Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32312d3231203d3e20383334.roa
File: 3132382e36352e3136382e302f32312d3231203d3e20383334.roa (raw, json)
Hash identifier: EUIK1kGESNMfE9hB9RcI3e2f2ien1fWQxhktyzNFCPQ=
Subject key identifier: 04:59:9D:D1:58:9C:F4:C2:EA:40:D6:70:16:38:B7:66:41:EC:A7:8C
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 492BF1779F564B27378256D418F6D6C53B7B9FCA
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32312d3231203d3e20383334.roa
Signing time: Thu 27 Mar 2025 20:11:13 +0000
ROA not before: Thu 27 Mar 2025 20:06:13 +0000
ROA not after: Thu 26 Mar 2026 20:11:13 +0000
asID: 834
IP address blocks: 128.65.168.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 28 Mar 2025 11:20:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:2b:f1:77:9f:56:4b:27:37:82:56:d4:18:f6:d6:c5:3b:7b:9f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Mar 27 20:06:13 2025 GMT
Not After : Mar 26 20:11:13 2026 GMT
Subject: CN=04599DD1589CF4C2EA40D6701638B76641ECA78C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:12:84:b8:d9:66:02:32:46:c9:98:c5:40:54:
f7:cc:99:de:87:c7:29:54:ce:79:a2:68:ad:b2:31:
79:61:ec:b3:a1:7d:64:08:33:c9:a7:b0:99:d6:fc:
4e:3f:49:71:5e:f8:79:b8:d8:5f:bb:eb:9d:1e:dc:
6b:42:16:0d:5c:7f:36:ee:33:26:12:2e:d8:12:07:
a3:ff:66:07:44:13:94:bb:e5:0e:41:ea:e1:76:2a:
c4:43:49:42:6c:a4:40:4b:c7:c4:96:0e:03:fd:2b:
68:42:30:ba:6f:10:1f:4a:d1:b0:5d:2a:3e:5c:af:
92:7a:ae:90:72:b2:36:4e:ed:a3:ce:b0:56:72:31:
48:ff:88:73:e0:52:62:2a:13:f6:f0:83:d2:c3:b0:
59:65:40:c3:54:d1:7a:5a:df:b9:b8:60:39:0a:95:
6c:63:35:a9:bb:ab:0c:63:4c:52:59:3a:aa:b1:1c:
79:71:b8:0c:4d:75:7a:3e:80:8b:45:bc:51:8e:10:
ee:6b:ff:33:e5:72:52:46:1c:44:49:4c:28:7d:11:
99:fc:da:c5:31:36:79:6b:4e:e5:f3:a9:7a:bd:24:
c8:17:9f:fa:d4:e2:c0:32:a5:14:00:3f:3b:94:65:
df:6c:38:06:7f:62:c2:2e:35:9c:6d:95:95:e8:d4:
f9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:59:9D:D1:58:9C:F4:C2:EA:40:D6:70:16:38:B7:66:41:EC:A7:8C
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32312d3231203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.168.0/21
Signature Algorithm: sha256WithRSAEncryption
8c:89:bc:3d:0a:26:4c:5e:f0:ae:99:f4:36:d7:34:71:89:f1:
97:02:2c:b4:72:dc:8d:b0:e1:50:7c:bb:0f:24:54:0d:c6:05:
da:85:be:87:a2:22:38:a2:ee:53:08:8f:c0:e3:63:db:aa:b7:
93:1a:34:d5:fc:6b:4a:f1:04:e4:9c:d9:40:9a:2a:a9:13:8f:
5a:37:f0:cf:9d:29:20:73:a9:b3:70:65:72:c2:6f:32:1c:5d:
f3:72:7c:89:a7:7d:ca:13:68:22:77:43:91:01:ad:66:f8:95:
41:30:0b:9c:c4:2c:91:5e:8e:3e:39:62:73:ca:8b:8c:62:42:
0a:af:57:d5:70:f5:95:a5:ec:3b:23:a3:d7:bc:8e:3d:66:ae:
68:65:e4:2d:54:71:d6:cb:b0:94:6a:50:36:ce:e7:c5:40:52:
b9:00:69:fb:50:ac:c9:15:b2:79:22:ca:dc:34:2e:a1:f2:68:
a3:10:d6:48:a0:b7:14:18:9e:d0:ce:08:3a:d2:04:81:97:2f:
1b:24:65:6a:89:26:3a:f5:8a:e0:0a:86:ce:bd:29:f3:38:68:
a0:25:c9:b6:4f:4b:59:70:5f:69:3a:f8:8f:0f:19:04:e1:4a:
83:48:2e:b3:b0:47:16:7a:ed:69:4c:18:8d:29:ba:c6:59:17:
e9:7d:c1:49
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUSSvxd59WSyc3glbUGPbWxTt7n8owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTAzMjcyMDA2MTNaFw0yNjAzMjYyMDExMTNaMDMxMTAvBgNV
BAMTKDA0NTk5REQxNTg5Q0Y0QzJFQTQwRDY3MDE2MzhCNzY2NDFFQ0E3OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjEoS42WYCMkbJmMVAVPfMmd6H
xylUznmiaK2yMXlh7LOhfWQIM8mnsJnW/E4/SXFe+Hm42F+7650e3GtCFg1cfzbu
MyYSLtgSB6P/ZgdEE5S75Q5B6uF2KsRDSUJspEBLx8SWDgP9K2hCMLpvEB9K0bBd
Kj5cr5J6rpBysjZO7aPOsFZyMUj/iHPgUmIqE/bwg9LDsFllQMNU0Xpa37m4YDkK
lWxjNam7qwxjTFJZOqqxHHlxuAxNdXo+gItFvFGOEO5r/zPlclJGHERJTCh9EZn8
2sUxNnlrTuXzqXq9JMgXn/rU4sAypRQAPzuUZd9sOAZ/YsIuNZxtlZXo1PnnAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUBFmd0Vic9MLqQNZwFji3ZkHsp4wwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzMjM4MmUzNjM1MmUzMTM2
MzgyZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOAQagw
DQYJKoZIhvcNAQELBQADggEBAIyJvD0KJkxe8K6Z9DbXNHGJ8ZcCLLRy3I2w4VB8
uw8kVA3GBdqFvoeiIjii7lMIj8DjY9uqt5MaNNX8a0rxBOSc2UCaKqkTj1o38M+d
KSBzqbNwZXLCbzIcXfNyfImnfcoTaCJ3Q5EBrWb4lUEwC5zELJFejj45YnPKi4xi
QgqvV9Vw9ZWl7Dsjo9e8jj1mrmhl5C1UcdbLsJRqUDbO58VAUrkAaftQrMkVsnki
ytw0LqHyaKMQ1kigtxQYntDOCDrSBIGXLxskZWqJJjr1iuAKhs69KfM4aKAlybZP
S1lwX2k6+I8PGQThSoNILrOwRxZ67WlMGI0pusZZF+l9wUk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:41 2025 by rpki-client