Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20383334.roa
File: 34352e3135382e35392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: j2f1BBvYgMIxgO7/F4X/dTvu6wOzC43OBE7vtbZKHwg=
Subject key identifier: F3:F1:46:0C:B9:EB:A1:0A:DF:2B:B0:29:23:0A:F8:F7:FA:40:7B:DD
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6046BC697AE9169A22DB3A2780750B30BE01D447
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20383334.roa
Signing time: Wed 21 May 2025 11:25:09 +0000
ROA not before: Wed 21 May 2025 11:20:09 +0000
ROA not after: Wed 20 May 2026 11:25:09 +0000
asID: 834
IP address blocks: 45.158.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 14:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:46:bc:69:7a:e9:16:9a:22:db:3a:27:80:75:0b:30:be:01:d4:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 21 11:20:09 2025 GMT
Not After : May 20 11:25:09 2026 GMT
Subject: CN=F3F1460CB9EBA10ADF2BB029230AF8F7FA407BDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5a:df:d7:ce:af:dc:60:33:56:f0:23:a9:ca:
b1:a8:6c:ec:53:9a:5a:d6:0c:1f:d2:c2:94:49:95:
59:60:a5:00:38:14:62:5d:b4:18:65:62:8c:b2:cd:
01:d8:c7:c3:b6:de:83:74:72:51:d1:e0:15:c7:6c:
64:c7:ba:28:0a:05:9a:ae:13:38:4a:38:2f:00:65:
87:33:d7:4d:ba:a1:84:9f:3e:2c:4a:1f:0f:4b:a5:
15:0b:bf:e7:6f:65:50:01:ad:ac:5a:ee:5c:9f:81:
e9:a8:d5:da:8c:1a:50:8c:c8:03:82:60:ae:54:75:
d5:66:40:22:02:1d:d1:33:02:c2:b1:1a:e7:e9:95:
78:10:7a:94:44:0e:19:29:15:31:69:8d:c5:1a:49:
de:e0:2f:6a:8a:c5:ce:0c:6b:18:bd:9f:72:19:6a:
a1:80:9c:28:fc:3e:cc:d9:9f:c8:ff:e0:e6:6e:ea:
20:f4:e3:a1:cd:9f:a3:39:3c:26:51:33:22:2d:fe:
53:13:ec:01:98:9e:a2:56:4f:e3:c5:eb:8d:98:a1:
83:43:93:26:a9:0c:93:b2:72:3e:05:13:50:a1:47:
f9:76:4b:d4:ed:f6:b4:ec:5f:8d:99:d5:96:92:21:
a0:18:61:da:34:5c:d9:e5:21:fd:39:19:f6:75:c6:
a7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:F1:46:0C:B9:EB:A1:0A:DF:2B:B0:29:23:0A:F8:F7:FA:40:7B:DD
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
45:45:50:9d:7a:cc:a7:24:e6:2e:90:be:38:e2:c5:f1:fd:4e:
85:fb:86:89:b6:ee:b2:9c:40:10:42:94:13:84:0f:a2:c4:26:
59:90:61:9d:4a:c2:7f:97:3b:fd:b6:35:d2:f5:16:b7:26:86:
43:4c:b0:94:9c:08:35:5f:76:1c:fe:6a:94:10:0b:49:71:08:
1c:1d:e5:df:85:86:36:1d:7f:38:17:db:e8:31:73:e3:38:29:
6e:28:66:20:39:fc:9d:0e:c7:9d:78:49:50:3e:37:c6:b9:78:
39:c2:2f:93:13:6a:74:a8:42:19:ae:37:a1:56:71:09:0a:b8:
d9:a5:e9:20:00:41:c0:44:13:43:29:14:0b:81:ff:ae:6c:7a:
db:6c:11:14:77:93:f0:5c:56:33:2b:f4:35:be:f2:8b:3c:67:
41:21:5c:29:75:8e:fa:d9:4e:0f:6f:85:f7:c5:9a:c6:93:22:
f3:34:78:99:78:c3:0e:0e:14:5e:a3:72:c8:e9:9b:28:5d:16:
47:63:8d:11:ee:55:fb:68:d1:a2:83:ec:47:42:34:d0:da:95:
ac:45:25:cc:5e:f7:4d:86:6b:65:b4:ac:e6:d5:22:c5:43:e0:
a5:f1:e8:8c:6e:ce:d9:8b:11:41:73:50:b4:69:92:d4:11:18:
7e:ff:3e:77
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUYEa8aXrpFpoi2zongHULML4B1EcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA1MjExMTIwMDlaFw0yNjA1MjAxMTI1MDlaMDMxMTAvBgNV
BAMTKEYzRjE0NjBDQjlFQkExMEFERjJCQjAyOTIzMEFGOEY3RkE0MDdCREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/Wt/Xzq/cYDNW8COpyrGobOxT
mlrWDB/SwpRJlVlgpQA4FGJdtBhlYoyyzQHYx8O23oN0clHR4BXHbGTHuigKBZqu
EzhKOC8AZYcz1026oYSfPixKHw9LpRULv+dvZVABraxa7lyfgemo1dqMGlCMyAOC
YK5UddVmQCICHdEzAsKxGufplXgQepREDhkpFTFpjcUaSd7gL2qKxc4Maxi9n3IZ
aqGAnCj8PszZn8j/4OZu6iD046HNn6M5PCZRMyIt/lMT7AGYnqJWT+PF642YoYND
kyapDJOycj4FE1ChR/l2S9Tt9rTsX42Z1ZaSIaAYYdo0XNnlIf05GfZ1xqc3AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU8/FGDLnroQrfK7ApIwr49/pAe90wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ47MA0G
CSqGSIb3DQEBCwUAA4IBAQBFRVCdesynJOYukL444sXx/U6F+4aJtu6ynEAQQpQT
hA+ixCZZkGGdSsJ/lzv9tjXS9Ra3JoZDTLCUnAg1X3Yc/mqUEAtJcQgcHeXfhYY2
HX84F9voMXPjOCluKGYgOfydDsedeElQPjfGuXg5wi+TE2p0qEIZrjehVnEJCrjZ
pekgAEHARBNDKRQLgf+ubHrbbBEUd5PwXFYzK/Q1vvKLPGdBIVwpdY762U4Pb4X3
xZrGkyLzNHiZeMMODhReo3LI6ZsoXRZHY40R7lX7aNGig+xHQjTQ2pWsRSXMXvdN
hmtltKzm1SLFQ+Cl8eiMbs7ZixFBc1C0aZLUERh+/z53
-----END CERTIFICATE-----
Generated at Fri Jun 6 23:13:12 2025 by rpki-client