Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20383334.roa
File: 34352e39312e3133382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: NNAseROFDDX9xZsOK5ShMqzk4SfL99F52cpm7mQfp8Q=
Subject key identifier: 61:C5:7A:2B:26:25:8B:F2:EF:3A:FF:D6:49:F7:81:99:91:A5:75:95
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5BEE2EB897A6021345773243A9A14863B1FFBED7
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20383334.roa
Signing time: Thu 14 Dec 2023 00:00:04 +0000
ROA not before: Wed 13 Dec 2023 23:55:04 +0000
ROA not after: Thu 12 Dec 2024 00:00:04 +0000
asID: 834
IP address blocks: 45.91.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ee:2e:b8:97:a6:02:13:45:77:32:43:a9:a1:48:63:b1:ff:be:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 13 23:55:04 2023 GMT
Not After : Dec 12 00:00:04 2024 GMT
Subject: CN=61C57A2B26258BF2EF3AFFD649F7819991A57595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:52:2b:96:9d:04:bf:b0:11:4a:ea:5d:86:74:
a6:a3:a9:10:88:b9:c5:e3:04:d6:41:c0:6e:65:0a:
59:a5:1e:a6:48:84:60:1b:dd:99:b9:74:44:db:a0:
d6:a1:87:be:2f:37:c7:72:0a:c3:e5:97:ac:25:ab:
cf:dd:b0:1a:db:2d:d2:63:7b:71:93:2f:c6:21:7a:
ec:fd:0f:55:9a:36:44:f7:92:58:f5:95:c7:32:02:
47:7b:aa:c7:8a:27:86:07:86:7b:cb:f9:fe:d2:cf:
b8:18:89:8e:72:c5:d8:ee:1f:2a:a4:d7:0f:40:13:
39:57:4c:14:14:ac:f6:9c:5b:ce:33:0c:14:d9:1d:
db:1a:47:a0:e8:bb:03:10:8d:e0:d9:75:5b:15:8c:
8f:7e:c7:12:fd:c5:cc:52:8c:07:01:1b:67:c1:f5:
7e:7a:26:77:2b:30:6b:cf:71:d7:c0:86:88:2e:3b:
ca:74:d9:ea:1f:34:5b:a1:2c:7d:72:7a:1c:45:a4:
4b:d6:b4:bd:4a:58:92:1e:88:a5:6c:8e:97:70:06:
36:11:72:f5:7f:d8:48:d1:2a:d0:07:08:31:90:ae:
d8:10:83:3b:84:18:64:59:a5:7e:95:f2:ab:58:24:
e7:db:f0:d4:71:21:c7:b0:99:77:a1:e5:95:9c:94:
42:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C5:7A:2B:26:25:8B:F2:EF:3A:FF:D6:49:F7:81:99:91:A5:75:95
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.138.0/24
Signature Algorithm: sha256WithRSAEncryption
32:60:75:64:92:0a:7a:64:44:5e:a2:4b:44:ab:ca:bf:bb:8c:
ad:c5:c8:b0:9f:ec:25:ee:fa:57:5b:bd:6c:69:03:10:27:f0:
00:fe:9e:5b:91:c1:1b:cd:44:0d:9f:dc:75:34:f2:6d:1a:e4:
57:eb:bd:a6:35:38:d7:db:3f:9f:51:bb:f0:6d:c8:0d:1f:2c:
98:96:39:e7:89:fd:bc:16:57:3b:55:8b:a2:8e:f2:a8:75:08:
21:2e:30:ab:f3:e8:09:ab:61:7f:f4:a4:46:e4:19:da:3a:e4:
13:d4:15:b2:9f:b7:63:5d:1e:36:f0:a6:ab:e6:ac:06:48:b4:
6a:9e:17:64:36:f9:00:aa:57:99:49:0b:6d:58:75:3c:86:00:
8b:3c:0d:2e:23:7d:52:e5:1d:6a:d1:75:84:8d:50:4e:5c:be:
21:d8:b6:3a:d6:55:f5:e4:04:04:b2:e9:a7:8f:1c:5f:b0:fc:
19:c9:3f:2a:4e:bb:03:e6:f9:7a:7a:de:3e:9b:0e:5c:4a:d5:
91:80:9e:d8:49:5c:cc:3e:ed:11:31:00:f1:a3:5f:7a:cd:e0:
f3:60:d1:2e:d6:52:dc:1e:99:e8:d5:3d:6d:7e:d0:d4:04:ac:
f2:70:6d:7f:89:a7:f7:50:1e:17:79:f1:f1:60:d5:c8:a4:ee:
67:d2:09:b0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUW+4uuJemAhNFdzJDqaFIY7H/vtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzEyMTMyMzU1MDRaFw0yNDEyMTIwMDAwMDRaMDMxMTAvBgNV
BAMTKDYxQzU3QTJCMjYyNThCRjJFRjNBRkZENjQ5Rjc4MTk5OTFBNTc1OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXUiuWnQS/sBFK6l2GdKajqRCI
ucXjBNZBwG5lClmlHqZIhGAb3Zm5dETboNahh74vN8dyCsPll6wlq8/dsBrbLdJj
e3GTL8Yheuz9D1WaNkT3klj1lccyAkd7qseKJ4YHhnvL+f7Sz7gYiY5yxdjuHyqk
1w9AEzlXTBQUrPacW84zDBTZHdsaR6DouwMQjeDZdVsVjI9+xxL9xcxSjAcBG2fB
9X56JncrMGvPcdfAhoguO8p02eofNFuhLH1yehxFpEvWtL1KWJIeiKVsjpdwBjYR
cvV/2EjRKtAHCDGQrtgQgzuEGGRZpX6V8qtYJOfb8NRxIcewmXeh5ZWclELFAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUYcV6KyYli/LvOv/WSfeBmZGldZUwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVuKMA0G
CSqGSIb3DQEBCwUAA4IBAQAyYHVkkgp6ZEReoktEq8q/u4ytxciwn+wl7vpXW71s
aQMQJ/AA/p5bkcEbzUQNn9x1NPJtGuRX672mNTjX2z+fUbvwbcgNHyyYljnnif28
Flc7VYuijvKodQghLjCr8+gJq2F/9KRG5BnaOuQT1BWyn7djXR428Kar5qwGSLRq
nhdkNvkAqleZSQttWHU8hgCLPA0uI31S5R1q0XWEjVBOXL4h2LY61lX15AQEsumn
jxxfsPwZyT8qTrsD5vl6et4+mw5cStWRgJ7YSVzMPu0RMQDxo196zeDzYNEu1lLc
Hpno1T1tftDUBKzycG1/iaf3UB4XefHxYNXIpO5n0gmw
Generated at Thu Dec 28 00:57:26 2023 by rpki-client on console-ams.rpki-client.org