2:e1:0f:63:b7:f2:
78:a3:38:0a:45:f5:da:42:18:f6:c8:e5:8c:9b:ec:
3d:a3:2b:ad:62:d1:e2:8c:30:56:e2:2f:08:02:88:
af:07:2e:ee:1f:60:70:e9:2a:57:09:b0:2d:1d:48:
6e:ef:99:fc:df:63:eb:27:37:86:c8:cd:75:25:ce:
6b:53:90:85:a5:87:60:40:4e:c8:48:5f:af:f7:a4:
33:1f:da:94:cf:aa:49:11:49:e0:c6:6e:37:22:c2:
21:fb:8f:79:cf:61:9a:2b:58:72:9a:ae:ac:ee:95:
35:0e:d0:f2:e1:b3:2e:98:6f:00:1f:57:16:69:b9:
86:cd:35:9c:0c:cc:65:3f:56:20:c5:19:0a:a4:54:
ca:a8:48:46:40:9d:fd:eb:44:bc:a5:88:44:81:b4:
90:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:E8:1C:06:50:B8:5A:3B:2F:2B:E2:15:BC:AF:B5:4D:56:A7:EF:AE
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/34352e39352e38322e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.82.0/23
Signature Algorithm: sha256WithRSAEncryption
22:76:73:43:a8:e1:73:5a:66:09:f6:2c:25:3e:ff:a9:72:a2:
49:48:4f:80:bd:26:60:63:c3:77:65:66:d4:a3:38:fe:b1:3f:
2e:4e:92:f0:9f:a1:e2:2b:1b:01:24:91:24:9e:b4:3d:f4:10:
8e:77:11:60:db:4f:1d:76:a3:86:72:35:1f:87:a3:05:6d:d9:
2b:86:54:00:75:d0:4a:c1:17:7d:20:78:8c:12:5e:c3:d5:6e:
6a:de:c5:04:79:3c:b9:b3:24:de:46:b4:89:55:50:f8:bd:58:
68:d8:05:e0:a6:b3:b2:94:6c:d3:6e:b3:8f:b2:35:05:76:05:
7e:18:56:2f:e2:28:ad:f9:72:6b:63:9f:84:08:79:fd:59:14:
74:80:3e:61:b8:4d:e9:8d:9b:a4:15:08:66:23:cf:93:a6:d2:
11:be:3a:39:b1:29:4d:a6:ae:34:1e:26:89:af:63:6b:90:91:
e0:b4:8c:ca:1b:d2:57:5b:2a:41:a2:4d:fb:4a:1e:9b:33:ac:
ea:a9:db:45:1e:91:a5:de:12:59:d7:2b:c4:75:e8:1c:c9:b9:
a7:6a:96:f9:ba:93:ed:86:e7:10:fe:a1:3a:11:cc:0b:37:31:
e6:51:34:d6:e4:4b:d0:1f:ec:49:88:7c:06:e9:67:47:77:3b:
08:fb:7f:59
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUU7Abo3PDOIqIj0Q5dkPAo8hLZ54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTAyMDIxMDU2MTNaFw0yNjAyMDExMTAxMTNaMDMxMTAvBgNV
BAMTKERBRTgxQzA2NTBCODVBM0IyRjJCRTIxNUJDQUZCNTRENTZBN0VGQUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC32+dLsukVUfFBiU6erO+YR6TI
V4rTaQcYgFbTSuJia15lIQCmuP9JCZ5a6R2dDIo6tyLAYsgvOt75KH5PmXKu6DFE
WavPSpQxR0Y8iuuVwRWtthaGEl4GaxhzDJUuxhxKpOLhD2O38nijOApF9dpCGPbI
5Yyb7D2jK61i0eKMMFbiLwgCiK8HLu4fYHDpKlcJsC0dSG7vmfzfY+snN4bIzXUl
zmtTkIWlh2BATshIX6/3pDMf2pTPqkkRSeDGbjciwiH7j3nPYZorWHKarqzulTUO
0PLhsy6YbwAfVxZpuYbNNZwMzGU/ViDFGQqkVMqoSEZAnf3rRLyliESBtJDHAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU2ugcBlC4WjsvK+IVvK+1TVan764wHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzQzNTJlMzkzNTJlMzgzMjJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1fUjANBgkq
hkiG9w0BAQsFAAOCAQEAInZzQ6jhc1pmCfYsJT7/qXKiSUhPgL0mYGPDd2Vm1KM4
/rE/Lk6S8J+h4isbASSRJJ60PfQQjncRYNtPHXajhnI1H4ejBW3ZK4ZUAHXQSsEX
fSB4jBJew9Vuat7FBHk8ubMk3ka0iVVQ+L1YaNgF4KazspRs026zj7I1BXYFfhhW
L+Iorflya2OfhAh5/VkUdIA+YbhN6Y2bpBUIZiPPk6bSEb46ObEpTaauNB4mia9j
a5CR4LSMyhvSV1sqQaJN+0oemzOs6qnbRR6Rpd4SWdcrxHXoHMm5p2qW+bqT7Ybn
EP6hOhHMCzcx5lE01uRL0B/sSYh8BulnR3c7CPt/WQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:16:40 2025 by rpki-client