Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e203239383032.roa
File: 34352e31322e38332e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: /zCbeH5TE4SNyJDkodUBAxmdGYvNG+oNUq4ljAMlHr8=
Subject key identifier: 91:EE:02:6E:7F:B5:06:1C:51:3C:E0:B7:83:AF:75:B1:64:ED:B9:50
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 05F9DA320935A9D75BE29E6953D9C92F628C135D
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e203239383032.roa
Signing time: Tue 21 Jan 2025 19:04:26 +0000
ROA not before: Tue 21 Jan 2025 18:59:26 +0000
ROA not after: Tue 20 Jan 2026 19:04:26 +0000
asID: 29802
IP address blocks: 45.12.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 00:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:f9:da:32:09:35:a9:d7:5b:e2:9e:69:53:d9:c9:2f:62:8c:13:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 21 18:59:26 2025 GMT
Not After : Jan 20 19:04:26 2026 GMT
Subject: CN=91EE026E7FB5061C513CE0B783AF75B164EDB950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bc:9e:90:02:b3:75:42:e4:99:49:2d:e6:d3:
21:b3:26:c1:eb:0d:7a:fe:fe:f6:73:94:23:bb:63:
ba:67:12:de:e4:fd:1e:d3:16:b5:9b:ee:04:47:24:
c4:23:8f:ef:a8:69:f0:59:7e:63:a8:aa:ed:18:98:
db:a2:3a:f6:b0:be:55:6e:1f:be:f8:4c:ad:46:ee:
63:d9:ab:df:07:00:73:c0:d4:74:d7:e8:40:88:56:
f4:fd:70:b3:eb:db:fd:e6:51:7f:e7:35:b9:e5:08:
04:8c:62:c4:57:9b:3b:ac:72:67:45:a3:1d:49:11:
fa:cb:55:f9:27:8b:5f:72:76:ca:0a:3e:8c:18:18:
f3:41:ef:77:90:04:b6:59:55:e7:e3:7e:a3:77:4e:
fc:c4:40:ee:66:20:f7:05:ac:fe:7b:1d:1b:71:7b:
c6:1e:d0:a3:e1:85:d3:7c:0d:5f:83:6b:a4:af:cb:
cf:5c:f3:17:42:33:2b:2d:a1:3c:9d:7f:d5:37:96:
49:c8:54:e0:b9:49:38:4a:7f:81:1a:cd:ce:b7:ae:
f5:25:61:10:42:e5:28:b3:2d:ed:ba:ea:91:11:87:
f1:a0:20:a3:87:40:06:69:69:2f:b3:10:5c:d8:65:
9c:10:52:cb:da:d7:4c:33:0d:6b:09:1a:7f:7e:ca:
73:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EE:02:6E:7F:B5:06:1C:51:3C:E0:B7:83:AF:75:B1:64:ED:B9:50
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.83.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:5c:e2:3a:11:d9:cb:2e:be:68:65:9f:fc:37:50:37:5d:0d:
49:80:58:f0:90:75:d2:a6:9b:4a:a7:2b:e8:e3:56:95:1f:e2:
b5:f7:5f:f6:fb:c5:ad:34:95:da:79:77:09:5b:c4:20:8c:1a:
e5:11:0f:84:e6:47:3d:e0:02:a0:85:1b:46:f1:21:3e:01:0a:
0a:8e:6e:70:85:be:c0:73:8c:2b:c6:f0:a4:1f:9f:75:28:24:
ce:de:2b:6a:b9:e4:90:b6:4a:c9:b0:6d:37:23:d0:17:fa:70:
85:01:01:97:4a:5a:74:cb:a3:2c:2d:73:20:fd:84:c3:ee:d7:
8c:86:1a:f7:6d:e5:22:d4:0b:57:88:11:8a:bb:fc:4a:5a:37:
7c:a4:56:eb:22:e2:62:f1:d1:e5:c3:a1:d7:74:8a:4a:e5:26:
2b:09:da:f2:03:fc:5d:10:d0:7b:a6:1e:66:dc:29:20:d8:05:
59:c5:db:c0:cd:54:60:1b:7e:d7:3f:49:a5:84:9d:39:f1:db:
df:e3:ad:b3:f8:ce:d6:60:34:47:2b:fd:42:70:48:49:74:32:
ef:df:72:50:df:4e:8a:d8:c1:7c:fd:2e:d7:eb:25:84:b1:94:
c8:cc:5b:a4:6c:71:e2:26:a7:e1:dd:75:75:69:0d:c0:cc:3b:
35:d6:73:95
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUBfnaMgk1qddb4p5pU9nJL2KME10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjExODU5MjZaFw0yNjAxMjAxOTA0MjZaMDMxMTAvBgNV
BAMTKDkxRUUwMjZFN0ZCNTA2MUM1MTNDRTBCNzgzQUY3NUIxNjRFREI5NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCevJ6QArN1QuSZSS3m0yGzJsHr
DXr+/vZzlCO7Y7pnEt7k/R7TFrWb7gRHJMQjj++oafBZfmOoqu0YmNuiOvawvlVu
H774TK1G7mPZq98HAHPA1HTX6ECIVvT9cLPr2/3mUX/nNbnlCASMYsRXmzuscmdF
ox1JEfrLVfkni19ydsoKPowYGPNB73eQBLZZVefjfqN3TvzEQO5mIPcFrP57HRtx
e8Ye0KPhhdN8DV+Da6Svy89c8xdCMystoTydf9U3lknIVOC5SThKf4Eazc63rvUl
YRBC5SizLe266pERh/GgIKOHQAZpaS+zEFzYZZwQUsva10wzDWsJGn9+ynMbAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUke4Cbn+1BhxRPOC3g691sWTtuVAwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtDFMw
DQYJKoZIhvcNAQELBQADggEBAKtc4joR2csuvmhln/w3UDddDUmAWPCQddKmm0qn
K+jjVpUf4rX3X/b7xa00ldp5dwlbxCCMGuURD4TmRz3gAqCFG0bxIT4BCgqObnCF
vsBzjCvG8KQfn3UoJM7eK2q55JC2SsmwbTcj0Bf6cIUBAZdKWnTLoywtcyD9hMPu
14yGGvdt5SLUC1eIEYq7/EpaN3ykVusi4mLx0eXDodd0ikrlJisJ2vID/F0Q0Hum
HmbcKSDYBVnF28DNVGAbftc/SaWEnTnx29/jrbP4ztZgNEcr/UJwSEl0Mu/fclDf
TorYwXz9LtfrJYSxlMjMW6RsceImp+HddXVpDcDMOzXWc5U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:59:47 2025 by rpki-client