Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135312e302f32342d3234203d3e20383334.roa
File: 34352e36362e3135312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: y7skPv8DiYIEdTLSFHsQGF2bWg/OpGxUJJcD7SZVqZQ=
Subject key identifier: 5C:14:26:BE:3D:E9:DD:F3:98:0F:A2:AF:67:81:E8:C8:9B:DE:6F:49
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 0617814901DFE640F8F02286C033307EF2D9019E
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135312e302f32342d3234203d3e20383334.roa
Signing time: Sat 01 Mar 2025 00:03:36 +0000
ROA not before: Fri 28 Feb 2025 23:58:36 +0000
ROA not after: Sat 28 Feb 2026 00:03:36 +0000
asID: 834
IP address blocks: 45.66.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 02:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:17:81:49:01:df:e6:40:f8:f0:22:86:c0:33:30:7e:f2:d9:01:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Feb 28 23:58:36 2025 GMT
Not After : Feb 28 00:03:36 2026 GMT
Subject: CN=5C1426BE3DE9DDF3980FA2AF6781E8C89BDE6F49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:93:8d:2f:7e:d8:d7:41:a2:b2:0b:60:9c:55:
d0:cd:c3:d4:17:bf:dd:8a:1d:97:de:fc:bb:be:d0:
75:6c:6b:55:bb:69:5c:26:95:70:0d:e6:e3:76:3f:
1d:7a:58:de:b4:cf:d5:c2:d7:87:b6:4a:e1:8a:4f:
f2:07:78:45:0a:18:b9:0d:10:17:6e:1e:fa:9b:44:
7e:eb:84:81:f4:a2:db:63:94:54:5d:51:f4:62:a4:
9a:60:3a:d4:f8:e9:7f:a5:e2:70:1a:f6:ca:f1:96:
68:95:8b:c3:24:f5:2a:b1:6f:f7:bd:0c:0b:36:49:
14:f5:4b:2a:ce:40:5b:35:fe:69:11:75:19:9a:f7:
0a:f1:2a:24:34:25:54:05:5d:e0:04:15:1b:ca:e3:
5c:80:fa:58:e3:e9:8f:56:b8:b1:d5:58:45:d7:80:
45:01:2a:ea:08:be:6f:62:a2:ce:9f:3f:f0:d8:cb:
e3:1f:3f:fc:e6:14:11:86:6d:d3:a0:3d:33:33:ec:
2e:4e:ea:c4:4c:61:6b:05:02:d3:87:2c:cd:9c:15:
58:8c:88:23:4b:20:53:33:f5:eb:0a:46:b8:e8:d0:
e6:3f:00:a2:f8:ce:d0:0d:06:19:f4:6e:d8:cc:8e:
9f:4f:f5:d4:84:e7:aa:18:42:8d:c2:3d:35:41:28:
ba:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:14:26:BE:3D:E9:DD:F3:98:0F:A2:AF:67:81:E8:C8:9B:DE:6F:49
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e36362e3135312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.151.0/24
Signature Algorithm: sha256WithRSAEncryption
85:16:e9:68:58:d9:30:f4:30:25:85:2d:f9:5e:69:67:ef:da:
70:a1:b7:d5:c5:1e:c4:f9:c6:02:5c:3a:84:3d:3e:5b:18:df:
57:1f:9a:00:8e:9e:f4:08:3f:3d:7e:c8:20:4f:03:0a:0b:32:
f8:79:4e:34:96:50:fa:4d:4b:90:e9:96:66:77:11:a9:67:53:
17:0e:96:95:16:19:f4:97:a2:07:cd:b5:fb:1f:e3:46:15:de:
ba:ad:4c:36:7b:fb:b7:5c:45:03:bc:63:33:b0:dc:22:70:cf:
1c:0f:f3:64:3f:d8:ad:41:9a:7c:ca:88:b9:fb:b5:d6:c1:bc:
79:89:9d:a4:3b:41:c1:90:30:e9:1c:ba:ec:6f:94:bf:07:c4:
e6:38:32:65:d0:4f:05:ed:0d:2f:e6:60:92:b4:03:00:2c:5a:
11:7a:32:bb:2f:59:6b:8b:74:ea:0b:8d:ed:a9:55:11:c5:26:
ee:22:85:b8:67:8f:b7:fa:5a:87:61:70:d9:dc:8a:39:c5:30:
96:a6:8a:5c:22:93:96:b0:f4:21:89:c5:04:f8:c5:ef:b7:c7:
68:74:ca:19:c5:09:d1:be:2b:8b:61:08:9e:da:33:76:57:21:
d5:60:c8:db:c3:7c:3c:0c:20:dd:3f:ee:29:07:b6:7d:6c:95:
9c:24:28:77
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUBheBSQHf5kD48CKGwDMwfvLZAZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTAyMjgyMzU4MzZaFw0yNjAyMjgwMDAzMzZaMDMxMTAvBgNV
BAMTKDVDMTQyNkJFM0RFOURERjM5ODBGQTJBRjY3ODFFOEM4OUJERTZGNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkk40vftjXQaKyC2CcVdDNw9QX
v92KHZfe/Lu+0HVsa1W7aVwmlXAN5uN2Px16WN60z9XC14e2SuGKT/IHeEUKGLkN
EBduHvqbRH7rhIH0ottjlFRdUfRipJpgOtT46X+l4nAa9srxlmiVi8Mk9Sqxb/e9
DAs2SRT1SyrOQFs1/mkRdRma9wrxKiQ0JVQFXeAEFRvK41yA+ljj6Y9WuLHVWEXX
gEUBKuoIvm9ios6fP/DYy+MfP/zmFBGGbdOgPTMz7C5O6sRMYWsFAtOHLM2cFViM
iCNLIFMz9esKRrjo0OY/AKL4ztANBhn0btjMjp9P9dSE56oYQo3CPTVBKLoFAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUXBQmvj3p3fOYD6KvZ4HoyJveb0kwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzYzNjJlMzEzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUKXMA0G
CSqGSIb3DQEBCwUAA4IBAQCFFuloWNkw9DAlhS35Xmln79pwobfVxR7E+cYCXDqE
PT5bGN9XH5oAjp70CD89fsggTwMKCzL4eU40llD6TUuQ6ZZmdxGpZ1MXDpaVFhn0
l6IHzbX7H+NGFd66rUw2e/u3XEUDvGMzsNwicM8cD/NkP9itQZp8yoi5+7XWwbx5
iZ2kO0HBkDDpHLrsb5S/B8TmODJl0E8F7Q0v5mCStAMALFoRejK7L1lri3TqC43t
qVURxSbuIoW4Z4+3+lqHYXDZ3Io5xTCWpopcIpOWsPQhicUE+MXvt8dodMoZxQnR
viuLYQie2jN2VyHVYMjbw3w8DCDdP+4pB7Z9bJWcJCh3
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:19 2025 by rpki-client