Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20383334.roa
File: 34352e382e3137332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ikJ0I6T1l7WNLG54bOkRFGXO5L6BpZracaR+RHH9usw=
Subject key identifier: BF:4C:C6:BD:35:23:EB:8A:35:EB:D7:56:F6:D6:4B:9F:93:9C:2A:00
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 6C5D943F4110FB9C2B02874A92F1F3DE913D35A3
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20383334.roa
Signing time: Mon 21 Apr 2025 11:26:51 +0000
ROA not before: Mon 21 Apr 2025 11:21:51 +0000
ROA not after: Mon 20 Apr 2026 11:26:51 +0000
asID: 834
IP address blocks: 45.8.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 12:42:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:5d:94:3f:41:10:fb:9c:2b:02:87:4a:92:f1:f3:de:91:3d:35:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Apr 21 11:21:51 2025 GMT
Not After : Apr 20 11:26:51 2026 GMT
Subject: CN=BF4CC6BD3523EB8A35EBD756F6D64B9F939C2A00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ad:d9:fd:ab:8f:8a:f0:91:45:22:42:3b:48:
65:c5:97:c5:b9:8e:bf:48:ae:80:a4:92:88:7d:de:
59:07:f3:33:c9:0a:6b:ed:6f:89:da:b8:1a:d7:fb:
27:1f:3b:cc:e9:16:31:69:36:b8:95:06:a3:58:90:
0f:fb:95:74:66:f3:45:07:ce:34:01:64:58:79:b2:
9c:38:be:ec:30:70:3d:ab:9f:19:ec:ff:0e:8f:f0:
48:2b:53:f2:9d:cf:36:65:38:56:2a:d5:c6:a1:a7:
31:f9:bf:c8:b0:19:ae:64:5a:f8:8b:24:9a:92:e6:
ba:ef:f6:03:0f:f9:fa:ab:50:81:4a:18:6c:a2:40:
96:6c:a8:00:75:61:1c:66:3d:b9:2d:2d:90:d6:95:
dc:0c:9e:d7:78:d0:6b:29:83:dc:61:13:b5:00:9c:
bd:f9:15:ac:aa:b6:c7:69:7b:c2:4c:72:4e:b5:bb:
63:01:0e:6d:9c:64:5f:36:b6:59:30:ef:31:4e:b3:
59:f5:55:83:1e:6a:29:c2:60:36:e4:2d:db:ab:18:
9a:1a:02:4b:19:54:d7:c1:47:83:f3:28:25:1f:d9:
07:88:fb:99:3d:e4:d4:36:a5:b1:30:08:29:40:46:
b3:8a:37:59:f6:f2:23:9b:4e:f4:dd:28:49:1a:86:
84:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4C:C6:BD:35:23:EB:8A:35:EB:D7:56:F6:D6:4B:9F:93:9C:2A:00
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.173.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d0:82:56:06:7a:6f:25:34:07:f1:a1:66:6a:ff:82:fc:aa:
b1:90:8e:70:70:45:df:e5:5a:71:4e:74:65:b4:49:38:70:00:
b7:07:42:8f:81:31:6d:03:9f:29:6e:6e:12:f6:e7:4b:e7:f5:
ec:72:ee:69:2a:f2:f4:07:1a:34:9f:24:27:89:6d:55:86:e6:
72:61:a3:66:9e:1e:60:77:6f:40:38:ab:5a:bf:5d:da:38:68:
43:fd:41:3b:15:94:67:b5:9a:04:34:cf:4f:f4:e7:bf:0f:67:
f1:2d:fe:f1:22:b4:2d:e4:02:de:de:4f:76:bb:f7:0f:8e:b2:
5f:02:29:45:9e:1e:66:17:7c:bf:01:6e:f8:c3:31:79:2e:ea:
c4:f6:e2:36:49:31:f9:de:e8:0f:58:01:80:aa:4f:03:02:08:
0b:5e:b6:3e:98:36:76:d5:9f:91:d1:4a:70:4e:fa:25:44:9e:
7b:1b:0e:c0:ea:67:3e:7b:df:1c:1f:e5:e2:91:c0:85:87:1e:
9e:91:ae:1c:cd:62:6b:20:80:d4:aa:8b:6d:7a:68:ed:94:b9:
5c:97:23:0d:43:0e:17:46:6d:6e:0f:90:3d:1a:b4:89:2e:65:
c8:52:71:87:3c:eb:5d:ed:31:53:a1:67:44:99:11:79:f3:4c:
f0:fb:a3:26
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUbF2UP0EQ+5wrAodKkvHz3pE9NaMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA0MjExMTIxNTFaFw0yNjA0MjAxMTI2NTFaMDMxMTAvBgNV
BAMTKEJGNENDNkJEMzUyM0VCOEEzNUVCRDc1NkY2RDY0QjlGOTM5QzJBMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWrdn9q4+K8JFFIkI7SGXFl8W5
jr9IroCkkoh93lkH8zPJCmvtb4nauBrX+ycfO8zpFjFpNriVBqNYkA/7lXRm80UH
zjQBZFh5spw4vuwwcD2rnxns/w6P8EgrU/KdzzZlOFYq1cahpzH5v8iwGa5kWviL
JJqS5rrv9gMP+fqrUIFKGGyiQJZsqAB1YRxmPbktLZDWldwMntd40Gspg9xhE7UA
nL35Fayqtsdpe8JMck61u2MBDm2cZF82tlkw7zFOs1n1VYMeainCYDbkLdurGJoa
AksZVNfBR4PzKCUf2QeI+5k95NQ2pbEwCClARrOKN1n28iObTvTdKEkahoQhAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUv0zGvTUj64o169dW9tZLn5OcKgAwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzgyZTMxMzczMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0IrTANBgkq
hkiG9w0BAQsFAAOCAQEAAtCCVgZ6byU0B/GhZmr/gvyqsZCOcHBF3+VacU50ZbRJ
OHAAtwdCj4ExbQOfKW5uEvbnS+f17HLuaSry9AcaNJ8kJ4ltVYbmcmGjZp4eYHdv
QDirWr9d2jhoQ/1BOxWUZ7WaBDTPT/Tnvw9n8S3+8SK0LeQC3t5Pdrv3D46yXwIp
RZ4eZhd8vwFu+MMxeS7qxPbiNkkx+d7oD1gBgKpPAwIIC162Ppg2dtWfkdFKcE76
JUSeexsOwOpnPnvfHB/l4pHAhYcenpGuHM1iayCA1KqLbXpo7ZS5XJcjDUMOF0Zt
bg+QPRq0iS5lyFJxhzzrXe0xU6FnRJkRefNM8PujJg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:28:19 2025 by rpki-client