Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20383334.roa
File: 322e35362e3235302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 3+gRYztSZYD9DjWsE+P958wvOsbMFrW20/5yhhQDV/4=
Subject key identifier: 4A:2F:3A:3F:78:D9:64:B0:3E:63:9E:15:BD:D9:8E:5D:BD:59:0A:82
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0126E737C9CA911AA8851FA43F2211D081AEEC25
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20383334.roa
Signing time: Sun 16 Mar 2025 11:11:51 +0000
ROA not before: Sun 16 Mar 2025 11:06:51 +0000
ROA not after: Sun 15 Mar 2026 11:11:51 +0000
asID: 834
IP address blocks: 2.56.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 14:54:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:26:e7:37:c9:ca:91:1a:a8:85:1f:a4:3f:22:11:d0:81:ae:ec:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 16 11:06:51 2025 GMT
Not After : Mar 15 11:11:51 2026 GMT
Subject: CN=4A2F3A3F78D964B03E639E15BDD98E5DBD590A82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1b:97:b8:17:0f:dd:da:e2:9a:03:cb:ca:8f:
19:a9:b8:7f:bd:2f:67:d4:80:28:e5:ad:6b:59:f3:
05:0e:5f:36:2a:6b:da:60:8e:29:a0:15:22:6c:8c:
44:08:f5:25:80:53:e5:73:e6:b5:ec:44:de:9b:88:
6a:c0:b6:48:4c:e3:c0:f1:a8:ed:74:e6:f8:18:46:
e1:75:0c:4a:6d:c5:71:4b:fb:51:d3:76:8d:c0:8d:
7d:00:ed:d5:56:b5:c5:ce:91:60:9b:27:7b:18:03:
f5:2f:23:f0:77:89:6e:d7:75:60:a4:f4:34:f2:e9:
74:ca:09:cd:e9:eb:96:94:fd:33:67:44:10:64:13:
de:02:d7:de:4c:d7:d1:40:9c:fd:71:b1:be:7b:33:
f9:a5:1f:9f:42:fa:14:86:f9:0f:d3:30:a6:0b:ed:
16:16:b8:99:02:ff:87:6d:b8:69:ad:97:29:a7:2f:
38:48:bb:55:af:62:78:8a:ab:48:e6:1f:3a:d4:b7:
14:83:61:bd:37:2b:64:10:73:24:da:62:d2:e7:04:
fb:2d:ce:be:42:43:c8:1c:80:82:4c:63:fc:87:a0:
bc:59:ef:03:96:9b:d1:7c:c7:03:6e:68:89:7c:3e:
cd:cb:7b:b1:1f:c8:2e:f5:c6:a8:6b:13:79:71:a1:
6a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:2F:3A:3F:78:D9:64:B0:3E:63:9E:15:BD:D9:8E:5D:BD:59:0A:82
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.250.0/24
Signature Algorithm: sha256WithRSAEncryption
72:ad:d6:ea:a3:fe:88:66:69:54:28:24:9b:c6:82:91:82:c6:
79:dd:9f:62:0a:d1:f1:ae:58:5f:06:93:1c:af:4f:60:0b:0e:
20:98:8e:dc:52:9f:91:42:0d:2c:1f:8a:1f:cc:aa:ab:f0:d3:
54:93:86:a5:fd:c2:ad:cc:57:0b:57:ff:2a:2a:cb:27:e8:10:
95:ac:12:31:aa:f8:79:fd:55:bc:30:2f:12:27:12:df:60:f1:
b2:91:e3:c0:b5:1d:da:8e:59:4f:5c:19:dc:d8:31:b9:ef:39:
0c:92:c0:07:3a:29:f8:a3:86:5a:08:d0:81:15:82:0b:22:6f:
0a:33:49:53:a4:8b:ff:98:64:de:c2:0f:b4:56:d4:ec:a9:33:
f1:15:99:26:16:bf:49:c2:06:2d:0a:75:66:d1:41:bb:8e:7f:
9c:4e:f4:01:ba:4d:bf:be:c2:3e:85:c6:18:58:15:1d:db:5d:
0e:80:35:b5:53:80:9c:a9:53:7e:5d:6f:0f:c4:20:56:ba:3f:
d9:54:af:3c:2d:bd:05:9a:ae:4d:0f:7d:06:0a:f3:fd:0f:0f:
a0:95:09:ad:16:fb:6d:20:c5:b6:94:c9:67:b8:c2:d1:d2:0d:
c4:77:19:79:5f:eb:cf:d8:79:f7:17:27:9c:e7:bc:58:f7:e1:
a0:3e:07:4c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUASbnN8nKkRqohR+kPyIR0IGu7CUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMTYxMTA2NTFaFw0yNjAzMTUxMTExNTFaMDMxMTAvBgNV
BAMTKDRBMkYzQTNGNzhEOTY0QjAzRTYzOUUxNUJERDk4RTVEQkQ1OTBBODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzG5e4Fw/d2uKaA8vKjxmpuH+9
L2fUgCjlrWtZ8wUOXzYqa9pgjimgFSJsjEQI9SWAU+Vz5rXsRN6biGrAtkhM48Dx
qO105vgYRuF1DEptxXFL+1HTdo3AjX0A7dVWtcXOkWCbJ3sYA/UvI/B3iW7XdWCk
9DTy6XTKCc3p65aU/TNnRBBkE94C195M19FAnP1xsb57M/mlH59C+hSG+Q/TMKYL
7RYWuJkC/4dtuGmtlymnLzhIu1WvYniKq0jmHzrUtxSDYb03K2QQcyTaYtLnBPst
zr5CQ8gcgIJMY/yHoLxZ7wOWm9F8xwNuaIl8Ps3Le7EfyC71xqhrE3lxoWrDAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUSi86P3jZZLA+Y54VvdmOXb1ZCoIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4+jANBgkq
hkiG9w0BAQsFAAOCAQEAcq3W6qP+iGZpVCgkm8aCkYLGed2fYgrR8a5YXwaTHK9P
YAsOIJiO3FKfkUINLB+KH8yqq/DTVJOGpf3CrcxXC1f/KirLJ+gQlawSMar4ef1V
vDAvEicS32DxspHjwLUd2o5ZT1wZ3Ngxue85DJLABzop+KOGWgjQgRWCCyJvCjNJ
U6SL/5hk3sIPtFbU7Kkz8RWZJha/ScIGLQp1ZtFBu45/nE70AbpNv77CPoXGGFgV
HdtdDoA1tVOAnKlTfl1vD8QgVro/2VSvPC29BZquTQ99Bgrz/Q8PoJUJrRb7bSDF
tpTJZ7jC0dINxHcZeV/rz9h59xcnnOe8WPfhoD4HTA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:42:34 2025 by rpki-client