Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20383334.roa
File: 34352e3135382e35392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: xua2dvD5/m03h7WDYECJT7iIp3M8ldWFc1Nkt1akK4s=
Subject key identifier: 9A:EB:D5:7C:49:25:A5:90:22:6F:5C:60:2C:49:E7:2E:02:1B:99:01
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 35C099E631C94D613AA217B242927AB20EC20A36
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20383334.roa
Signing time: Sat 19 Apr 2025 11:23:56 +0000
ROA not before: Sat 19 Apr 2025 11:18:56 +0000
ROA not after: Sat 18 Apr 2026 11:23:56 +0000
asID: 834
IP address blocks: 45.158.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 00:33:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:c0:99:e6:31:c9:4d:61:3a:a2:17:b2:42:92:7a:b2:0e:c2:0a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 19 11:18:56 2025 GMT
Not After : Apr 18 11:23:56 2026 GMT
Subject: CN=9AEBD57C4925A590226F5C602C49E72E021B9901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:71:48:01:15:8c:2e:6b:96:88:d6:8a:b1:69:
5c:0b:7b:3a:0a:6d:9f:f3:ac:4d:1f:31:13:3e:5c:
34:c2:66:5c:6b:15:a8:82:8e:4e:db:ef:90:86:32:
ea:01:2a:ad:ec:92:ce:96:19:47:53:b9:6d:4c:23:
2c:d6:61:3e:8e:65:32:e6:66:1b:6d:fc:f1:22:7f:
16:ff:d1:f8:d4:97:f1:b4:3e:ff:7f:27:f6:ca:b4:
28:c5:a8:2f:d0:a7:b3:63:01:3b:1a:24:7d:0c:53:
18:d6:38:81:96:96:fb:5c:af:e8:43:bf:89:a3:68:
22:68:e4:f5:7f:30:68:f3:a8:5e:5d:2b:a8:eb:e0:
f3:06:43:8e:b2:49:98:74:f3:7b:32:81:7c:85:98:
af:4c:03:b2:11:4c:7c:ba:c8:7b:7c:fe:91:1b:15:
02:43:53:55:24:3b:25:de:33:ef:db:a1:6d:18:cd:
c1:b4:bd:b4:3b:31:5f:ec:cd:d5:80:a6:3f:34:1c:
c1:ec:06:e7:23:ef:3b:e0:e3:81:1a:56:0d:f6:2e:
f2:f6:56:79:6e:ab:28:ac:32:63:87:1e:67:6c:3f:
f6:45:8d:61:02:72:7c:35:b5:bc:ee:50:62:60:8d:
9b:02:e6:ff:24:ad:67:db:3a:16:e1:f3:0f:b0:ea:
24:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EB:D5:7C:49:25:A5:90:22:6F:5C:60:2C:49:E7:2E:02:1B:99:01
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
95:f2:f8:35:bd:c3:b5:82:77:99:20:a4:b4:c1:3a:0d:6f:87:
aa:ba:63:95:ca:ce:93:0c:21:12:47:d8:12:04:4e:7a:72:6d:
1e:3b:d9:41:e6:b1:fb:eb:2c:c7:15:6f:e9:a0:49:17:c0:d6:
e5:ca:65:61:2d:08:39:96:85:ca:bc:44:35:43:1c:dc:c1:c4:
0a:15:5d:90:7b:ec:75:7d:db:8f:64:69:f9:2e:c3:aa:d9:92:
10:0a:c8:00:0d:d3:ac:25:4a:c6:15:e7:c4:e3:1e:24:3b:93:
89:f8:cd:4e:ed:40:83:9b:45:ff:59:0b:5c:be:99:e2:c9:d1:
e3:a4:1e:07:67:08:ab:62:a4:0d:b3:2b:90:5c:c1:ac:c8:0c:
3e:26:77:d9:96:59:5b:38:e6:de:79:3d:36:e5:c6:61:a2:7f:
ce:c9:75:bd:a6:e9:4c:0b:db:de:d2:61:b6:25:3a:3a:3a:c2:
4c:c7:64:57:10:f1:a3:9a:f6:3c:ce:cc:8f:20:7e:40:07:e4:
db:e1:83:11:5e:ff:28:ff:ef:e2:45:5d:11:74:77:58:7d:90:
75:24:14:46:4a:28:ea:a7:f2:6d:30:74:59:40:cd:1f:a4:4f:
ca:42:db:23:bc:bb:78:0b:4d:c9:07:9f:86:dc:f3:ff:45:2f:
22:72:67:1f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNcCZ5jHJTWE6oheyQpJ6sg7CCjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTA0MTkxMTE4NTZaFw0yNjA0MTgxMTIzNTZaMDMxMTAvBgNV
BAMTKDlBRUJENTdDNDkyNUE1OTAyMjZGNUM2MDJDNDlFNzJFMDIxQjk5MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTcUgBFYwua5aI1oqxaVwLezoK
bZ/zrE0fMRM+XDTCZlxrFaiCjk7b75CGMuoBKq3sks6WGUdTuW1MIyzWYT6OZTLm
Zhtt/PEifxb/0fjUl/G0Pv9/J/bKtCjFqC/Qp7NjATsaJH0MUxjWOIGWlvtcr+hD
v4mjaCJo5PV/MGjzqF5dK6jr4PMGQ46ySZh083sygXyFmK9MA7IRTHy6yHt8/pEb
FQJDU1UkOyXeM+/boW0YzcG0vbQ7MV/szdWApj80HMHsBucj7zvg44EaVg32LvL2
VnluqyisMmOHHmdsP/ZFjWECcnw1tbzuUGJgjZsC5v8krWfbOhbh8w+w6iR5AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUmuvVfEklpZAib1xgLEnnLgIbmQEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ47MA0G
CSqGSIb3DQEBCwUAA4IBAQCV8vg1vcO1gneZIKS0wToNb4equmOVys6TDCESR9gS
BE56cm0eO9lB5rH76yzHFW/poEkXwNblymVhLQg5loXKvEQ1QxzcwcQKFV2Qe+x1
fduPZGn5LsOq2ZIQCsgADdOsJUrGFefE4x4kO5OJ+M1O7UCDm0X/WQtcvpniydHj
pB4HZwirYqQNsyuQXMGsyAw+JnfZlllbOObeeT025cZhon/OyXW9pulMC9ve0mG2
JTo6OsJMx2RXEPGjmvY8zsyPIH5AB+Tb4YMRXv8o/+/iRV0RdHdYfZB1JBRGSijq
p/JtMHRZQM0fpE/KQtsjvLt4C03JB5+G3PP/RS8icmcf
-----END CERTIFICATE-----
Generated at Tue May 13 06:35:02 2025 by rpki-client