Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20323136323231.roa
File: 34352e3135382e35362e302f32342d3234203d3e20323136323231.roa (raw, json)
Hash identifier: RG6fjeTfw6EKBobrfpG7Fx2C+TS7ECD/KYJ6//ASNzY=
Subject key identifier: D6:D0:CB:4B:9E:71:32:4D:7D:0A:08:01:76:51:BF:A0:03:E6:4C:B3
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7879FD781EB753920496447B60B8CEACE92140F7
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20323136323231.roa
Signing time: Mon 30 Dec 2024 16:06:14 +0000
ROA not before: Mon 30 Dec 2024 16:01:14 +0000
ROA not after: Mon 29 Dec 2025 16:06:14 +0000
asID: 216221
IP address blocks: 45.158.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 13:40:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:79:fd:78:1e:b7:53:92:04:96:44:7b:60:b8:ce:ac:e9:21:40:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 30 16:01:14 2024 GMT
Not After : Dec 29 16:06:14 2025 GMT
Subject: CN=D6D0CB4B9E71324D7D0A08017651BFA003E64CB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fe:34:cf:9a:bf:bd:29:d7:28:c5:53:76:87:
ad:6b:cc:c0:ac:cd:05:a2:86:f9:c4:91:f0:8a:36:
7c:ce:c7:ed:77:57:37:af:af:65:5e:a2:6c:13:a0:
de:44:f8:da:30:46:5d:20:da:e6:b6:61:a8:4e:14:
68:44:87:44:81:23:28:15:5a:05:61:98:97:6b:a0:
e6:50:31:7e:df:fd:9a:57:79:31:5b:47:60:c6:33:
9e:90:9e:65:a2:e7:a3:8d:51:55:02:77:b8:c7:aa:
9d:a6:89:4f:cb:ff:a7:f8:fc:96:64:e9:26:5d:39:
f9:08:37:4d:52:a8:a6:0e:b4:db:0e:f7:63:ba:a3:
9a:92:1a:a6:97:ec:40:1f:79:12:2d:b3:52:10:e8:
68:08:df:19:54:91:6c:49:29:4d:89:34:af:73:0a:
ae:62:e5:5b:3f:86:cd:e5:60:37:c4:35:c6:16:1c:
6a:9e:25:e0:b8:4f:46:72:34:7a:45:3c:fc:1e:32:
97:d9:bf:c7:70:c1:77:f9:33:a2:78:61:f3:af:4b:
01:06:81:01:80:36:1e:50:0e:bb:c9:e0:f2:f7:2a:
59:6b:7c:20:55:98:b5:ab:20:07:b8:e6:fb:71:f7:
62:5d:9f:10:84:32:33:0b:e1:1e:9f:cb:e1:b5:3c:
63:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D0:CB:4B:9E:71:32:4D:7D:0A:08:01:76:51:BF:A0:03:E6:4C:B3
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20323136323231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.56.0/24
Signature Algorithm: sha256WithRSAEncryption
33:e0:61:df:13:58:91:48:9f:68:b6:4d:ea:36:c2:83:7c:85:
c1:bf:71:07:aa:2e:c3:a8:6a:93:71:4e:1c:60:5b:66:84:cd:
4f:a4:47:f7:7d:d5:80:93:2e:f6:56:80:98:b5:b4:64:b9:00:
7e:9d:a6:75:1b:61:76:53:5a:da:82:e7:cc:b6:e7:92:00:37:
a1:ab:4f:f1:2e:37:3c:7e:02:9f:d8:2a:33:e1:e1:61:82:c5:
69:dd:af:6e:98:64:f5:05:ec:7d:cb:60:55:c2:47:5b:f2:64:
16:2c:52:f8:55:f0:64:99:35:47:9d:b9:09:fd:58:88:3d:d7:
55:6f:53:99:66:be:b5:4b:8a:32:47:89:24:b2:00:87:7d:6c:
cf:7b:5d:41:75:63:7b:72:8b:72:ec:a6:50:d8:73:c6:01:a3:
25:4b:5d:af:34:32:c7:f1:fc:fb:7f:15:15:10:ba:68:cc:18:
78:55:77:65:73:ca:35:9c:7a:7c:7b:c1:ee:e5:60:dc:ef:ce:
13:65:e0:a7:35:dc:dd:b3:45:0e:5c:98:b9:ae:e8:74:6d:19:
7e:80:77:cd:ec:fd:59:a8:4c:c9:88:3d:0a:67:07:3d:6b:ac:
83:b6:b5:35:d3:8b:53:93:52:b3:1e:d5:df:78:9d:30:76:e2:
5b:69:4c:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeHn9eB63U5IElkR7YLjOrOkhQPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDEyMzAxNjAxMTRaFw0yNTEyMjkxNjA2MTRaMDMxMTAvBgNV
BAMTKEQ2RDBDQjRCOUU3MTMyNEQ3RDBBMDgwMTc2NTFCRkEwMDNFNjRDQjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl/jTPmr+9KdcoxVN2h61rzMCs
zQWihvnEkfCKNnzOx+13Vzevr2VeomwToN5E+NowRl0g2ua2YahOFGhEh0SBIygV
WgVhmJdroOZQMX7f/ZpXeTFbR2DGM56QnmWi56ONUVUCd7jHqp2miU/L/6f4/JZk
6SZdOfkIN01SqKYOtNsO92O6o5qSGqaX7EAfeRIts1IQ6GgI3xlUkWxJKU2JNK9z
Cq5i5Vs/hs3lYDfENcYWHGqeJeC4T0ZyNHpFPPweMpfZv8dwwXf5M6J4YfOvSwEG
gQGANh5QDrvJ4PL3KllrfCBVmLWrIAe45vtx92JdnxCEMjML4R6fy+G1PGNbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1tDLS55xMk19CggBdlG/oAPmTLMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM2MzIzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ44MA0GCSqGSIb3DQEBCwUAA4IBAQAz4GHfE1iRSJ9otk3qNsKDfIXBv3EHqi7D
qGqTcU4cYFtmhM1PpEf3fdWAky72VoCYtbRkuQB+naZ1G2F2U1ragufMtueSADeh
q0/xLjc8fgKf2Coz4eFhgsVp3a9umGT1Bex9y2BVwkdb8mQWLFL4VfBkmTVHnbkJ
/ViIPddVb1OZZr61S4oyR4kksgCHfWzPe11BdWN7coty7KZQ2HPGAaMlS12vNDLH
8fz7fxUVELpozBh4VXdlc8o1nHp8e8Hu5WDc784TZeCnNdzds0UOXJi5ruh0bRl+
gHfN7P1ZqEzJiD0KZwc9a6yDtrU104tTk1KzHtXfeJ0wduJbaUxD
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:51:14 2025 by rpki-client