Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc9aa95f-7b38-426a-9966-5441939fe031/0/34352e3135302e372e302f32342d3234203d3e20343030383636.roa
File: 34352e3135302e372e302f32342d3234203d3e20343030383636.roa (raw, json)
Hash identifier: AzbcM0dTQ/0PFJTMATeBmv0+nq4nbTv+aCOqe8T/xFo=
Subject key identifier: BC:3A:87:C4:DA:30:61:F5:EB:D5:B8:83:70:48:41:3D:9B:5E:6C:38
Certificate issuer: /CN=64af15419bd5fe6c8f97e224a86a4917a2e6fefe
Certificate serial: 32A6A190F42B6000B35C40C4EC77ADE0DE1E2FF3
Authority key identifier: 64:AF:15:41:9B:D5:FE:6C:8F:97:E2:24:A8:6A:49:17:A2:E6:FE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZK8VQZvV_myPl-IkqGpJF6Lm_v4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc9aa95f-7b38-426a-9966-5441939fe031/0/34352e3135302e372e302f32342d3234203d3e20343030383636.roa
Signing time: Tue 11 Jun 2024 09:54:34 +0000
ROA not before: Tue 11 Jun 2024 09:49:34 +0000
ROA not after: Tue 10 Jun 2025 09:54:34 +0000
asID: 400866
IP address blocks: 45.150.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:a6:a1:90:f4:2b:60:00:b3:5c:40:c4:ec:77:ad:e0:de:1e:2f:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64af15419bd5fe6c8f97e224a86a4917a2e6fefe
Validity
Not Before: Jun 11 09:49:34 2024 GMT
Not After : Jun 10 09:54:34 2025 GMT
Subject: CN=BC3A87C4DA3061F5EBD5B8837048413D9B5E6C38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:aa:99:65:21:ed:29:00:c7:cb:b8:60:3a:6c:
f5:ff:29:cb:d7:fa:b3:c1:41:9f:95:3f:56:f7:66:
e0:97:1e:f7:73:0c:b1:e4:fc:dd:b4:f6:79:f7:cd:
c7:82:82:a7:2c:57:c8:40:c3:fb:71:a6:1c:57:ae:
83:02:97:b4:e4:b5:14:5b:c5:78:f2:03:20:c5:45:
5c:17:65:82:a5:78:44:fe:e7:ad:6f:57:9a:44:b8:
4c:b1:0d:f4:e2:10:44:19:8d:17:6b:3e:71:39:3e:
da:e9:5e:ad:b7:07:85:25:12:86:8e:9c:11:aa:64:
f7:e2:3d:24:c4:ef:1b:fd:64:10:c6:77:cd:f4:f8:
76:49:df:fa:be:25:b2:47:42:43:6a:55:b9:5c:ab:
2c:11:e1:9f:f5:6d:94:cf:8f:90:9b:f1:0f:98:a5:
e4:ac:48:3c:e0:d0:0f:73:d9:12:b9:ae:e5:22:56:
09:c0:8f:f1:3f:c7:c8:01:54:61:bc:d5:be:31:63:
5a:aa:69:7e:50:36:7c:8f:ab:58:74:41:f2:d1:23:
a8:a2:05:84:3e:bb:00:3d:fd:d3:fd:75:2a:03:4f:
a4:1e:7a:46:5a:50:7b:ee:64:53:16:b7:e2:c1:8d:
54:d4:0c:13:fd:96:6f:94:a5:19:46:94:14:3d:ea:
68:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3A:87:C4:DA:30:61:F5:EB:D5:B8:83:70:48:41:3D:9B:5E:6C:38
X509v3 Authority Key Identifier:
keyid:64:AF:15:41:9B:D5:FE:6C:8F:97:E2:24:A8:6A:49:17:A2:E6:FE:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc9aa95f-7b38-426a-9966-5441939fe031/0/64AF15419BD5FE6C8F97E224A86A4917A2E6FEFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZK8VQZvV_myPl-IkqGpJF6Lm_v4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc9aa95f-7b38-426a-9966-5441939fe031/0/34352e3135302e372e302f32342d3234203d3e20343030383636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:5f:2b:ef:4a:03:84:67:64:db:fb:7b:d3:ce:6d:23:42:6b:
