Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38312e302f32342d3234203d3e20383334.roa
File: 34352e31322e38312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: LiKTGsMGLjpJkmpDhj98ne+Bu/kcZPFZyle7+ZPjocI=
Subject key identifier: BD:7A:71:F9:54:42:FE:96:B9:33:2E:57:2B:CB:AC:05:7F:55:FC:2C
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 739F82C19E45E12B64717D8E50923A5950E586F9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38312e302f32342d3234203d3e20383334.roa
Signing time: Wed 09 Apr 2025 06:32:00 +0000
ROA not before: Wed 09 Apr 2025 06:27:00 +0000
ROA not after: Wed 08 Apr 2026 06:32:00 +0000
asID: 834
IP address blocks: 45.12.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 08:12:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:9f:82:c1:9e:45:e1:2b:64:71:7d:8e:50:92:3a:59:50:e5:86:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 9 06:27:00 2025 GMT
Not After : Apr 8 06:32:00 2026 GMT
Subject: CN=BD7A71F95442FE96B9332E572BCBAC057F55FC2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:35:6c:13:10:c1:42:fe:d0:3b:e6:ef:5d:
4c:43:9b:de:e2:f2:40:40:be:21:92:77:9e:74:f6:
f4:a7:b9:5a:44:3b:8d:ee:79:b2:96:43:0e:d4:fb:
d8:e7:67:87:b9:6a:38:3b:cd:b0:5c:a7:68:59:67:
fc:1f:15:eb:55:0f:89:34:11:fe:19:18:ba:98:9a:
e2:b4:05:a6:04:42:48:61:76:c0:01:06:43:ca:5d:
e1:23:39:79:e7:a8:22:cf:4a:92:ac:82:7d:f1:c9:
23:40:a6:b2:9f:ae:e9:d1:15:c0:60:80:71:07:45:
13:6e:76:38:76:fd:57:00:b8:9f:9d:df:a5:87:1e:
33:32:dd:60:4e:04:40:80:cd:db:4d:07:95:17:a5:
92:22:2b:7d:2a:2c:bc:37:e2:bb:dd:5b:b2:3f:e5:
6c:4e:f3:b7:d4:0d:e0:3a:c3:61:a4:64:3b:c3:32:
a8:22:1c:4f:85:6d:2c:fb:4c:a4:52:17:d6:e2:68:
29:f1:ef:fa:0a:c6:c8:e5:45:a8:ac:69:0a:3c:7f:
9c:b9:ce:df:0d:04:21:b1:4d:ba:18:0c:73:15:e5:
e7:35:f9:81:7d:dc:d2:46:ba:0f:15:05:7a:e5:3c:
b7:b7:ee:75:23:9a:9d:b9:16:f9:ec:38:7d:2a:91:
94:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7A:71:F9:54:42:FE:96:B9:33:2E:57:2B:CB:AC:05:7F:55:FC:2C
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.81.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:63:28:62:d3:7f:71:68:83:0f:70:31:68:01:2e:f8:6a:b0:
94:b2:1e:ed:e4:4b:9b:de:c8:0a:4f:71:d4:19:1d:96:71:91:
c9:0a:04:19:bc:03:eb:39:2d:db:61:d0:88:ed:f3:0e:38:cc:
bd:5e:96:65:b7:5d:dc:34:da:4e:55:04:19:24:3b:2d:b5:4a:
46:a8:c0:c6:5d:2e:42:24:12:93:89:02:69:70:3c:90:6c:3f:
49:db:8a:33:42:15:45:fe:76:fd:60:ce:ad:5b:44:35:f6:9d:
1e:6e:74:e3:b6:70:86:6f:00:34:b3:e3:0f:df:87:e7:de:78:
2d:57:a5:85:c2:2c:62:a5:dc:f0:32:a1:ba:e7:65:b3:71:cd:
c8:d5:cc:ef:20:39:4d:4c:37:23:af:58:fb:4e:20:b7:f4:97:
5f:c7:0e:86:de:84:4c:e3:3e:56:ba:95:d8:e9:6e:c6:8d:07:
c9:d3:fa:1c:ec:6e:f5:d1:de:30:76:f4:a0:ad:24:84:15:64:
8f:36:70:23:b1:97:d5:8b:84:6e:c0:50:7e:60:40:62:47:9d:
69:a7:c7:d1:a4:67:4c:1f:73:47:cf:20:54:a6:57:5b:00:0c:
1a:8f:b1:2d:90:99:1c:8c:e0:ea:a8:ea:74:9f:6b:05:56:c0:
f1:09:a1:a8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUc5+CwZ5F4StkcX2OUJI6WVDlhvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA0MDkwNjI3MDBaFw0yNjA0MDgwNjMyMDBaMDMxMTAvBgNV
BAMTKEJEN0E3MUY5NTQ0MkZFOTZCOTMzMkU1NzJCQ0JBQzA1N0Y1NUZDMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ljVsExDBQv7QO+bvXUxDm97i
8kBAviGSd5509vSnuVpEO43uebKWQw7U+9jnZ4e5ajg7zbBcp2hZZ/wfFetVD4k0
Ef4ZGLqYmuK0BaYEQkhhdsABBkPKXeEjOXnnqCLPSpKsgn3xySNAprKfrunRFcBg
gHEHRRNudjh2/VcAuJ+d36WHHjMy3WBOBECAzdtNB5UXpZIiK30qLLw34rvdW7I/
5WxO87fUDeA6w2GkZDvDMqgiHE+FbSz7TKRSF9biaCnx7/oKxsjlRaisaQo8f5y5
zt8NBCGxTboYDHMV5ec1+YF93NJGug8VBXrlPLe37nUjmp25FvnsOH0qkZTxAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUvXpx+VRC/pa5My5XK8usBX9V/CwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0MUTANBgkq
hkiG9w0BAQsFAAOCAQEAnGMoYtN/cWiDD3AxaAEu+GqwlLIe7eRLm97ICk9x1Bkd
lnGRyQoEGbwD6zkt22HQiO3zDjjMvV6WZbdd3DTaTlUEGSQ7LbVKRqjAxl0uQiQS
k4kCaXA8kGw/SduKM0IVRf52/WDOrVtENfadHm5047Zwhm8ANLPjD9+H5954LVel
hcIsYqXc8DKhuudls3HNyNXM7yA5TUw3I69Y+04gt/SXX8cOht6ETOM+VrqV2Olu
xo0HydP6HOxu9dHeMHb0oK0khBVkjzZwI7GX1YuEbsBQfmBAYkedaafH0aRnTB9z
R88gVKZXWwAMGo+xLZCZHIzg6qjqdJ9rBVbA8QmhqA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:05:50 2025 by rpki-client