Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137332e302f32342d3234203d3e203433323630.roa
File: 34352e38372e3137332e302f32342d3234203d3e203433323630.roa (raw, json)
Hash identifier: ysRWi71GnPcxWG1+J3bLxH8yGV7jNmJFvZorOSmoL/I=
Subject key identifier: 52:0A:1B:50:8A:05:C8:13:C2:CE:56:BA:55:01:0B:9C:42:F9:76:41
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 07EE7AFFD6F9F4E4FFAC32CA1A0AC815BF1434B8
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137332e302f32342d3234203d3e203433323630.roa
Signing time: Wed 21 Feb 2024 19:05:13 +0000
ROA not before: Wed 21 Feb 2024 19:00:13 +0000
ROA not after: Wed 19 Feb 2025 19:05:13 +0000
asID: 43260
IP address blocks: 45.87.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Apr 2024 11:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ee:7a:ff:d6:f9:f4:e4:ff:ac:32:ca:1a:0a:c8:15:bf:14:34:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 21 19:00:13 2024 GMT
Not After : Feb 19 19:05:13 2025 GMT
Subject: CN=520A1B508A05C813C2CE56BA55010B9C42F97641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:81:22:68:c1:c4:83:50:98:4e:b4:52:f4:78:
d3:e5:f5:7f:b7:9b:b3:07:17:6d:30:bd:12:b4:e0:
3f:0b:52:a8:d3:e8:38:2e:01:83:17:2b:f4:fa:af:
c4:56:79:a0:2d:c6:71:25:aa:97:7b:e1:c9:b7:fd:
aa:c2:d7:18:9a:2f:45:e7:76:17:01:b0:07:a0:56:
c8:40:05:f3:4a:f1:bf:d7:21:6e:b4:d1:77:46:e3:
aa:99:08:b7:1a:f4:bf:4c:dc:1c:e1:75:d4:d4:0d:
af:d1:30:48:49:22:2a:18:87:4f:b8:7e:e9:08:2f:
80:4f:c9:d1:57:5d:a7:42:c7:18:34:70:e2:6f:68:
10:2f:2e:be:07:59:09:70:b6:39:b9:5c:91:ee:69:
fd:e6:84:96:47:91:81:63:5c:fc:a9:72:6c:e6:10:
9c:8f:d5:9e:2c:eb:7e:d5:80:66:d8:18:39:46:3c:
1c:24:8a:f4:b5:1c:03:cb:3e:3d:da:a3:0a:fb:77:
80:35:f3:6f:86:7a:d5:0e:ec:25:6a:f4:26:e8:13:
75:1a:25:81:7b:b8:4c:80:d8:87:45:aa:e7:c0:fe:
36:33:30:5c:11:cb:96:d4:9d:bd:0a:3d:75:94:e8:
fc:c5:a8:64:24:b5:ee:70:77:8f:82:d3:67:86:6a:
7b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:0A:1B:50:8A:05:C8:13:C2:CE:56:BA:55:01:0B:9C:42:F9:76:41
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137332e302f32342d3234203d3e203433323630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.173.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:3d:3a:3c:3b:c5:0b:ec:c6:c1:3e:89:44:cd:36:78:d3:72:
24:42:02:f0:6e:71:4b:45:0b:f4:74:65:86:44:e2:d5:6f:a1:
73:23:8a:f8:2a:85:a8:20:7d:fb:27:30:42:83:8e:2c:9d:9a:
5a:3e:d3:b6:7d:00:31:d8:52:cb:f4:e1:7a:8e:2a:e4:36:88:
99:c2:6c:bf:b0:e8:89:0a:6e:1a:bd:43:25:29:9f:0c:d1:20:
b0:fd:61:c5:8d:b3:98:4f:3f:70:51:13:29:e2:47:23:8f:20:
1c:db:97:21:35:a9:ad:da:d8:67:e2:a0:48:43:16:6f:8b:7e:
10:b0:96:03:5a:61:14:27:c3:df:fb:36:64:75:76:8b:8c:9d:
d3:6f:25:fc:ad:1a:b4:54:c1:b4:d9:54:f9:4a:ce:ba:3d:00:
63:f9:39:80:38:3e:bc:8b:e0:38:dd:d0:b6:0b:70:aa:45:fc:
23:a3:98:05:e2:6e:62:c7:5e:90:d6:c2:bb:f3:82:5f:03:00:
a7:1c:6a:c0:b4:2a:78:31:56:84:b9:51:e0:0e:e4:f1:09:29:
fb:ff:24:d5:c1:ce:4a:01:e5:f4:28:93:01:75:63:dd:55:0f:
01:85:fc:ac:e3:e8:e1:5d:1e:49:ed:9d:31:1d:4a:a2:d1:65:
99:d2:94:07
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUB+56/9b59OT/rDLKGgrIFb8UNLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjExOTAwMTNaFw0yNTAyMTkxOTA1MTNaMDMxMTAvBgNV
BAMTKDUyMEExQjUwOEEwNUM4MTNDMkNFNTZCQTU1MDEwQjlDNDJGOTc2NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4gSJowcSDUJhOtFL0eNPl9X+3
m7MHF20wvRK04D8LUqjT6DguAYMXK/T6r8RWeaAtxnElqpd74cm3/arC1xiaL0Xn
dhcBsAegVshABfNK8b/XIW600XdG46qZCLca9L9M3BzhddTUDa/RMEhJIioYh0+4
fukIL4BPydFXXadCxxg0cOJvaBAvLr4HWQlwtjm5XJHuaf3mhJZHkYFjXPypcmzm
EJyP1Z4s637VgGbYGDlGPBwkivS1HAPLPj3aowr7d4A182+GetUO7CVq9CboE3Ua
JYF7uEyA2IdFqufA/jYzMFwRy5bUnb0KPXWU6PzFqGQkte5wd4+C02eGanuHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUUgobUIoFyBPCzla6VQELnEL5dkEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMzMyMzYzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1X
rTANBgkqhkiG9w0BAQsFAAOCAQEADD06PDvFC+zGwT6JRM02eNNyJEIC8G5xS0UL
9HRlhkTi1W+hcyOK+CqFqCB9+ycwQoOOLJ2aWj7Ttn0AMdhSy/Theo4q5DaImcJs
v7DoiQpuGr1DJSmfDNEgsP1hxY2zmE8/cFETKeJHI48gHNuXITWprdrYZ+KgSEMW
b4t+ELCWA1phFCfD3/s2ZHV2i4yd028l/K0atFTBtNlU+UrOuj0AY/k5gDg+vIvg
ON3QtgtwqkX8I6OYBeJuYsdekNbCu/OCXwMApxxqwLQqeDFWhLlR4A7k8Qkp+/8k
1cHOSgHl9CiTAXVj3VUPAYX8rOPo4V0eSe2dMR1KotFlmdKUBw==
-----END CERTIFICATE-----
Generated at Fri Apr 5 15:50:54 2024 by rpki-client on console-ams.rpki-client.org