b6:f9:54:45:70:ac:c4:84:b0:54:18:2b:3f:78:d8:e1:a8:54:
75:26:0e:8d:eb:90:2d:f4:d4:39:cc:6d:26:8e:5e:b8:93:83:
0e:22:b1:5c:56:dd:19:ac:95:b4:55:40:cf:52:5e:02:fc:b8:
4d:6b:24:5f:4f:0c:59:1b:69:e3:15:a1:a1:9b:84:20:cb:c5:
6e:4f:fe:f8:f2:7e:55:09:c9:cb:2e:e5:70:9d:e8:b5:36:65:
6a:24:ff:e7:a4:0d:27:61:82:df:55:f4:9e:d5:31:59:ad:9c:
3e:5c:6a:da:20:7c:06:14:71:e2:9e:4f:96:29:75:f8:c8:90:
a2:54:7d:48:ee:6d:d4:d0:bc:f4:7e:bb:82:07:0a:96:a3:24:
5a:52:df:a1:8c:85:d8:a3:39:71:b8:56:57:4d:11:90:6c:69:
33:3d:44:fc:c7:1c:ee:29:e7:ea:72:23:80:f8:3e:fa:1e:c7:
5b:0e:73:86:b9:a8:20:1a:67:4b:11:af:9c:03:d6:ee:07:65:
bc:57:00:36:3d:b9:b8:62:59:e0:58:04:1f:63:b3:c0:99:03:
8e:dc:51:e3:a9:6c:55:dd:e3:b9:d8:92:58:08:15:43:f0:21:
62:f8:c3:a8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMqahkPQrYACzXEDE7Het4N4eL/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjRhZjE1NDE5YmQ1ZmU2YzhmOTdlMjI0YTg2YTQ5MTdh
MmU2ZmVmZTAeFw0yNDA2MTEwOTQ5MzRaFw0yNTA2MTAwOTU0MzRaMDMxMTAvBgNV
BAMTKEJDM0E4N0M0REEzMDYxRjVFQkQ1Qjg4MzcwNDg0MTNEOUI1RTZDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvqpllIe0pAMfLuGA6bPX/KcvX
+rPBQZ+VP1b3ZuCXHvdzDLHk/N209nn3zceCgqcsV8hAw/txphxXroMCl7TktRRb
xXjyAyDFRVwXZYKleET+561vV5pEuEyxDfTiEEQZjRdrPnE5PtrpXq23B4UlEoaO
nBGqZPfiPSTE7xv9ZBDGd830+HZJ3/q+JbJHQkNqVblcqywR4Z/1bZTPj5Cb8Q+Y
peSsSDzg0A9z2RK5ruUiVgnAj/E/x8gBVGG81b4xY1qqaX5QNnyPq1h0QfLRI6ii
BYQ+uwA9/dP9dSoDT6QeekZaUHvuZFMWt+LBjVTUDBP9lm+UpRlGlBQ96mg9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUvDqHxNowYfXr1biDcEhBPZtebDgwHwYDVR0j
BBgwFoAUZK8VQZvV/myPl+IkqGpJF6Lm/v4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmM5YWE5NWYtN2IzOC00MjZhLTk5NjYtNTQ0MTkzOWZl
MDMxLzAvNjRBRjE1NDE5QkQ1RkU2QzhGOTdFMjI0QTg2QTQ5MTdBMkU2RkVGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1pLOFZRWnZWX215UGwtSWtxR3BKRjZM
bV92NC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmM5YWE5NWYt
N2IzOC00MjZhLTk5NjYtNTQ0MTkzOWZlMDMxLzAvMzQzNTJlMzEzNTMwMmUzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzAzMDM4MzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2W
BzANBgkqhkiG9w0BAQsFAAOCAQEAKl8r70oDhGdk2/t7085tI0JrtvlURXCsxISw
VBgrP3jY4ahUdSYOjeuQLfTUOcxtJo5euJODDiKxXFbdGayVtFVAz1JeAvy4TWsk
X08MWRtp4xWhoZuEIMvFbk/++PJ+VQnJyy7lcJ3otTZlaiT/56QNJ2GC31X0ntUx
Wa2cPlxq2iB8BhRx4p5Plil1+MiQolR9SO5t1NC89H67ggcKlqMkWlLfoYyF2KM5
cbhWV00RkGxpMz1E/Mcc7inn6nIjgPg++h7HWw5zhrmoIBpnSxGvnAPW7gdlvFcA
Nj25uGJZ4FgEH2OzwJkDjtxR46lsVd3judiSWAgVQ/AhYvjDqA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:25 2025 by rpki-client