Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137382e302f32342d3234203d3e20323135313031.roa
File: 352e3138312e3137382e302f32342d3234203d3e20323135313031.roa (raw, json)
Hash identifier: Zp2jQm3ZUAeTdwqDcvkL3MA29J+ebT+BrGhlvA/+iUQ=
Subject key identifier: 22:59:EB:88:27:91:88:DC:54:BC:2B:DB:D1:43:DB:F5:D3:79:BB:F6
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4A1E861FF6BEB77D7D1015F50BC2463BA4A3B8B1
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137382e302f32342d3234203d3e20323135313031.roa
Signing time: Sun 04 Aug 2024 17:03:48 +0000
ROA not before: Sun 04 Aug 2024 16:58:48 +0000
ROA not after: Sun 03 Aug 2025 17:03:48 +0000
asID: 215101
IP address blocks: 5.181.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 10:39:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:1e:86:1f:f6:be:b7:7d:7d:10:15:f5:0b:c2:46:3b:a4:a3:b8:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 4 16:58:48 2024 GMT
Not After : Aug 3 17:03:48 2025 GMT
Subject: CN=2259EB88279188DC54BC2BDBD143DBF5D379BBF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f1:f3:ff:67:59:2c:73:61:f5:de:f7:80:f2:
40:b2:4b:0d:13:04:29:4a:72:9a:73:ba:c2:94:79:
fe:11:41:ff:a1:8a:aa:ca:96:04:7d:34:a1:15:8c:
37:c9:a4:a5:0d:32:78:f4:ed:08:d8:5b:fd:62:2b:
d7:3d:5b:63:31:23:2d:d7:47:82:8a:a4:34:17:51:
b8:89:15:f0:80:10:75:fd:56:47:50:db:33:cc:8f:
59:ba:77:bc:91:c8:d6:36:ac:c9:e9:20:22:75:3d:
d2:d0:2a:ef:ab:ca:18:f8:f4:d3:c8:5c:66:33:99:
23:20:b1:a8:bc:f5:74:b5:7e:65:3f:3a:45:d1:4b:
95:9c:70:75:9f:87:ab:0c:bf:02:0b:82:1d:4b:63:
dc:02:63:4c:9c:bd:cf:c7:eb:9d:68:f0:f2:a7:99:
6c:dc:c9:4b:c6:6a:fc:c4:e0:eb:15:7d:bd:98:83:
21:ce:a1:97:75:e5:be:e3:0f:a4:3d:47:61:ee:4f:
06:88:e3:8d:a7:5f:f9:11:80:50:ee:59:f2:0d:9a:
ac:2c:cf:07:e0:44:24:a9:c9:73:55:90:96:df:d4:
7d:6b:12:28:a2:ff:48:ef:51:44:12:61:46:7c:e5:
a7:ce:11:5d:ef:38:51:d5:cf:a7:db:5d:a3:95:d2:
08:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:59:EB:88:27:91:88:DC:54:BC:2B:DB:D1:43:DB:F5:D3:79:BB:F6
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/352e3138312e3137382e302f32342d3234203d3e20323135313031.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.178.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:dd:7c:e4:53:4a:c7:8b:cd:f7:82:92:80:a7:af:fb:88:0c:
bb:51:f1:09:0e:b7:df:2a:89:fe:60:dc:0d:87:39:4e:5e:8a:
86:08:4f:04:fd:74:3c:83:03:ad:de:a9:85:3c:34:c0:80:3b:
d4:2b:81:43:1f:ba:01:89:95:38:c5:a2:3a:de:87:d8:23:6a:
fc:c5:66:bd:c5:da:6b:82:61:5e:8e:03:d4:bd:5a:c2:d1:f1:
dd:fc:04:1d:f7:a2:f0:85:87:6b:01:fa:96:ef:17:e8:6f:ee:
84:4d:bc:b7:db:c2:47:35:72:79:6f:79:71:a8:81:cd:46:f9:
0c:c3:c8:4b:d4:8d:e1:fd:2c:a0:28:8a:22:1b:4f:a1:79:1b:
1a:8d:92:99:43:ab:13:30:79:49:ee:bb:0e:8b:b4:54:17:f9:
a1:23:79:0e:5f:c8:d4:f0:60:0d:c7:17:82:c3:03:c1:9e:21:
57:18:ee:47:b6:6d:dd:93:ee:2a:cf:f0:3a:c3:db:65:ce:51:
ba:2c:d9:67:c1:f4:0a:fb:cd:3f:72:bb:03:5f:ce:53:b7:b0:
6a:97:d7:2e:b8:fb:54:a0:e4:cc:ac:70:2f:44:34:bd:7b:93:
5e:75:bd:5d:b9:fb:52:0b:e0:e0:83:8d:00:b1:19:2a:5a:ab:
21:86:a2:00
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSh6GH/a+t319EBX1C8JGO6SjuLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA4MDQxNjU4NDhaFw0yNTA4MDMxNzAzNDhaMDMxMTAvBgNV
BAMTKDIyNTlFQjg4Mjc5MTg4REM1NEJDMkJEQkQxNDNEQkY1RDM3OUJCRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe8fP/Z1ksc2H13veA8kCySw0T
BClKcppzusKUef4RQf+hiqrKlgR9NKEVjDfJpKUNMnj07QjYW/1iK9c9W2MxIy3X
R4KKpDQXUbiJFfCAEHX9VkdQ2zPMj1m6d7yRyNY2rMnpICJ1PdLQKu+ryhj49NPI
XGYzmSMgsai89XS1fmU/OkXRS5WccHWfh6sMvwILgh1LY9wCY0ycvc/H651o8PKn
mWzcyUvGavzE4OsVfb2YgyHOoZd15b7jD6Q9R2HuTwaI442nX/kRgFDuWfINmqws
zwfgRCSpyXNVkJbf1H1rEiii/0jvUUQSYUZ85afOEV3vOFHVz6fbXaOV0ghBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIlnriCeRiNxUvCvb0UPb9dN5u/YwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzUyZTMxMzgzMTJlMzEzNzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzEzMDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
BbWyMA0GCSqGSIb3DQEBCwUAA4IBAQCm3XzkU0rHi833gpKAp6/7iAy7UfEJDrff
Kon+YNwNhzlOXoqGCE8E/XQ8gwOt3qmFPDTAgDvUK4FDH7oBiZU4xaI63ofYI2r8
xWa9xdprgmFejgPUvVrC0fHd/AQd96LwhYdrAfqW7xfob+6ETby328JHNXJ5b3lx
qIHNRvkMw8hL1I3h/SygKIoiG0+heRsajZKZQ6sTMHlJ7rsOi7RUF/mhI3kOX8jU
8GANxxeCwwPBniFXGO5Htm3dk+4qz/A6w9tlzlG6LNlnwfQK+80/crsDX85Tt7Bq
l9cuuPtUoOTMrHAvRDS9e5Nedb1duftSC+Dgg40AsRkqWqshhqIA
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:20 2025 by rpki-client