Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20343030383636.roa
File: 34352e3133372e39362e302f32342d3234203d3e20343030383636.roa (raw, json)
Hash identifier: XReftm6Hjin122WkqO0AcAYYAJi6UGkTA0QYXEhLxvw=
Subject key identifier: 91:25:0C:25:CD:3D:C0:2E:BF:65:B0:35:92:B5:EA:AB:1C:1B:26:7D
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 50B36D2321A067B8E67FEC4E5271C677B37192F8
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20343030383636.roa
Signing time: Sun 31 Mar 2024 16:14:51 +0000
ROA not before: Sun 31 Mar 2024 16:09:51 +0000
ROA not after: Sun 30 Mar 2025 16:14:51 +0000
asID: 400866
IP address blocks: 45.137.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 00:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:b3:6d:23:21:a0:67:b8:e6:7f:ec:4e:52:71:c6:77:b3:71:92:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 31 16:09:51 2024 GMT
Not After : Mar 30 16:14:51 2025 GMT
Subject: CN=91250C25CD3DC02EBF65B03592B5EAAB1C1B267D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:25:34:01:10:bb:9c:00:0e:2a:45:63:ae:4d:
ac:91:c9:e3:9c:dc:72:01:d7:10:c9:13:10:89:0a:
65:df:b6:d8:e9:4c:78:8b:c4:02:1a:76:42:07:6d:
21:9e:38:12:a7:6e:20:67:9a:b3:5a:1f:c9:98:5d:
47:48:4f:a2:0b:72:dc:d8:b7:9e:12:a8:83:90:9e:
8a:b5:cc:6a:3d:42:14:96:91:89:4d:cf:b9:f5:9d:
0f:c7:6d:83:ab:a4:bd:bb:89:62:50:7c:24:2c:1c:
29:68:99:82:7c:cb:2c:70:64:4e:75:fa:c8:9e:af:
31:80:a1:81:ed:b1:fe:f5:f8:05:56:58:40:4d:6c:
0f:f0:2c:40:54:c1:03:22:eb:10:de:35:80:fb:ab:
a4:f4:35:ca:8e:1e:c1:fb:33:b2:c0:fb:24:86:aa:
e6:c3:34:dc:98:cd:d5:3d:33:3f:a4:9f:a8:c6:db:
f2:b6:6a:fe:b2:77:16:d1:77:54:9a:da:7b:8f:5a:
bc:2d:bd:bd:7e:db:f6:13:19:c2:6c:15:11:69:b7:
08:5d:80:15:9a:ed:3e:e8:87:9e:8c:d0:9b:61:ad:
b0:44:cc:84:e6:f6:f8:2a:34:80:ef:21:3d:1a:7f:
4f:45:e9:cb:bc:f6:a2:ba:48:68:1b:06:45:02:4b:
3d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:25:0C:25:CD:3D:C0:2E:BF:65:B0:35:92:B5:EA:AB:1C:1B:26:7D
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20343030383636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.96.0/24
Signature Algorithm: sha256WithRSAEncryption
44:89:85:ca:d1:0f:ec:ce:0b:60:cc:bd:dc:f9:43:dd:51:cc:
65:d7:48:57:eb:f1:bc:bd:5d:36:be:1d:79:78:2f:e4:8c:be:
0e:cb:1e:a2:63:e6:f7:7b:68:b0:50:b6:51:79:3f:e9:7e:25:
2c:e5:dd:ac:01:f4:d8:63:5f:82:92:fe:d4:bd:52:d3:32:ac:
40:4c:4a:3c:07:64:bc:ee:77:70:4f:f1:b3:16:d5:75:3f:a0:
2e:70:23:15:5c:b7:87:4d:d1:f3:00:a5:70:22:06:05:88:ab:
b3:a6:f8:cf:e1:92:60:f0:48:da:78:74:2f:e6:fb:72:65:34:
34:18:31:fb:ee:b7:e9:1f:3f:35:b1:70:ee:98:ca:a7:e9:3d:
42:2a:03:1e:4c:f1:c7:bd:83:a4:70:66:80:5d:77:c1:d6:da:
b9:e4:1a:8d:2c:0c:9b:35:42:9c:54:cb:c0:84:17:8d:65:49:
7b:fb:34:b1:1b:59:0c:c7:d1:a5:4d:54:16:64:22:15:91:b6:
50:8e:79:70:6c:dc:30:dc:f2:4e:71:24:4c:40:5a:0f:22:05:
a8:39:0b:85:4b:3f:f8:7c:ac:50:03:74:2f:41:44:f9:44:f8:
43:5e:18:5d:6a:cb:15:1f:ce:dd:ac:34:41:f2:47:36:28:80:
88:3b:8d:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUULNtIyGgZ7jmf+xOUnHGd7NxkvgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAzMzExNjA5NTFaFw0yNTAzMzAxNjE0NTFaMDMxMTAvBgNV
BAMTKDkxMjUwQzI1Q0QzREMwMkVCRjY1QjAzNTkyQjVFQUFCMUMxQjI2N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8JTQBELucAA4qRWOuTayRyeOc
3HIB1xDJExCJCmXfttjpTHiLxAIadkIHbSGeOBKnbiBnmrNaH8mYXUdIT6ILctzY
t54SqIOQnoq1zGo9QhSWkYlNz7n1nQ/HbYOrpL27iWJQfCQsHClomYJ8yyxwZE51
+sierzGAoYHtsf71+AVWWEBNbA/wLEBUwQMi6xDeNYD7q6T0NcqOHsH7M7LA+ySG
qubDNNyYzdU9Mz+kn6jG2/K2av6ydxbRd1Sa2nuPWrwtvb1+2/YTGcJsFRFptwhd
gBWa7T7oh56M0JthrbBEzITm9vgqNIDvIT0af09F6cu89qK6SGgbBkUCSz2JAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkSUMJc09wC6/ZbA1krXqqxwbJn0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzgzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYlgMA0GCSqGSIb3DQEBCwUAA4IBAQBEiYXK0Q/szgtgzL3c+UPdUcxl10hX6/G8
vV02vh15eC/kjL4Oyx6iY+b3e2iwULZReT/pfiUs5d2sAfTYY1+Ckv7UvVLTMqxA
TEo8B2S87ndwT/GzFtV1P6AucCMVXLeHTdHzAKVwIgYFiKuzpvjP4ZJg8EjaeHQv
5vtyZTQ0GDH77rfpHz81sXDumMqn6T1CKgMeTPHHvYOkcGaAXXfB1tq55BqNLAyb
NUKcVMvAhBeNZUl7+zSxG1kMx9GlTVQWZCIVkbZQjnlwbNww3PJOcSRMQFoPIgWo
OQuFSz/4fKxQA3QvQUT5RPhDXhhdassVH87drDRB8kc2KICIO42r
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org