Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20383334.roa
File: 34352e3133372e39362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: FrX9raFYZkGvM+nvcQanCJ2Im6fShH0EfCIY7SyTsy4=
Subject key identifier: 35:90:9A:26:08:72:4E:C9:0E:BD:80:9E:B7:50:5D:5A:80:F7:89:19
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 36AFDE8010FE5C70404D01557E38F46F387F7879
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20383334.roa
Signing time: Wed 27 Mar 2024 00:01:38 +0000
ROA not before: Tue 26 Mar 2024 23:56:38 +0000
ROA not after: Wed 26 Mar 2025 00:01:38 +0000
asID: 834
IP address blocks: 45.137.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 31 Mar 2024 16:14:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:af:de:80:10:fe:5c:70:40:4d:01:55:7e:38:f4:6f:38:7f:78:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 26 23:56:38 2024 GMT
Not After : Mar 26 00:01:38 2025 GMT
Subject: CN=35909A2608724EC90EBD809EB7505D5A80F78919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:a4:9d:14:ae:f4:6e:cc:95:e5:70:cf:08:
4a:b4:24:e6:6d:7f:90:b1:84:ce:56:9f:2f:36:f6:
01:45:c6:1b:6c:da:97:8d:a3:ef:0d:e3:cb:d4:f7:
2f:9d:64:1a:5f:e6:72:db:5a:86:58:20:fa:6d:e5:
97:e5:51:bc:ff:e9:3e:bf:e8:39:d2:af:a3:74:b7:
9f:2c:7c:2c:0e:75:b4:78:01:b9:aa:63:e7:05:85:
77:3e:3e:25:9d:28:35:e1:88:2f:38:e5:a7:4c:32:
a7:a7:4a:dc:2c:ec:0f:2f:fa:9c:21:fe:a9:8d:89:
cb:29:4d:ad:e7:3e:e2:87:ab:a8:14:d9:3f:5e:2e:
d8:a2:ef:6f:45:9e:87:b4:81:07:3b:f0:a0:5b:65:
a7:98:21:af:8a:76:7a:de:7e:83:f5:98:13:fd:5c:
65:d0:fa:1d:2c:78:12:fb:0f:2e:28:00:f4:4a:43:
6d:ee:a9:f6:80:3a:3d:d7:c3:9e:9b:ac:51:10:0f:
48:a1:53:1e:a1:68:a9:3a:0d:9e:cc:9f:42:7b:35:
b1:a4:7f:51:e4:4d:4d:6e:6a:18:86:cd:d2:91:9f:
91:1a:00:cf:50:12:78:a3:9f:ea:e9:e2:6e:d7:ac:
00:76:eb:59:07:f7:87:2f:e2:8a:4c:4a:b5:cf:04:
cf:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:90:9A:26:08:72:4E:C9:0E:BD:80:9E:B7:50:5D:5A:80:F7:89:19
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.96.0/24
Signature Algorithm: sha256WithRSAEncryption
18:33:cf:07:77:b3:4c:88:63:54:66:49:98:d8:73:47:3e:50:
b7:02:7b:33:e9:fe:48:82:98:1f:eb:cd:72:43:4b:73:2b:23:
94:3d:96:b7:8a:e5:37:98:1c:db:51:52:49:0d:ed:42:75:5d:
96:12:3e:a3:cc:18:0a:23:64:56:91:af:2b:28:e2:bd:34:0b:
6e:de:56:ef:9e:08:4c:e6:df:00:fe:3d:a4:c3:f9:49:61:f4:
66:5f:b4:c4:b1:1e:b6:fd:73:fb:0e:0c:92:74:3d:ef:81:7f:
a0:50:1e:ec:40:02:4e:af:f6:d7:52:08:01:a2:2f:84:b9:77:
35:c2:cb:91:05:35:a8:16:f5:87:0b:3b:7b:e4:b4:b7:68:b0:
52:98:99:fa:5a:8a:e8:32:82:73:e5:1c:6f:a2:17:04:b7:34:
47:06:a0:a3:6c:a7:d2:17:dd:6e:f7:59:2a:f5:f8:c9:e4:8e:
fd:d7:28:74:8c:64:77:74:48:78:e1:f5:1c:5b:c5:04:3b:11:
25:6a:c7:bd:50:65:2d:5f:71:ad:b0:f2:6c:c9:31:c2:1f:f4:
0f:7e:1c:8f:c1:8a:05:7c:75:f9:16:64:7a:26:fa:9b:de:7a:
54:d0:e2:05:35:30:ef:1b:e2:03:c4:fa:f7:19:ab:cd:a8:5d:
ff:09:8e:c3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNq/egBD+XHBATQFVfjj0bzh/eHkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAzMjYyMzU2MzhaFw0yNTAzMjYwMDAxMzhaMDMxMTAvBgNV
BAMTKDM1OTA5QTI2MDg3MjRFQzkwRUJEODA5RUI3NTA1RDVBODBGNzg5MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgaqSdFK70bsyV5XDPCEq0JOZt
f5CxhM5Wny829gFFxhts2peNo+8N48vU9y+dZBpf5nLbWoZYIPpt5ZflUbz/6T6/
6DnSr6N0t58sfCwOdbR4AbmqY+cFhXc+PiWdKDXhiC845adMMqenStws7A8v+pwh
/qmNicspTa3nPuKHq6gU2T9eLtii729Fnoe0gQc78KBbZaeYIa+KdnrefoP1mBP9
XGXQ+h0seBL7Dy4oAPRKQ23uqfaAOj3Xw56brFEQD0ihUx6haKk6DZ7Mn0J7NbGk
f1HkTU1uahiGzdKRn5EaAM9QEnijn+rp4m7XrAB261kH94cv4opMSrXPBM/bAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUNZCaJghyTskOvYCet1BdWoD3iRkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYlgMA0G
CSqGSIb3DQEBCwUAA4IBAQAYM88Hd7NMiGNUZkmY2HNHPlC3Ansz6f5Igpgf681y
Q0tzKyOUPZa3iuU3mBzbUVJJDe1CdV2WEj6jzBgKI2RWka8rKOK9NAtu3lbvnghM
5t8A/j2kw/lJYfRmX7TEsR62/XP7DgySdD3vgX+gUB7sQAJOr/bXUggBoi+EuXc1
wsuRBTWoFvWHCzt75LS3aLBSmJn6WoroMoJz5RxvohcEtzRHBqCjbKfSF91u91kq
9fjJ5I791yh0jGR3dEh44fUcW8UEOxElase9UGUtX3GtsPJsyTHCH/QPfhyPwYoF
fHX5FmR6Jvqb3npU0OIFNTDvG+IDxPr3GavNqF3/CY7D
Generated at Sun Mar 31 17:36:15 2024 by rpki-client on console-ams.rpki-client.org