Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20323130353432.roa
File: 34352e3133372e39362e302f32342d3234203d3e20323130353432.roa (raw, json)
Hash identifier: R30JY+HP+cG6mpB1riVXCSoKfgDTGhDht55q7/sAaYI=
Subject key identifier: 29:5B:5C:C6:BD:8E:11:46:7E:0A:A5:AA:E1:05:D9:4D:3D:B5:10:96
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 3F6794E955489D922A81A08394D4AC6D3DAB4BC5
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20323130353432.roa
Signing time: Tue 27 Feb 2024 08:57:03 +0000
ROA not before: Tue 27 Feb 2024 08:52:03 +0000
ROA not after: Tue 25 Feb 2025 08:57:03 +0000
asID: 210542
IP address blocks: 45.137.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Mar 2024 00:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:67:94:e9:55:48:9d:92:2a:81:a0:83:94:d4:ac:6d:3d:ab:4b:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 27 08:52:03 2024 GMT
Not After : Feb 25 08:57:03 2025 GMT
Subject: CN=295B5CC6BD8E11467E0AA5AAE105D94D3DB51096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a8:e9:19:ec:8d:13:a1:58:01:67:37:cd:e3:
79:00:1e:6c:97:e8:d0:0d:f6:6e:4c:b1:6d:a0:fc:
b4:90:b5:55:cd:11:51:42:c1:e2:bf:b8:f3:cf:04:
9f:cc:c6:ad:6d:da:83:3e:e0:c1:e9:78:d2:12:58:
71:9d:16:c9:5b:f9:91:a1:0a:45:b6:aa:35:32:fd:
3e:fe:fd:a3:7a:d1:29:73:c6:c0:71:1e:29:e6:cf:
a2:ee:5e:35:21:8c:c7:11:2d:bf:12:23:b2:d3:17:
70:31:20:22:7e:c5:c3:c6:fd:ac:9b:c0:e0:01:44:
22:13:15:e1:0d:54:57:08:29:75:af:6c:7b:ee:41:
bd:15:0e:1a:a5:db:f6:4f:78:45:ed:44:d0:5b:fc:
b6:6a:19:4f:9c:fb:53:df:1c:1a:a6:a3:34:2a:e3:
da:ea:c9:a6:f9:03:17:8c:71:8f:62:3e:3b:f8:d9:
07:99:03:d2:3c:3c:28:ac:19:38:31:56:79:40:e0:
97:4b:91:c7:63:56:45:6b:53:c3:9b:c0:ce:b2:27:
cb:14:04:b9:21:af:bf:17:42:bd:6f:7b:59:f9:eb:
1d:06:97:4e:b7:5d:8e:7d:03:96:c7:97:61:4e:6d:
b7:e6:98:92:2d:ed:eb:f1:f6:c6:fa:d9:88:e8:2a:
b3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5B:5C:C6:BD:8E:11:46:7E:0A:A5:AA:E1:05:D9:4D:3D:B5:10:96
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20323130353432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.96.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c9:a3:dd:13:9c:c2:11:96:43:e6:bb:ab:48:40:13:ad:17:
d6:a1:6d:c4:8f:4c:4e:cd:71:71:44:29:44:3e:17:b3:91:4b:
81:6a:df:b2:a2:37:ca:8d:c1:e0:c9:76:48:d1:45:7c:8c:85:
79:5b:4e:bc:cc:3e:b6:4b:15:f6:f7:10:9e:f1:4c:40:37:7e:
85:35:43:c9:e9:fd:23:21:05:c1:3d:c1:6b:95:4e:53:17:11:
6b:ab:54:4b:af:42:a3:34:4b:8f:12:29:17:ef:2a:46:8e:4a:
65:a5:26:88:ca:66:fb:25:7d:59:df:43:70:7d:47:b9:99:58:
55:d3:e6:33:45:6d:49:60:c7:4a:c9:e6:fc:b0:a4:7c:53:e9:
8c:a5:06:09:ef:8b:37:e9:66:fb:3c:cb:25:df:6e:47:37:34:
8b:a5:a3:c6:b6:38:06:8c:de:82:16:8a:1c:a3:0c:98:5b:67:
f8:34:ee:5d:69:80:67:87:3d:ec:94:1c:d3:ec:44:74:36:95:
1d:07:79:76:43:85:19:9b:6e:87:84:32:ae:0f:1a:ea:b6:b3:
f3:26:46:2b:b9:34:f8:80:ac:4c:6e:3e:8f:b0:37:87:d3:8c:
c5:d9:ba:c4:38:ab:8b:b1:16:41:59:a8:cc:df:4b:4a:33:82:
e0:59:9d:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP2eU6VVInZIqgaCDlNSsbT2rS8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjcwODUyMDNaFw0yNTAyMjUwODU3MDNaMDMxMTAvBgNV
BAMTKDI5NUI1Q0M2QkQ4RTExNDY3RTBBQTVBQUUxMDVEOTREM0RCNTEwOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgqOkZ7I0ToVgBZzfN43kAHmyX
6NAN9m5MsW2g/LSQtVXNEVFCweK/uPPPBJ/Mxq1t2oM+4MHpeNISWHGdFslb+ZGh
CkW2qjUy/T7+/aN60SlzxsBxHinmz6LuXjUhjMcRLb8SI7LTF3AxICJ+xcPG/ayb
wOABRCITFeENVFcIKXWvbHvuQb0VDhql2/ZPeEXtRNBb/LZqGU+c+1PfHBqmozQq
49rqyab5AxeMcY9iPjv42QeZA9I8PCisGTgxVnlA4JdLkcdjVkVrU8ObwM6yJ8sU
BLkhr78XQr1ve1n56x0Gl063XY59A5bHl2FObbfmmJIt7evx9sb62YjoKrMhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKVtcxr2OEUZ+CqWq4QXZTT21EJYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMwMzUzNDMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlgMA0GCSqGSIb3DQEBCwUAA4IBAQBNyaPdE5zCEZZD5rurSEATrRfWoW3Ej0xO
zXFxRClEPhezkUuBat+yojfKjcHgyXZI0UV8jIV5W068zD62SxX29xCe8UxAN36F
NUPJ6f0jIQXBPcFrlU5TFxFrq1RLr0KjNEuPEikX7ypGjkplpSaIymb7JX1Z30Nw
fUe5mVhV0+YzRW1JYMdKyeb8sKR8U+mMpQYJ74s36Wb7PMsl325HNzSLpaPGtjgG
jN6CFoocowyYW2f4NO5daYBnhz3slBzT7ER0NpUdB3l2Q4UZm26HhDKuDxrqtrPz
JkYruTT4gKxMbj6PsDeH04zF2brEOKuLsRZBWajM30tKM4LgWZ3X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org