Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3137322e302f32322d3232203d3e20313734.roa
File: 3132382e36352e3137322e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier: C0xOMZsQuTL3jk7RT1kA6dQKQ2nCA9OFnyKmFxaqnks=
Subject key identifier: B9:72:29:59:04:C4:39:F3:12:58:A2:03:BD:C7:C2:ED:09:35:F5:D3
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 412E57FF7CEED9D2F3FAB1D41CBF1F295D1CFDEB
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3137322e302f32322d3232203d3e20313734.roa
Signing time: Mon 28 Apr 2025 19:50:25 +0000
ROA not before: Mon 28 Apr 2025 19:45:25 +0000
ROA not after: Mon 27 Apr 2026 19:50:25 +0000
asID: 174
IP address blocks: 128.65.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 30 Apr 2025 08:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:2e:57:ff:7c:ee:d9:d2:f3:fa:b1:d4:1c:bf:1f:29:5d:1c:fd:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Apr 28 19:45:25 2025 GMT
Not After : Apr 27 19:50:25 2026 GMT
Subject: CN=B972295904C439F31258A203BDC7C2ED0935F5D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f5:d6:91:5c:54:15:37:8e:32:a8:5b:1f:11:
6f:dc:f6:be:9e:ec:3e:0f:12:6e:f7:30:51:e9:d3:
28:41:c1:c4:a7:3e:e5:fd:2c:3c:8b:f8:9f:90:cf:
19:57:61:79:89:3a:9c:62:d6:20:a9:b1:eb:a1:25:
80:1b:75:8e:79:80:f4:50:6b:d9:6c:12:e8:d9:58:
a8:94:36:be:85:46:b9:a2:37:0b:0f:0c:c1:8d:e0:
90:57:1b:2a:5f:00:54:7b:a6:0f:2a:a4:5c:6e:a8:
db:c6:77:1d:67:90:c8:aa:8f:48:0a:94:d2:03:3e:
44:88:a4:23:31:6a:cd:de:84:e9:18:ac:76:83:a0:
4e:fa:84:97:5a:0c:d1:e3:91:0f:8b:23:6d:23:5d:
86:78:c6:47:c8:16:2a:6d:da:91:ed:a3:b9:fe:7a:
10:98:25:40:60:d6:b6:75:cf:6f:af:b3:aa:3e:3a:
2f:85:22:ef:69:4c:ce:4c:4e:2d:53:a3:47:4e:f4:
68:0b:35:fd:35:e0:b8:40:7e:80:28:29:53:9f:03:
3a:be:5f:01:78:f4:dc:3c:f2:f6:27:9b:4c:dc:3f:
84:db:1e:16:51:f8:f2:d8:0d:c9:cf:0f:81:4b:1f:
7a:e0:da:28:b1:2b:5d:4d:43:c5:ce:17:3b:d7:f1:
2a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:72:29:59:04:C4:39:F3:12:58:A2:03:BD:C7:C2:ED:09:35:F5:D3
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3137322e302f32322d3232203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:3b:72:12:6e:9f:f2:21:c9:3e:f6:29:eb:b0:30:d2:66:18:
9f:41:30:c7:45:89:6e:d4:44:7b:38:00:50:cc:6c:a5:ec:f2:
47:01:0c:03:d6:2f:16:a7:24:bc:bf:b2:1c:8f:70:43:4d:d7:
96:a2:e3:b3:41:ec:35:f9:4f:35:15:ae:f7:cb:b4:95:56:10:
50:9a:9e:5f:54:e6:f8:66:10:1a:75:4d:43:05:54:9f:d2:e6:
77:0e:3d:75:06:9a:f9:f5:28:f0:e8:dd:21:7b:05:d4:21:ad:
17:38:7f:5b:16:3e:54:42:ee:45:d8:68:87:bd:b1:66:a1:54:
94:f8:7b:29:ad:3f:98:1e:42:62:35:10:35:8a:08:92:49:7d:
38:90:84:0d:a9:8a:c8:83:a2:e6:94:27:20:65:d4:c6:bf:29:
e0:6f:b0:d9:f8:6e:e4:7f:57:7a:c1:53:86:da:e6:62:67:13:
31:a6:4d:af:9f:33:96:75:1d:80:bf:ea:fd:eb:cf:ef:4f:46:
ac:b4:40:d4:64:a5:95:1e:2a:ca:7b:19:fc:3e:b0:fe:82:74:
6e:86:4a:0c:99:5e:86:d5:f4:59:58:d9:cb:d4:6c:5b:8c:2a:
f8:08:cb:c9:11:04:85:f6:b2:1b:25:ef:2a:9c:91:74:fd:bf:
4c:6e:80:5b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQS5X/3zu2dLz+rHUHL8fKV0c/eswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTA0MjgxOTQ1MjVaFw0yNjA0MjcxOTUwMjVaMDMxMTAvBgNV
BAMTKEI5NzIyOTU5MDRDNDM5RjMxMjU4QTIwM0JEQzdDMkVEMDkzNUY1RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp9daRXFQVN44yqFsfEW/c9r6e
7D4PEm73MFHp0yhBwcSnPuX9LDyL+J+QzxlXYXmJOpxi1iCpseuhJYAbdY55gPRQ
a9lsEujZWKiUNr6FRrmiNwsPDMGN4JBXGypfAFR7pg8qpFxuqNvGdx1nkMiqj0gK
lNIDPkSIpCMxas3ehOkYrHaDoE76hJdaDNHjkQ+LI20jXYZ4xkfIFipt2pHto7n+
ehCYJUBg1rZ1z2+vs6o+Oi+FIu9pTM5MTi1To0dO9GgLNf014LhAfoAoKVOfAzq+
XwF49Nw88vYnm0zcP4TbHhZR+PLYDcnPD4FLH3rg2iixK11NQ8XOFzvX8SpXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUuXIpWQTEOfMSWKIDvcfC7Qk19dMwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzMjM4MmUzNjM1MmUzMTM3
MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMTM3MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKAQaww
DQYJKoZIhvcNAQELBQADggEBAHw7chJun/IhyT72KeuwMNJmGJ9BMMdFiW7URHs4
AFDMbKXs8kcBDAPWLxanJLy/shyPcENN15ai47NB7DX5TzUVrvfLtJVWEFCanl9U
5vhmEBp1TUMFVJ/S5ncOPXUGmvn1KPDo3SF7BdQhrRc4f1sWPlRC7kXYaIe9sWah
VJT4eymtP5geQmI1EDWKCJJJfTiQhA2pisiDouaUJyBl1Ma/KeBvsNn4buR/V3rB
U4ba5mJnEzGmTa+fM5Z1HYC/6v3rz+9PRqy0QNRkpZUeKsp7Gfw+sP6CdG6GSgyZ
XobV9FlY2cvUbFuMKvgIy8kRBIX2shsl7yqckXT9v0xugFs=
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:42:59 2025 by rpki-client