Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20313338303936.roa
File: 34352e3133372e39362e302f32342d3234203d3e20313338303936.roa (raw, json)
Hash identifier: BIc+6Y3044UpH7h8LmkAMPDP8XOc9A7P0X9ryDlFdFE=
Subject key identifier: FA:28:85:43:2B:22:E5:72:19:5B:06:96:5A:9A:7D:E2:A6:FA:76:EA
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0F4A26182F23E11707EC463D51B25B540D29FB39
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20313338303936.roa
Signing time: Tue 30 Apr 2024 02:39:15 +0000
ROA not before: Tue 30 Apr 2024 02:34:15 +0000
ROA not after: Tue 29 Apr 2025 02:39:15 +0000
asID: 138096
IP address blocks: 45.137.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jul 2024 10:06:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:4a:26:18:2f:23:e1:17:07:ec:46:3d:51:b2:5b:54:0d:29:fb:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 30 02:34:15 2024 GMT
Not After : Apr 29 02:39:15 2025 GMT
Subject: CN=FA2885432B22E572195B06965A9A7DE2A6FA76EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:77:12:d6:f9:7d:2e:2d:a1:f9:c1:87:3b:
84:d3:b9:16:4c:43:13:74:7a:3a:d5:8e:e7:53:e9:
cd:9b:9e:61:34:ad:66:30:59:3a:ce:d7:46:dc:48:
c6:b6:2b:c4:4f:bb:45:4d:fd:36:42:4e:65:bb:6f:
31:6a:d1:88:bf:e1:3b:23:b7:ca:5e:6f:9b:73:9b:
56:a2:60:32:5a:be:23:67:86:10:bd:8c:6f:76:61:
52:fd:14:3b:3a:12:b4:52:80:03:0c:0f:7d:03:54:
60:a8:a2:4d:ea:21:de:06:f9:7a:fe:aa:47:9b:5a:
70:91:3a:f8:56:be:33:24:0d:1b:69:8a:21:2b:f6:
8e:f7:3b:99:17:0e:c0:ab:e2:4a:20:c4:a0:67:d3:
be:b8:dc:4f:f4:09:31:a2:b9:eb:f7:fb:d3:c5:5f:
ab:fa:4a:ab:d2:f4:df:60:0f:7a:df:fd:2e:d2:04:
c3:19:b6:93:53:85:e0:64:63:0c:2f:55:b9:77:de:
32:c2:67:ca:ff:26:d3:1d:d5:42:12:76:06:3a:59:
bd:f8:e4:61:ea:bd:8b:41:06:05:8a:51:f2:ac:db:
c1:e0:60:df:9d:c0:83:fc:8c:d4:5c:00:63:af:bd:
37:55:2d:9e:84:9e:e3:e1:e1:15:c0:2b:4f:a6:bd:
98:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:28:85:43:2B:22:E5:72:19:5B:06:96:5A:9A:7D:E2:A6:FA:76:EA
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20313338303936.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.96.0/24
Signature Algorithm: sha256WithRSAEncryption
63:e6:21:f4:eb:45:e9:a8:9a:c9:dd:4f:bf:1a:53:6a:31:68:
f7:62:c1:28:8f:1b:99:f6:19:d8:95:92:23:a7:89:98:dc:96:
7b:95:23:56:61:66:a4:14:ee:73:95:34:1b:1a:98:95:af:75:
62:0c:c1:73:c6:e0:53:25:73:dd:2b:11:50:84:b0:30:5c:ce:
5d:8d:21:4b:bc:da:25:d9:5a:92:75:f5:d8:7e:6f:98:57:34:
e5:70:e6:c4:cc:29:b2:14:46:93:39:af:07:10:79:4f:61:0b:
9f:8d:51:4c:65:f1:82:ee:8a:15:b6:87:c8:6c:d9:c4:0b:8a:
18:c0:bb:10:7e:76:08:19:bc:a5:d8:db:ed:26:97:04:44:96:
8a:95:0f:c1:41:f6:1e:30:e5:d7:46:a3:26:79:f3:60:ba:e4:
3f:58:2f:cb:76:76:fe:c8:b0:86:c7:f4:a2:d0:66:ea:40:40:
97:ae:f9:2d:8c:e9:bc:cb:00:73:3d:00:a4:86:a4:4f:2a:3f:
1e:90:a0:d0:9a:e6:55:8f:5d:29:75:4a:6f:c4:7f:92:76:4c:
16:27:fd:80:b6:7c:a6:4a:1c:13:cd:c8:ab:78:ee:2c:f2:09:
e4:49:c1:20:a3:5f:1b:a1:c9:6c:97:f6:12:c9:ac:40:20:e1:
5e:f5:17:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD0omGC8j4RcH7EY9UbJbVA0p+zkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA0MzAwMjM0MTVaFw0yNTA0MjkwMjM5MTVaMDMxMTAvBgNV
BAMTKEZBMjg4NTQzMkIyMkU1NzIxOTVCMDY5NjVBOUE3REUyQTZGQTc2RUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkA3cS1vl9Li2h+cGHO4TTuRZM
QxN0ejrVjudT6c2bnmE0rWYwWTrO10bcSMa2K8RPu0VN/TZCTmW7bzFq0Yi/4Tsj
t8peb5tzm1aiYDJaviNnhhC9jG92YVL9FDs6ErRSgAMMD30DVGCook3qId4G+Xr+
qkebWnCROvhWvjMkDRtpiiEr9o73O5kXDsCr4kogxKBn07643E/0CTGiuev3+9PF
X6v6SqvS9N9gD3rf/S7SBMMZtpNTheBkYwwvVbl33jLCZ8r/JtMd1UISdgY6Wb34
5GHqvYtBBgWKUfKs28HgYN+dwIP8jNRcAGOvvTdVLZ6EnuPh4RXAK0+mvZgzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+iiFQysi5XIZWwaWWpp94qb6duowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzOTM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlgMA0GCSqGSIb3DQEBCwUAA4IBAQBj5iH060XpqJrJ3U+/GlNqMWj3YsEojxuZ
9hnYlZIjp4mY3JZ7lSNWYWakFO5zlTQbGpiVr3ViDMFzxuBTJXPdKxFQhLAwXM5d
jSFLvNol2VqSdfXYfm+YVzTlcObEzCmyFEaTOa8HEHlPYQufjVFMZfGC7ooVtofI
bNnEC4oYwLsQfnYIGbyl2NvtJpcERJaKlQ/BQfYeMOXXRqMmefNguuQ/WC/Ldnb+
yLCGx/Si0GbqQECXrvktjOm8ywBzPQCkhqRPKj8ekKDQmuZVj10pdUpvxH+SdkwW
J/2AtnymShwTzcireO4s8gnkScEgo18boclsl/YSyaxAIOFe9Rfm
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:26 2025 by rpki-client