Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32312d3234203d3e20383334.roa
File: 3132382e36352e3136382e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier: W8k0AgNiQOaipURSC/vbGS+bQJgTtmQfa9zfHOhfhPc=
Subject key identifier: D4:76:96:73:A5:C6:DC:5E:C3:94:3C:09:6E:12:41:FA:A7:2D:78:25
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 7D395EDE0C1792CF1B6885D5DF82EFE1AD5DE4F3
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32312d3234203d3e20383334.roa
Signing time: Wed 30 Apr 2025 08:15:54 +0000
ROA not before: Wed 30 Apr 2025 08:10:54 +0000
ROA not after: Wed 29 Apr 2026 08:15:54 +0000
asID: 834
IP address blocks: 128.65.168.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 05:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:39:5e:de:0c:17:92:cf:1b:68:85:d5:df:82:ef:e1:ad:5d:e4:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Apr 30 08:10:54 2025 GMT
Not After : Apr 29 08:15:54 2026 GMT
Subject: CN=D4769673A5C6DC5EC3943C096E1241FAA72D7825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:00:8d:33:6e:d6:5f:13:2d:79:88:ae:a5:
c0:4a:9c:e1:27:41:3d:3d:d6:fd:b5:da:58:13:ea:
3f:27:33:d4:ac:29:3e:e1:d5:78:99:eb:ce:62:93:
78:60:d7:4b:89:22:72:3e:62:1e:64:99:a1:99:f8:
e9:88:1a:24:99:fa:54:ef:2b:ca:d1:95:07:45:9a:
22:75:fe:b0:5b:2a:1a:0e:7c:96:2d:89:52:ea:39:
b0:e8:c7:79:65:d6:fe:78:d5:82:e2:4c:fd:5b:d8:
fd:f5:03:7b:31:e8:e5:01:86:e5:07:54:70:b3:2c:
18:68:57:b6:2b:a6:3d:29:d7:ca:9a:a9:a8:3d:0f:
83:fe:b7:75:0c:86:8d:7f:22:7b:3e:28:aa:3a:8c:
f2:f4:89:11:e9:3c:62:f6:e0:8d:ac:99:b9:99:d6:
d3:d1:75:71:12:78:80:e6:bd:9c:3b:44:03:32:be:
f5:4f:88:f0:83:07:11:80:43:c0:b0:88:97:70:fc:
d5:18:49:3b:08:1c:b9:9b:60:e1:aa:c4:bd:92:72:
1a:7d:ee:14:8e:46:6a:10:e8:17:0e:87:eb:08:99:
6c:31:be:f0:32:b8:ed:7d:80:b8:0f:82:e5:5e:5c:
d4:5f:3b:88:4c:6a:74:5d:94:f9:96:75:d4:c6:e3:
27:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:76:96:73:A5:C6:DC:5E:C3:94:3C:09:6E:12:41:FA:A7:2D:78:25
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32312d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.168.0/21
Signature Algorithm: sha256WithRSAEncryption
66:9d:2e:ef:b9:6b:a2:1a:35:8c:5a:0e:fc:7c:84:06:29:3f:
53:e7:e8:ad:3d:06:14:19:cd:f3:33:75:4c:fc:02:d6:e7:fd:
19:35:58:53:aa:5a:8b:22:b2:0a:37:53:17:7c:fd:73:52:3f:
2e:40:c8:a4:bc:52:ad:22:a3:58:1f:1b:54:80:0f:5a:89:0b:
8e:9c:3c:a1:63:11:37:63:e9:a7:9f:df:99:c5:e9:6b:3d:81:
1b:47:fe:8d:2e:f4:20:87:68:4f:30:e8:bd:01:b0:70:5f:41:
41:f4:ad:94:48:d9:1b:e4:aa:6e:21:e7:8b:27:6a:c8:d0:bc:
4b:16:f9:86:28:18:35:e5:84:87:dd:58:30:bd:31:e8:81:2e:
60:a7:7f:5b:2a:87:6c:98:27:76:58:8a:06:4c:7a:3d:2e:0b:
eb:88:83:09:18:41:33:14:c4:aa:4a:9d:48:ae:c2:63:b4:fe:
e2:b8:22:f9:0d:40:3a:30:89:c3:0d:7b:08:16:f3:fd:c8:3d:
b4:27:1a:ee:fc:42:7f:a4:83:55:72:19:b2:1c:71:e9:fb:c2:
7c:b1:c0:8a:a7:3c:da:bb:a1:ee:c5:06:2f:97:95:56:64:b1:
30:53:54:e9:38:9e:40:4a:19:17:0c:9f:6b:95:5b:2a:a5:94:
70:bc:66:2b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUfTle3gwXks8baIXV34Lv4a1d5PMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTA0MzAwODEwNTRaFw0yNjA0MjkwODE1NTRaMDMxMTAvBgNV
BAMTKEQ0NzY5NjczQTVDNkRDNUVDMzk0M0MwOTZFMTI0MUZBQTcyRDc4MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/HQCNM27WXxMteYiupcBKnOEn
QT091v212lgT6j8nM9SsKT7h1XiZ685ik3hg10uJInI+Yh5kmaGZ+OmIGiSZ+lTv
K8rRlQdFmiJ1/rBbKhoOfJYtiVLqObDox3ll1v541YLiTP1b2P31A3sx6OUBhuUH
VHCzLBhoV7Yrpj0p18qaqag9D4P+t3UMho1/Ins+KKo6jPL0iRHpPGL24I2smbmZ
1tPRdXESeIDmvZw7RAMyvvVPiPCDBxGAQ8CwiJdw/NUYSTsIHLmbYOGqxL2Schp9
7hSORmoQ6BcOh+sImWwxvvAyuO19gLgPguVeXNRfO4hManRdlPmWddTG4yfRAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU1HaWc6XG3F7DlDwJbhJB+qcteCUwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzMjM4MmUzNjM1MmUzMTM2
MzgyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOAQagw
DQYJKoZIhvcNAQELBQADggEBAGadLu+5a6IaNYxaDvx8hAYpP1Pn6K09BhQZzfMz
dUz8Atbn/Rk1WFOqWosisgo3Uxd8/XNSPy5AyKS8Uq0io1gfG1SAD1qJC46cPKFj
ETdj6aef35nF6Ws9gRtH/o0u9CCHaE8w6L0BsHBfQUH0rZRI2Rvkqm4h54snasjQ
vEsW+YYoGDXlhIfdWDC9MeiBLmCnf1sqh2yYJ3ZYigZMej0uC+uIgwkYQTMUxKpK
nUiuwmO0/uK4IvkNQDowicMNewgW8/3IPbQnGu78Qn+kg1VyGbIccen7wnyxwIqn
PNq7oe7FBi+XlVZksTBTVOk4nkBKGRcMn2uVWyqllHC8Zis=
-----END CERTIFICATE-----
Generated at Sun May 11 02:28:43 2025 by rpki-client