Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39382e302f32342d3234203d3e20383334.roa
File: 34352e3133322e39382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ooJfPeuSEGSjooZmbaPuWXxuQgfexAS7ofAHYE5hGWM=
Subject key identifier: 1C:AA:E6:34:A4:30:8C:E7:B7:D5:85:CF:D3:01:5B:8B:F2:89:9F:4F
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 548875965520D46D981B5437DDB244C3D14EAF25
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39382e302f32342d3234203d3e20383334.roa
Signing time: Thu 04 May 2023 10:56:21 +0000
ROA not before: Thu 04 May 2023 10:51:21 +0000
ROA not after: Thu 02 May 2024 10:56:21 +0000
asID: 834
IP address blocks: 45.132.98.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:88:75:96:55:20:d4:6d:98:1b:54:37:dd:b2:44:c3:d1:4e:af:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: May 4 10:51:21 2023 GMT
Not After : May 2 10:56:21 2024 GMT
Subject: CN=1CAAE634A4308CE7B7D585CFD3015B8BF2899F4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4d:37:cc:e1:87:3e:26:ef:6f:eb:3b:b6:73:
4a:b9:12:bc:5c:1f:7c:64:a9:cf:58:17:ee:9f:9b:
33:83:43:2a:cb:e6:5e:16:75:75:c0:00:04:f0:54:
c9:c6:19:ff:16:16:82:86:49:7d:fb:15:45:18:db:
6e:c3:48:6c:fe:96:26:83:18:29:32:6c:22:13:53:
f7:4a:74:3d:4b:aa:ba:3a:4b:c0:a4:cc:09:fc:06:
ee:25:82:1d:8f:4f:39:2e:28:c6:96:88:32:27:73:
b4:ae:bc:26:88:17:5e:bd:c9:13:6b:07:65:94:84:
f4:96:5f:7e:12:a9:62:f8:83:36:07:c7:49:6d:30:
e2:12:92:21:95:9a:1b:27:e5:d4:c8:04:33:52:b2:
4f:14:0a:da:5a:07:64:26:dd:e8:de:1c:23:28:b9:
25:f2:35:00:0e:ba:9f:76:9c:9c:89:f3:18:de:7f:
6f:1b:59:32:67:24:13:81:32:eb:4c:62:9a:97:6e:
28:0e:79:36:bf:b9:89:2d:ec:e5:81:d3:e5:96:fa:
e3:2d:8d:3b:74:16:51:e9:b1:9e:f1:48:d8:21:c4:
f2:7c:16:ea:82:ec:63:f5:09:ea:4e:f6:2d:5c:bb:
ce:20:41:8c:ab:39:c3:59:26:ea:63:73:86:57:0a:
fe:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AA:E6:34:A4:30:8C:E7:B7:D5:85:CF:D3:01:5B:8B:F2:89:9F:4F
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/24
Signature Algorithm: sha256WithRSAEncryption
07:b2:ee:15:fb:7d:8c:b7:bb:cb:43:26:c3:42:57:79:02:99:
d3:09:82:c2:fc:97:30:1d:0e:47:41:c0:bd:ed:70:2f:f6:d9:
64:52:c9:da:8a:b3:9b:4b:1d:4c:e8:88:c3:cc:fd:22:e3:8e:
80:99:90:8a:5b:d1:2a:74:98:e6:aa:5d:c4:6b:9a:b9:02:18:
d6:c4:79:f2:f5:6d:bd:a5:d1:8f:ff:3e:58:0f:ef:85:d6:ee:
62:6b:4c:b2:c7:50:2e:78:78:28:fc:a3:f2:d3:75:a1:9a:58:
71:e1:55:56:af:db:06:25:6b:b1:5f:4e:a5:a2:b0:a3:1d:75:
66:57:cb:39:db:a2:0a:4e:05:6c:6c:eb:f5:a1:c1:2f:d1:a9:
cf:66:1c:f6:59:c7:83:0b:02:5f:42:8d:fb:13:b0:67:ae:31:
a2:bd:c5:ed:ea:a8:ed:b5:04:e8:05:4c:b9:5d:b2:a1:3a:c9:
42:21:8d:84:96:ae:97:2d:ff:9b:7b:97:46:07:6a:c7:85:db:
b6:53:87:5c:ad:7a:4b:6e:b8:0f:e0:e5:32:8f:82:4f:9e:f8:
aa:66:f0:9b:8e:3b:6c:c1:41:b6:dc:da:b5:68:03:b2:77:61:
f1:2b:ca:89:ad:15:cd:e7:42:f8:6f:cd:f8:26:ab:ed:8b:07:
dd:46:d2:5c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUVIh1llUg1G2YG1Q33bJEw9FOryUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yMzA1MDQxMDUxMjFaFw0yNDA1MDIxMDU2MjFaMDMxMTAvBgNV
BAMTKDFDQUFFNjM0QTQzMDhDRTdCN0Q1ODVDRkQzMDE1QjhCRjI4OTlGNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5TTfM4Yc+Ju9v6zu2c0q5Erxc
H3xkqc9YF+6fmzODQyrL5l4WdXXAAATwVMnGGf8WFoKGSX37FUUY227DSGz+liaD
GCkybCITU/dKdD1Lqro6S8CkzAn8Bu4lgh2PTzkuKMaWiDInc7SuvCaIF169yRNr
B2WUhPSWX34SqWL4gzYHx0ltMOISkiGVmhsn5dTIBDNSsk8UCtpaB2Qm3ejeHCMo
uSXyNQAOup92nJyJ8xjef28bWTJnJBOBMutMYpqXbigOeTa/uYkt7OWB0+WW+uMt
jTt0FlHpsZ7xSNghxPJ8FuqC7GP1CepO9i1cu84gQYyrOcNZJupjc4ZXCv6VAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUHKrmNKQwjOe31YXP0wFbi/KJn08wHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRiMA0G
CSqGSIb3DQEBCwUAA4IBAQAHsu4V+32Mt7vLQybDQld5ApnTCYLC/JcwHQ5HQcC9
7XAv9tlkUsnairObSx1M6IjDzP0i446AmZCKW9EqdJjmql3Ea5q5AhjWxHny9W29
pdGP/z5YD++F1u5ia0yyx1AueHgo/KPy03Whmlhx4VVWr9sGJWuxX06lorCjHXVm
V8s526IKTgVsbOv1ocEv0anPZhz2WceDCwJfQo37E7BnrjGivcXt6qjttQToBUy5
XbKhOslCIY2Elq6XLf+be5dGB2rHhdu2U4dcrXpLbrgP4OUyj4JPnviqZvCbjjts
wUG23Nq1aAOyd2HxK8qJrRXN50L4b834JqvtiwfdRtJc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:51 2023 by rpki-client on console-ams.rpki-client.org