Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32322d3234203d3e2030.roa
File: 34352e3134392e3230342e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: fqXn2m+4RgvlsKz8BinpTWLiNss9qLrX3W8zcAwYZPo=
Subject key identifier: 5B:49:F1:BE:A9:B8:63:DA:63:6E:02:D9:F6:63:32:C9:D8:7C:8C:DF
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4116284F00BE896B8E161CFCC70D9EC723E06944
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:02 +0000
ROA not before: Mon 27 Mar 2023 08:22:02 +0000
ROA not after: Mon 25 Mar 2024 08:27:02 +0000
asID: 0
IP address blocks: 45.149.204.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:16:28:4f:00:be:89:6b:8e:16:1c:fc:c7:0d:9e:c7:23:e0:69:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 27 08:22:02 2023 GMT
Not After : Mar 25 08:27:02 2024 GMT
Subject: CN=5B49F1BEA9B863DA636E02D9F66332C9D87C8CDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:31:0f:86:44:60:d5:7e:1b:7e:9d:44:48:a5:
cf:54:39:e8:f9:13:69:30:59:d8:aa:84:06:61:c2:
b7:4c:90:32:73:61:20:29:24:36:f5:0f:ab:a6:64:
21:43:f1:6c:84:77:19:68:bf:18:ce:44:57:2e:42:
40:9f:f2:3c:e7:d6:8a:0f:91:b0:25:67:44:76:6e:
3f:7e:a0:8e:fa:90:63:10:7d:1c:54:e3:06:66:5f:
bf:5e:96:b8:84:85:99:f9:8b:79:e4:db:81:94:97:
a7:61:2d:fa:a3:2b:14:8c:9c:da:6f:74:01:3e:43:
c1:a3:00:f1:66:ea:28:fa:a7:0f:5d:d8:f8:2f:2b:
0c:51:fe:fe:04:bf:eb:ab:0d:be:2b:41:0a:51:45:
d8:5e:29:40:26:64:91:ba:48:d9:ca:eb:22:a8:a2:
3b:d0:e2:67:70:12:6e:b5:f9:2d:0d:35:3b:0e:7b:
ee:d4:f3:be:26:d2:1c:4e:d1:ac:ae:61:b3:86:62:
c1:d2:d4:6c:47:b5:83:22:b4:9a:9d:1e:05:c8:41:
a9:82:0f:f3:ea:dd:d4:d0:f2:19:7b:56:2d:2e:a1:
45:3d:56:84:8c:b5:f7:ef:8f:53:e1:c9:89:31:25:
a3:96:2e:30:a5:6a:af:e8:08:3c:c6:47:ad:25:a6:
e8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:49:F1:BE:A9:B8:63:DA:63:6E:02:D9:F6:63:32:C9:D8:7C:8C:DF
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134392e3230342e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:ff:02:a7:4e:33:fb:75:45:51:02:7b:29:08:42:ff:b1:12:
4f:00:21:2b:3f:fa:b9:60:45:f3:e7:65:c1:b5:7e:ac:5d:70:
75:c0:b5:16:45:3e:e0:94:1d:89:25:6d:6c:72:c7:5f:df:cd:
84:ed:57:32:46:e1:cc:25:0b:22:b9:cd:97:35:78:f9:5f:43:
79:ea:ff:b7:40:b7:b0:8e:e3:32:a4:51:ed:f3:69:02:0d:99:
f6:c4:c0:5a:de:2f:c6:96:59:35:fd:ea:73:6e:83:f6:31:23:
c7:25:db:1f:fc:17:0a:04:b4:c7:ec:2e:41:e5:20:0d:9c:0d:
8d:d7:14:16:a0:b8:2e:fa:94:43:5c:59:b4:53:2c:9d:70:33:
65:47:09:c1:23:c4:ed:b3:2e:95:e4:c3:71:78:fb:17:5f:37:
d9:c4:23:9d:0b:46:94:f5:1d:15:6b:ab:f1:9c:a9:e9:ff:11:
d4:de:3f:a2:b8:b6:88:f0:9f:56:8a:52:8c:2d:20:55:be:07:
9e:8e:a4:fe:d9:64:90:96:73:db:f9:c4:5c:66:44:f8:39:9f:
48:4a:66:b0:38:db:15:6f:55:93:b7:7f:62:e9:a3:e7:1e:0a:
f3:3b:3b:bd:0f:6e:a6:ee:7d:04:6b:b3:d8:b4:06:79:35:35:
05:f5:d2:ee
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUQRYoTwC+iWuOFhz8xw2exyPgaUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzAzMjcwODIyMDJaFw0yNDAzMjUwODI3MDJaMDMxMTAvBgNV
BAMTKDVCNDlGMUJFQTlCODYzREE2MzZFMDJEOUY2NjMzMkM5RDg3QzhDREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/MQ+GRGDVfht+nURIpc9UOej5
E2kwWdiqhAZhwrdMkDJzYSApJDb1D6umZCFD8WyEdxlovxjORFcuQkCf8jzn1ooP
kbAlZ0R2bj9+oI76kGMQfRxU4wZmX79elriEhZn5i3nk24GUl6dhLfqjKxSMnNpv
dAE+Q8GjAPFm6ij6pw9d2PgvKwxR/v4Ev+urDb4rQQpRRdheKUAmZJG6SNnK6yKo
ojvQ4mdwEm61+S0NNTsOe+7U874m0hxO0ayuYbOGYsHS1GxHtYMitJqdHgXIQamC
D/Pq3dTQ8hl7Vi0uoUU9VoSMtffvj1PhyYkxJaOWLjClaq/oCDzGR60lpuilAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUW0nxvqm4Y9pjbgLZ9mMyydh8jN8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDM5MmUzMjMw
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2VzDANBgkq
hkiG9w0BAQsFAAOCAQEAbP8Cp04z+3VFUQJ7KQhC/7ESTwAhKz/6uWBF8+dlwbV+
rF1wdcC1FkU+4JQdiSVtbHLHX9/NhO1XMkbhzCULIrnNlzV4+V9Deer/t0C3sI7j
MqRR7fNpAg2Z9sTAWt4vxpZZNf3qc26D9jEjxyXbH/wXCgS0x+wuQeUgDZwNjdcU
FqC4LvqUQ1xZtFMsnXAzZUcJwSPE7bMuleTDcXj7F1832cQjnQtGlPUdFWur8Zyp
6f8R1N4/ori2iPCfVopSjC0gVb4Hno6k/tlkkJZz2/nEXGZE+DmfSEpmsDjbFW9V
k7d/Yumj5x4K8zs7vQ9upu59BGuz2LQGeTU1BfXS7g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:03 2023 by rpki-client on console-fra.rpki-client.org