Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20383334.roa
File: 34352e3135382e35362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: rRTF/sp7Ty/IuZNvylBsWhTAzsT49EQFnRqHzhLH91I=
Subject key identifier: 4B:9A:74:5A:55:8E:7A:4A:8D:5D:C1:C8:CC:51:7B:69:96:2F:78:64
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 73E81779B2A65C610CDC35970CB4B8EF7CA77089
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20383334.roa
Signing time: Mon 31 Mar 2025 05:38:01 +0000
ROA not before: Mon 31 Mar 2025 05:33:01 +0000
ROA not after: Mon 30 Mar 2026 05:38:01 +0000
asID: 834
IP address blocks: 45.158.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 15:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:e8:17:79:b2:a6:5c:61:0c:dc:35:97:0c:b4:b8:ef:7c:a7:70:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 31 05:33:01 2025 GMT
Not After : Mar 30 05:38:01 2026 GMT
Subject: CN=4B9A745A558E7A4A8D5DC1C8CC517B69962F7864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c1:02:f9:af:15:ed:b7:81:12:3d:fd:6e:51:
c4:8e:eb:a2:c0:45:57:38:8d:c4:c1:cc:11:a7:d1:
17:b9:b2:ec:0b:c6:da:f6:30:c4:02:43:21:b9:2d:
fd:3f:21:8c:c1:29:db:30:7d:c9:c1:1f:8e:45:a5:
f2:5d:21:1b:c8:0e:85:75:3b:4b:bf:5a:b4:9e:ef:
43:04:4f:19:e2:54:13:e9:6f:2b:e8:0d:9f:61:db:
ef:30:59:2c:6f:02:fc:1f:b6:d4:58:89:41:d9:9a:
67:89:a6:c5:96:c4:f1:32:88:d2:fe:ed:0f:14:47:
dc:07:38:cb:28:36:b0:be:68:2b:96:61:08:6e:13:
e6:d0:5c:7e:cc:f8:e9:81:58:9b:cf:69:8f:36:66:
7d:93:d6:b5:af:11:5f:5f:44:d7:c4:46:02:7f:eb:
66:7d:b6:ab:f4:ef:55:91:1a:19:bf:1c:52:09:db:
1f:96:f1:18:52:c1:ef:26:e0:51:1c:f4:8b:7e:2b:
69:b9:26:1f:17:2d:c4:a2:16:fb:b1:a6:c2:05:29:
37:08:d2:32:81:98:b5:63:27:d0:7a:23:1a:a0:34:
a8:bf:b6:57:bc:a1:7b:22:39:fc:26:a5:a0:5b:55:
a9:c7:fc:1f:42:5c:9b:12:12:c8:71:6f:57:01:07:
84:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9A:74:5A:55:8E:7A:4A:8D:5D:C1:C8:CC:51:7B:69:96:2F:78:64
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.56.0/24
Signature Algorithm: sha256WithRSAEncryption
83:01:5e:8e:9e:b9:1f:f7:2a:84:3a:05:f3:a6:c0:f0:0e:65:
7f:6d:5c:0d:95:88:b8:b7:02:3d:56:09:3b:9e:50:ef:7c:ed:
2e:62:b6:a8:47:48:7b:9c:e4:4c:02:7d:b1:37:4e:e9:35:3f:
24:14:af:04:84:0a:18:3f:18:c4:a4:40:17:3e:f2:b1:08:ae:
68:89:19:0e:e0:8e:76:68:82:c0:f6:76:82:5a:28:aa:f7:f6:
35:a3:2a:a4:1b:59:8f:d1:5a:84:5f:6c:39:18:97:e1:a0:76:
a4:6d:b2:16:f6:88:eb:99:02:96:ef:08:2a:a8:98:7a:db:79:
c0:ef:3f:41:71:98:87:26:42:9a:be:1e:eb:a8:ad:0f:06:e9:
90:7a:20:6e:93:eb:f1:5d:5a:60:de:ee:50:4c:9a:19:2f:f7:
24:cf:50:03:13:7f:e0:d0:76:c1:e5:76:3c:bd:a2:69:33:80:
4d:b5:b8:e8:03:1e:e9:0f:71:9c:09:3e:17:c6:fb:41:19:12:
63:90:cb:53:a6:6a:13:37:1f:dc:a1:16:fe:13:e8:5a:09:1b:
0c:32:d6:bf:ae:10:52:83:7e:59:9e:2f:24:a4:52:85:a9:e1:
f2:97:8f:ab:ae:8f:f8:93:3f:cd:dd:27:53:1d:44:7d:48:d1:
7b:36:c6:8f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUc+gXebKmXGEM3DWXDLS473yncIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMzEwNTMzMDFaFw0yNjAzMzAwNTM4MDFaMDMxMTAvBgNV
BAMTKDRCOUE3NDVBNTU4RTdBNEE4RDVEQzFDOENDNTE3QjY5OTYyRjc4NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYwQL5rxXtt4ESPf1uUcSO66LA
RVc4jcTBzBGn0Re5suwLxtr2MMQCQyG5Lf0/IYzBKdswfcnBH45FpfJdIRvIDoV1
O0u/WrSe70METxniVBPpbyvoDZ9h2+8wWSxvAvwfttRYiUHZmmeJpsWWxPEyiNL+
7Q8UR9wHOMsoNrC+aCuWYQhuE+bQXH7M+OmBWJvPaY82Zn2T1rWvEV9fRNfERgJ/
62Z9tqv071WRGhm/HFIJ2x+W8RhSwe8m4FEc9It+K2m5Jh8XLcSiFvuxpsIFKTcI
0jKBmLVjJ9B6IxqgNKi/tle8oXsiOfwmpaBbVanH/B9CXJsSEshxb1cBB4RBAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUS5p0WlWOekqNXcHIzFF7aZYveGQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ44MA0G
CSqGSIb3DQEBCwUAA4IBAQCDAV6Onrkf9yqEOgXzpsDwDmV/bVwNlYi4twI9Vgk7
nlDvfO0uYraoR0h7nORMAn2xN07pNT8kFK8EhAoYPxjEpEAXPvKxCK5oiRkO4I52
aILA9naCWiiq9/Y1oyqkG1mP0VqEX2w5GJfhoHakbbIW9ojrmQKW7wgqqJh623nA
7z9BcZiHJkKavh7rqK0PBumQeiBuk+vxXVpg3u5QTJoZL/ckz1ADE3/g0HbB5XY8
vaJpM4BNtbjoAx7pD3GcCT4XxvtBGRJjkMtTpmoTNx/coRb+E+haCRsMMta/rhBS
g35Zni8kpFKFqeHyl4+rro/4kz/N3SdTHUR9SNF7NsaP
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:11:37 2025 by rpki-client