Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32322d3234203d3e20383334.roa
File: 3132382e36352e3136382e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: lmTkIXCjn7nMMEAxFOAz0bd8mqGjvtGS7axLfEEp0Vc=
Subject key identifier: 7D:C6:00:88:B1:49:14:66:8B:67:7F:BA:1A:CC:9A:8D:0B:F8:34:6B
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 0C3ECBFF5D8E83A02E0803A0AE18CB7F208EB1E1
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32322d3234203d3e20383334.roa
Signing time: Mon 28 Apr 2025 19:51:22 +0000
ROA not before: Mon 28 Apr 2025 19:46:22 +0000
ROA not after: Mon 27 Apr 2026 19:51:22 +0000
asID: 834
IP address blocks: 128.65.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 08:15:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:3e:cb:ff:5d:8e:83:a0:2e:08:03:a0:ae:18:cb:7f:20:8e:b1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Apr 28 19:46:22 2025 GMT
Not After : Apr 27 19:51:22 2026 GMT
Subject: CN=7DC60088B14914668B677FBA1ACC9A8D0BF8346B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a6:03:af:3d:3a:17:78:28:68:9c:d1:9c:72:
bd:b8:5a:96:ae:b5:79:c1:ca:a8:53:25:0f:04:62:
cb:7c:67:0c:b6:dd:98:f3:72:1c:c9:9f:59:dd:51:
7e:27:0d:ef:92:57:22:5e:1d:05:6c:a9:7e:70:58:
41:94:8f:02:c1:4c:e0:94:dd:d8:5a:f6:17:0e:a3:
63:71:f1:12:24:85:2f:3d:89:63:dc:af:bc:c9:ca:
54:51:95:a6:97:44:75:e8:3d:4b:41:e2:98:81:b7:
31:d3:3c:f5:15:9c:29:4e:6a:e4:f0:f1:17:5c:5d:
1b:9a:81:1a:5d:20:e9:92:5d:3a:ed:d4:b3:3b:2e:
35:b4:b2:ee:1e:ae:1f:34:01:f1:b0:77:82:8c:87:
b3:d4:36:be:6b:93:4d:33:ed:c1:c2:52:c3:5d:fb:
37:2c:83:2e:52:c1:5a:3c:41:7f:56:d3:97:e3:1f:
e6:91:23:01:7b:7d:d7:f6:18:84:c9:3f:99:e3:c5:
04:f0:ac:a7:e1:c4:53:2b:d4:4d:c6:4f:8e:e7:1a:
77:eb:5f:c3:b1:2d:ee:7d:38:19:69:a3:f8:b6:7a:
81:6f:3c:62:35:72:11:be:56:1a:d0:43:4d:d3:a9:
2d:2f:82:3e:6c:ff:b4:0a:6a:56:dc:12:12:29:fc:
45:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C6:00:88:B1:49:14:66:8B:67:7F:BA:1A:CC:9A:8D:0B:F8:34:6B
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3132382e36352e3136382e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.65.168.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:9a:6b:92:91:43:b7:d6:f2:65:84:c4:44:48:e5:bf:0a:5d:
e1:b5:03:6d:31:b2:89:e4:71:af:d1:0c:7a:54:a6:81:73:c3:
98:3f:e4:79:29:b6:ee:17:71:d4:b9:3c:2c:6d:72:53:79:55:
53:16:dc:34:52:be:f4:25:08:78:d0:3b:0c:aa:38:72:23:35:
66:b5:6d:07:15:eb:18:7f:ab:5e:ba:09:a7:72:62:f3:ea:29:
7f:58:fd:9f:3b:74:f3:14:49:97:a3:ad:00:aa:f3:3d:79:e9:
94:43:fd:0d:67:57:8c:c4:31:f3:26:de:07:a0:70:08:d6:ac:
26:c9:aa:41:cd:a2:aa:1e:67:0a:d2:ed:ef:59:19:ac:e8:21:
a9:e1:9b:76:08:10:47:88:dd:5c:be:ca:5b:d6:cc:d6:18:09:
02:7f:ed:9f:76:a2:0e:47:93:fa:bf:81:0f:c0:c7:d9:25:c8:
0d:14:bf:d5:ea:b6:31:aa:01:f9:0d:38:b0:0c:22:99:3b:ca:
74:09:e4:dd:26:0e:70:f6:a2:c5:32:9c:af:5b:77:cb:f0:20:
99:55:56:3d:52:4f:2a:03:d7:2b:9a:69:db:5e:55:b7:eb:93:
d6:82:37:4b:97:7c:38:52:99:86:ac:a6:e7:b0:06:98:c7:d0:
31:13:e7:a3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDD7L/12Og6AuCAOgrhjLfyCOseEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTA0MjgxOTQ2MjJaFw0yNjA0MjcxOTUxMjJaMDMxMTAvBgNV
BAMTKDdEQzYwMDg4QjE0OTE0NjY4QjY3N0ZCQTFBQ0M5QThEMEJGODM0NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+pgOvPToXeChonNGccr24Wpau
tXnByqhTJQ8EYst8Zwy23ZjzchzJn1ndUX4nDe+SVyJeHQVsqX5wWEGUjwLBTOCU
3dha9hcOo2Nx8RIkhS89iWPcr7zJylRRlaaXRHXoPUtB4piBtzHTPPUVnClOauTw
8RdcXRuagRpdIOmSXTrt1LM7LjW0su4erh80AfGwd4KMh7PUNr5rk00z7cHCUsNd
+zcsgy5SwVo8QX9W05fjH+aRIwF7fdf2GITJP5njxQTwrKfhxFMr1E3GT47nGnfr
X8OxLe59OBlpo/i2eoFvPGI1chG+VhrQQ03TqS0vgj5s/7QKalbcEhIp/EW/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUfcYAiLFJFGaLZ3+6GsyajQv4NGswHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzMjM4MmUzNjM1MmUzMTM2
MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKAQagw
DQYJKoZIhvcNAQELBQADggEBAG+aa5KRQ7fW8mWExERI5b8KXeG1A20xsonkca/R
DHpUpoFzw5g/5Hkptu4XcdS5PCxtclN5VVMW3DRSvvQlCHjQOwyqOHIjNWa1bQcV
6xh/q166CadyYvPqKX9Y/Z87dPMUSZejrQCq8z156ZRD/Q1nV4zEMfMm3gegcAjW
rCbJqkHNoqoeZwrS7e9ZGazoIanhm3YIEEeI3Vy+ylvWzNYYCQJ/7Z92og5Hk/q/
gQ/Ax9klyA0Uv9XqtjGqAfkNOLAMIpk7ynQJ5N0mDnD2osUynK9bd8vwIJlVVj1S
TyoD1yuaadteVbfrk9aCN0uXfDhSmYaspuewBpjH0DET56M=
-----END CERTIFICATE-----
Generated at Sun May 11 02:30:49 2025 by rpki-client