Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323131353835.roa
File: 34352e38372e3137322e302f32342d3234203d3e20323131353835.roa (raw, json)
Hash identifier: CpKq+Px/TFjQ7VF3W68KuzwGnGkv2nj1KP62zVsi35Y=
Subject key identifier: 8D:46:BB:7C:58:5C:30:D9:5D:0D:E0:93:64:9B:32:82:FA:8D:2A:1C
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 48956C0437522740FFEC19BC1EED6070247E2CB1
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323131353835.roa
Signing time: Thu 20 Apr 2023 12:29:22 +0000
ROA not before: Thu 20 Apr 2023 12:24:22 +0000
ROA not after: Thu 18 Apr 2024 12:29:22 +0000
asID: 211585
IP address blocks: 45.87.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:95:6c:04:37:52:27:40:ff:ec:19:bc:1e:ed:60:70:24:7e:2c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 20 12:24:22 2023 GMT
Not After : Apr 18 12:29:22 2024 GMT
Subject: CN=8D46BB7C585C30D95D0DE093649B3282FA8D2A1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:22:db:cc:48:a7:fd:8c:c1:ed:45:e0:ba:1e:
cf:33:a3:b9:df:ca:da:37:84:da:3e:43:d1:f3:5e:
98:21:b1:9f:4f:f4:0a:af:84:ed:10:a2:dc:01:a4:
8c:02:65:71:61:51:6f:58:3c:52:21:44:82:07:80:
64:60:61:35:dc:98:89:d5:a0:ab:8f:8e:05:f8:2f:
85:46:18:e8:4e:e0:69:a9:3e:3d:07:c0:e1:37:b8:
40:ba:56:17:89:30:2d:5d:cd:0d:f2:57:c9:d9:c8:
fa:bf:c8:5a:07:c6:19:02:22:9f:9d:13:aa:c4:36:
cd:10:06:0a:36:53:0c:38:82:ce:ec:d8:94:78:95:
21:01:98:2f:8a:fd:7c:80:57:d3:24:9a:5e:fa:69:
f4:d3:16:ee:78:6d:f0:92:42:48:f0:42:f4:f2:eb:
eb:bf:4f:d0:db:93:3c:38:b1:5c:46:55:e1:4e:95:
b4:ef:6e:7d:76:09:f1:af:b1:34:96:65:40:62:f4:
17:19:d6:d5:bd:70:4c:58:6f:b3:c4:b4:5a:f8:5f:
34:56:4c:e9:72:a2:0f:88:f5:e5:6f:31:76:ff:28:
ce:b0:33:9c:66:b8:41:9e:50:6e:93:31:91:55:59:
96:07:f8:cf:9c:47:00:52:d0:5d:33:85:49:09:54:
23:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:46:BB:7C:58:5C:30:D9:5D:0D:E0:93:64:9B:32:82:FA:8D:2A:1C
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137322e302f32342d3234203d3e20323131353835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.172.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:ec:d2:95:8d:7b:eb:c5:33:73:0a:43:c3:ad:27:ed:48:1c:
20:3a:eb:ae:5a:56:2d:81:28:6d:a5:86:58:a2:a7:e3:e0:56:
e5:ff:de:2c:da:cc:95:fd:ea:b1:82:89:26:7a:d0:dd:24:b4:
34:a0:60:bc:3c:72:f3:ea:80:8c:96:00:b4:eb:e0:69:fa:d0:
9e:28:92:62:5c:21:dc:ca:62:b3:03:52:a4:69:fd:05:8a:2c:
24:99:1f:bf:cd:17:dc:52:5f:eb:75:25:78:63:c9:07:46:5a:
42:b0:38:e0:1e:94:72:d7:ee:ed:17:18:47:d5:28:ab:21:21:
8d:6c:0a:d9:2b:1d:de:0b:b3:c7:10:23:22:c6:fb:d4:86:7f:
98:20:b8:e1:ac:ef:c7:f8:52:8b:0f:35:11:c2:be:eb:fa:3d:
de:a4:22:f4:4e:96:46:c4:e1:2c:eb:2d:6e:6a:d6:b4:51:06:
09:29:43:a1:9c:83:b3:90:89:92:7a:3f:12:a7:6f:a0:d4:a6:
13:c4:7e:4b:99:13:e4:08:46:6d:ff:6b:04:84:26:76:9a:85:
0e:42:d8:b7:23:f9:17:72:3d:5f:c4:c7:3b:9d:e3:c4:26:64:
fe:41:92:78:f0:ce:03:2f:22:cc:ee:ed:1c:bf:59:63:03:43:
71:3c:93:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSJVsBDdSJ0D/7Bm8Hu1gcCR+LLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA0MjAxMjI0MjJaFw0yNDA0MTgxMjI5MjJaMDMxMTAvBgNV
BAMTKDhENDZCQjdDNTg1QzMwRDk1RDBERTA5MzY0OUIzMjgyRkE4RDJBMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ItvMSKf9jMHtReC6Hs8zo7nf
yto3hNo+Q9HzXpghsZ9P9AqvhO0QotwBpIwCZXFhUW9YPFIhRIIHgGRgYTXcmInV
oKuPjgX4L4VGGOhO4GmpPj0HwOE3uEC6VheJMC1dzQ3yV8nZyPq/yFoHxhkCIp+d
E6rENs0QBgo2Uww4gs7s2JR4lSEBmC+K/XyAV9Mkml76afTTFu54bfCSQkjwQvTy
6+u/T9Dbkzw4sVxGVeFOlbTvbn12CfGvsTSWZUBi9BcZ1tW9cExYb7PEtFr4XzRW
TOlyog+I9eVvMXb/KM6wM5xmuEGeUG6TMZFVWZYH+M+cRwBS0F0zhUkJVCOVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjUa7fFhcMNldDeCTZJsygvqNKhwwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzUzODM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVesMA0GCSqGSIb3DQEBCwUAA4IBAQA97NKVjXvrxTNzCkPDrSftSBwgOuuuWlYt
gShtpYZYoqfj4Fbl/94s2syV/eqxgokmetDdJLQ0oGC8PHLz6oCMlgC06+Bp+tCe
KJJiXCHcymKzA1Kkaf0FiiwkmR+/zRfcUl/rdSV4Y8kHRlpCsDjgHpRy1+7tFxhH
1SirISGNbArZKx3eC7PHECMixvvUhn+YILjhrO/H+FKLDzURwr7r+j3epCL0TpZG
xOEs6y1uata0UQYJKUOhnIOzkImSej8Sp2+g1KYTxH5LmRPkCEZt/2sEhCZ2moUO
Qti3I/kXcj1fxMc7nePEJmT+QZJ48M4DLyLM7u0cv1ljA0NxPJPT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:00 2023 by rpki-client on console-fra.rpki-client.org