Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20323036323836.roa
File: 34352e39312e3133372e302f32342d3234203d3e20323036323836.roa (raw, json)
Hash identifier: VefbYlf96lJRYEvPiLzWHKOwlTbrmO3lIQjQE3U/i1c=
Subject key identifier: 18:53:D9:B3:FC:FE:EC:F7:CE:10:5B:33:61:B4:E5:D3:9A:AB:E5:64
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4F7D07D2A0D1B787463EE9F5C00BA2167B3E564C
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20323036323836.roa
Signing time: Thu 23 Jan 2025 03:04:12 +0000
ROA not before: Thu 23 Jan 2025 02:59:12 +0000
ROA not after: Thu 22 Jan 2026 03:04:12 +0000
asID: 206286
IP address blocks: 45.91.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 14:23:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:7d:07:d2:a0:d1:b7:87:46:3e:e9:f5:c0:0b:a2:16:7b:3e:56:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 23 02:59:12 2025 GMT
Not After : Jan 22 03:04:12 2026 GMT
Subject: CN=1853D9B3FCFEECF7CE105B3361B4E5D39AABE564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:d4:2b:b1:6f:be:3f:84:73:8b:bf:2f:3d:
33:cd:1d:bc:eb:9a:4e:dd:18:37:c7:f9:a2:a3:b6:
a4:bf:ed:ed:f2:02:22:c8:21:be:86:3d:bd:27:6b:
3e:fb:48:dc:c7:04:81:c5:e0:93:b8:bc:36:6a:5a:
e5:3b:5f:20:31:02:d0:15:52:99:33:d4:dd:26:62:
6a:b3:d1:55:f5:3c:b8:97:a9:15:90:c3:29:ae:fb:
d8:2b:a1:4c:d9:6f:bf:01:35:56:19:25:be:31:b6:
99:b3:36:42:e5:7a:f5:a5:22:43:8b:37:a0:d3:e7:
d1:6e:c1:03:ff:86:ad:e3:3a:52:3a:cc:93:50:b3:
89:2e:b2:d3:1f:e5:cd:1d:19:c3:39:70:93:3d:50:
90:90:8b:c2:c2:34:43:b8:4e:2c:b4:3d:9f:4b:6e:
c9:75:dc:69:8a:e9:6b:31:d0:5f:e3:81:03:36:04:
6e:7e:88:4b:db:15:ee:1b:4e:69:c9:ed:39:6e:58:
ff:81:5f:06:c8:e3:ce:a1:45:03:ff:81:09:df:13:
f9:2b:57:bd:eb:86:d1:ef:0d:b9:9e:69:d9:3e:e1:
65:95:16:f3:1e:5b:64:cf:fa:be:03:b2:cc:01:36:
c0:e6:74:80:b0:78:ff:f2:a5:07:f5:ab:59:7a:14:
64:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:53:D9:B3:FC:FE:EC:F7:CE:10:5B:33:61:B4:E5:D3:9A:AB:E5:64
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20323036323836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.137.0/24
Signature Algorithm: sha256WithRSAEncryption
08:23:14:17:1f:dc:18:b0:0a:b6:56:08:d8:0c:5e:40:a2:40:
b9:8f:30:cf:e2:42:d8:d6:08:ce:6c:2a:e7:a8:18:26:e7:9a:
2e:ae:26:f2:52:c7:ea:14:97:a9:d1:86:3b:1f:8f:91:29:71:
90:e4:a3:e9:63:23:d7:cc:49:b1:b6:9b:e8:aa:26:88:2d:5c:
dc:1f:20:9d:da:51:4a:77:dc:ad:81:7c:ed:f6:eb:21:10:5c:
c5:1b:7b:d2:52:c4:a3:b4:47:92:33:22:f0:48:79:1a:b3:7c:
b7:6a:87:55:be:ef:c4:6d:1a:6d:e1:74:c2:a1:cc:c4:23:d9:
c5:1e:4e:76:d6:b3:e8:3b:60:d1:d3:9f:78:80:36:3c:ad:dc:
4d:08:ba:f9:88:7a:36:2d:47:e8:d5:cb:b1:a4:72:3c:ad:c7:
f8:42:56:71:ba:be:60:94:b4:0b:49:0a:d0:90:c8:ee:14:bb:
05:96:3f:e0:41:39:80:9b:b2:b7:b9:30:cd:e1:35:e2:03:63:
c8:ff:67:2d:ca:19:ee:f0:d4:fc:d2:35:36:ed:61:05:89:59:
12:07:21:58:f8:c7:c3:ed:4f:28:5d:3d:c2:5b:48:d7:8f:cd:
fc:5f:82:96:d1:c3:2b:d4:c1:58:4e:2e:8e:a9:17:9d:f2:12:
48:a3:90:e6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT30H0qDRt4dGPun1wAuiFns+VkwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjMwMjU5MTJaFw0yNjAxMjIwMzA0MTJaMDMxMTAvBgNV
BAMTKDE4NTNEOUIzRkNGRUVDRjdDRTEwNUIzMzYxQjRFNUQzOUFBQkU1NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC82NQrsW++P4Rzi78vPTPNHbzr
mk7dGDfH+aKjtqS/7e3yAiLIIb6GPb0naz77SNzHBIHF4JO4vDZqWuU7XyAxAtAV
Upkz1N0mYmqz0VX1PLiXqRWQwymu+9groUzZb78BNVYZJb4xtpmzNkLlevWlIkOL
N6DT59FuwQP/hq3jOlI6zJNQs4kustMf5c0dGcM5cJM9UJCQi8LCNEO4Tiy0PZ9L
bsl13GmK6Wsx0F/jgQM2BG5+iEvbFe4bTmnJ7TluWP+BXwbI486hRQP/gQnfE/kr
V73rhtHvDbmeadk+4WWVFvMeW2TP+r4DsswBNsDmdICweP/ypQf1q1l6FGTNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGFPZs/z+7PfOEFszYbTl05qr5WQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzIzODM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVuJMA0GCSqGSIb3DQEBCwUAA4IBAQAIIxQXH9wYsAq2VgjYDF5AokC5jzDP4kLY
1gjObCrnqBgm55ouribyUsfqFJep0YY7H4+RKXGQ5KPpYyPXzEmxtpvoqiaILVzc
HyCd2lFKd9ytgXzt9ushEFzFG3vSUsSjtEeSMyLwSHkas3y3aodVvu/EbRpt4XTC
oczEI9nFHk521rPoO2DR0594gDY8rdxNCLr5iHo2LUfo1cuxpHI8rcf4QlZxur5g
lLQLSQrQkMjuFLsFlj/gQTmAm7K3uTDN4TXiA2PI/2ctyhnu8NT80jU27WEFiVkS
ByFY+MfD7U8oXT3CW0jXj838X4KW0cMr1MFYTi6OqRed8hJIo5Dm
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:07:46 2025 by rpki-client