Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3134312e32302e302f32342d3234203d3e203631333137.roa
File: 34352e3134312e32302e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: i/lKF6Lfpc4Vkmxw1eZjJumFNVW26cQD53dcM5KEiiw=
Subject key identifier: 23:5F:3C:91:AE:BA:A3:44:DC:47:32:47:84:F5:75:5D:7C:B5:FF:02
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 58A1D07D95C1F9506B8A9E5773ACBFFF68846C00
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3134312e32302e302f32342d3234203d3e203631333137.roa
Signing time: Sat 29 Apr 2023 09:04:58 +0000
ROA not before: Sat 29 Apr 2023 08:59:58 +0000
ROA not after: Sat 27 Apr 2024 09:04:58 +0000
asID: 61317
IP address blocks: 45.141.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a1:d0:7d:95:c1:f9:50:6b:8a:9e:57:73:ac:bf:ff:68:84:6c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 29 08:59:58 2023 GMT
Not After : Apr 27 09:04:58 2024 GMT
Subject: CN=235F3C91AEBAA344DC47324784F5755D7CB5FF02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8c:47:92:3a:f6:a5:a5:5e:df:19:50:e4:b4:
d1:0b:fd:2e:1d:e7:09:f8:90:89:ea:15:86:44:27:
e4:8a:01:8e:9a:6f:6e:b5:9a:a3:b5:53:e4:f9:5a:
1e:ef:aa:f8:59:6d:7e:60:c4:ad:74:fd:e3:ed:7e:
0e:49:2f:0f:34:36:6a:9c:d6:65:79:4f:28:f7:fc:
f5:ae:ab:6f:cc:94:a5:37:62:5a:89:a2:56:eb:5f:
54:32:4e:6c:0b:ac:18:98:35:7c:0e:ac:c8:1c:0a:
52:a1:44:5c:67:32:f9:be:6e:88:4e:41:eb:7b:0e:
5b:c2:df:1a:a0:91:03:ef:bb:58:2b:f6:7c:40:33:
86:3d:5f:93:ca:4c:79:cc:80:ac:82:17:0a:a3:cc:
b9:f6:6d:0c:76:1a:84:fe:72:c6:fd:30:85:44:5d:
37:20:b6:49:c4:45:bf:80:dd:17:84:30:32:70:35:
b4:4a:f0:99:8f:bc:70:91:1f:91:bb:95:b4:0a:b4:
d9:88:81:6a:a9:77:81:15:2a:5e:f0:20:58:d2:1b:
59:48:f6:3b:cf:03:2b:3f:60:fd:d5:29:4b:19:07:
38:24:b0:c7:7c:b9:fc:aa:83:56:21:07:ad:8a:08:
42:d9:56:8c:07:e4:c2:57:c4:b2:fc:fa:82:f9:ca:
35:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5F:3C:91:AE:BA:A3:44:DC:47:32:47:84:F5:75:5D:7C:B5:FF:02
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3134312e32302e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.20.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3f:cb:b9:5a:82:a5:95:d8:a1:fa:ba:94:7c:88:24:85:b2:
36:cb:a1:18:d4:10:70:82:78:d7:02:42:6d:3f:0f:d5:22:55:
49:9a:1a:34:2d:71:a5:fa:34:6c:5b:e9:f0:9c:f5:58:57:e2:
6a:ac:e1:30:f4:88:42:ac:6f:79:f3:2b:63:d3:69:93:43:4d:
7c:4c:59:2d:72:64:d1:b9:cf:a2:a0:b8:d1:d7:2b:2a:6d:77:
db:59:b8:28:b5:ac:a3:4b:dc:0c:93:97:8c:fe:5f:4d:66:ef:
2c:d7:87:00:16:6d:3a:7b:5d:3d:85:f5:5b:ca:9f:f9:1b:58:
73:ed:c5:90:af:e9:23:88:6c:e2:79:98:6d:33:a1:f1:64:9c:
c7:23:f3:a4:95:a3:75:27:19:af:04:62:f8:c7:97:98:53:bb:
75:11:7f:62:50:ee:9b:21:21:b9:f3:68:a9:0c:9d:1e:57:95:
3c:cd:af:f4:b0:db:93:e9:7a:7f:bb:80:4c:5b:4e:c4:10:2b:
d4:42:b1:02:05:9b:42:08:ad:48:4e:b5:53:3d:b7:b4:92:6e:
24:52:6f:24:49:c7:e8:31:60:e8:e6:0f:73:93:ea:35:9f:71:
59:37:91:8c:0c:e8:22:32:12:4f:6d:7c:03:68:ff:2d:79:99:
30:d8:af:f9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWKHQfZXB+VBrip5Xc6y//2iEbAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MjkwODU5NThaFw0yNDA0MjcwOTA0NThaMDMxMTAvBgNV
BAMTKDIzNUYzQzkxQUVCQUEzNDREQzQ3MzI0Nzg0RjU3NTVEN0NCNUZGMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/jEeSOvalpV7fGVDktNEL/S4d
5wn4kInqFYZEJ+SKAY6ab261mqO1U+T5Wh7vqvhZbX5gxK10/ePtfg5JLw80Nmqc
1mV5Tyj3/PWuq2/MlKU3YlqJolbrX1QyTmwLrBiYNXwOrMgcClKhRFxnMvm+bohO
Qet7DlvC3xqgkQPvu1gr9nxAM4Y9X5PKTHnMgKyCFwqjzLn2bQx2GoT+csb9MIVE
XTcgtknERb+A3ReEMDJwNbRK8JmPvHCRH5G7lbQKtNmIgWqpd4EVKl7wIFjSG1lI
9jvPAys/YP3VKUsZBzgksMd8ufyqg1YhB62KCELZVowH5MJXxLL8+oL5yjXdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUI188ka66o0TcRzJHhPV1XXy1/wIwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzNDMxMmUzMjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2N
FDANBgkqhkiG9w0BAQsFAAOCAQEAdz/LuVqCpZXYofq6lHyIJIWyNsuhGNQQcIJ4
1wJCbT8P1SJVSZoaNC1xpfo0bFvp8Jz1WFfiaqzhMPSIQqxvefMrY9Npk0NNfExZ
LXJk0bnPoqC40dcrKm1321m4KLWso0vcDJOXjP5fTWbvLNeHABZtOntdPYX1W8qf
+RtYc+3FkK/pI4hs4nmYbTOh8WScxyPzpJWjdScZrwRi+MeXmFO7dRF/YlDumyEh
ufNoqQydHleVPM2v9LDbk+l6f7uATFtOxBAr1EKxAgWbQgitSE61Uz23tJJuJFJv
JEnH6DFg6OYPc5PqNZ9xWTeRjAzoIjIST218A2j/LXmZMNiv+Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:52 2023 by rpki-client on console-ams.rpki-client.org