Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/34352e36362e36302e302f32342d3234203d3e20383334.roa
File: 34352e36362e36302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: BqcE/i12tf47AgDN3laH0eYnUXZZxaQlClT5yJ2whV8=
Subject key identifier: E7:A7:98:49:92:9A:24:96:9F:6D:CD:2D:82:81:DE:C7:DD:BF:5B:C2
Certificate issuer: /CN=2e2674263aecd572673f87614919ca492c79faea
Certificate serial: 43E288098ADC0264A1D70CF3067126075291F03C
Authority key identifier: 2E:26:74:26:3A:EC:D5:72:67:3F:87:61:49:19:CA:49:2C:79:FA:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiZ0Jjrs1XJnP4dhSRnKSSx5-uo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/34352e36362e36302e302f32342d3234203d3e20383334.roa
Signing time: Sun 20 Apr 2025 19:55:41 +0000
ROA not before: Sun 20 Apr 2025 19:50:41 +0000
ROA not after: Sun 19 Apr 2026 19:55:41 +0000
asID: 834
IP address blocks: 45.66.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 00:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:e2:88:09:8a:dc:02:64:a1:d7:0c:f3:06:71:26:07:52:91:f0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e2674263aecd572673f87614919ca492c79faea
Validity
Not Before: Apr 20 19:50:41 2025 GMT
Not After : Apr 19 19:55:41 2026 GMT
Subject: CN=E7A79849929A24969F6DCD2D8281DEC7DDBF5BC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a1:e8:39:6f:62:e1:20:03:2c:da:11:a0:2d:
35:f3:67:75:8d:49:2d:76:87:f3:7a:ac:89:de:06:
00:eb:85:0b:1b:dc:70:4e:52:2c:30:12:6c:18:dc:
8a:39:40:bd:bf:e7:53:5a:b2:8a:cf:9a:f2:73:5b:
0f:7d:45:e6:c9:c0:df:4f:64:d3:97:d0:00:e0:44:
3b:5a:b8:bd:51:f2:7a:6c:d5:6e:95:ec:51:69:5e:
5d:00:9b:3d:c7:17:3a:0b:90:6f:d5:a1:25:3b:97:
17:5a:69:d4:fc:d4:88:d1:ef:53:92:a1:31:1a:df:
05:96:4c:06:2e:01:87:fd:5b:db:52:1f:57:bd:e0:
75:e7:d5:04:8b:f1:3c:ad:91:65:ae:c3:4d:37:a9:
e4:4c:f2:5e:24:b9:3b:6a:b0:24:46:47:26:a4:02:
35:bb:1a:9d:2c:96:ab:6c:f4:ea:cc:20:ca:50:27:
fc:80:2e:63:05:35:a0:be:5b:1c:8a:a9:bc:a0:2f:
ed:38:83:58:e6:b3:68:b6:cb:d9:06:0c:c0:ee:eb:
1f:91:2b:58:e6:8f:9c:e7:d3:46:c2:1b:e5:11:e3:
0c:e4:88:59:e2:44:2e:12:3d:eb:e4:18:cf:31:fb:
b4:94:88:7d:02:ce:5d:96:db:2b:5d:49:c9:1f:23:
77:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A7:98:49:92:9A:24:96:9F:6D:CD:2D:82:81:DE:C7:DD:BF:5B:C2
X509v3 Authority Key Identifier:
keyid:2E:26:74:26:3A:EC:D5:72:67:3F:87:61:49:19:CA:49:2C:79:FA:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/2E2674263AECD572673F87614919CA492C79FAEA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiZ0Jjrs1XJnP4dhSRnKSSx5-uo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bd7c231e-a33c-4555-b42e-d02093849299/0/34352e36362e36302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.60.0/24
Signature Algorithm: sha256WithRSAEncryption
75:58:52:22:cd:27:9c:e6:f7:e1:d4:fd:1a:8c:64:61:76:06:
44:37:c7:6b:5d:a3:48:e3:a7:ea:1a:fc:a3:d1:e5:52:d5:68:
73:28:19:1d:d3:d7:34:9c:8a:e8:58:f9:74:d0:e1:93:5d:4e:
78:0c:3f:21:e4:de:44:2c:b6:6c:04:68:8f:3c:3f:b5:f0:64:
2b:9c:49:4f:eb:64:52:84:25:bc:3b:1c:fe:13:fb:5b:3f:6d:
9c:25:61:1c:aa:da:58:93:d4:c8:c5:8f:02:2e:a9:04:db:34:
b9:80:9e:6b:a6:7c:1a:d8:41:38:75:22:1b:5f:5a:23:fb:c0:
a5:57:47:bb:7c:28:73:33:e3:d3:60:22:75:b3:56:62:82:ed:
69:29:9b:6b:5a:7e:27:59:6a:77:4e:a7:bd:0b:76:64:1f:3d:
53:53:5a:32:b2:f5:c5:fa:49:a1:b8:b2:c7:a3:5f:a4:90:aa:
65:ab:0e:73:8e:ad:c1:45:5d:b3:30:55:a0:cd:d6:d3:2b:16:
2a:be:6f:59:0a:96:6c:31:7b:23:a3:96:cb:63:f4:61:e3:29:
8a:f6:bc:b4:d1:61:8d:b1:76:f7:27:4f:a5:ae:52:68:8c:9f:
c4:71:7d:63:cb:bd:a8:36:39:d6:18:3f:aa:f8:92:e3:79:1c:
52:91:3c:9d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUQ+KICYrcAmSh1wzzBnEmB1KR8DwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMmUyNjc0MjYzYWVjZDU3MjY3M2Y4NzYxNDkxOWNhNDky
Yzc5ZmFlYTAeFw0yNTA0MjAxOTUwNDFaFw0yNjA0MTkxOTU1NDFaMDMxMTAvBgNV
BAMTKEU3QTc5ODQ5OTI5QTI0OTY5RjZEQ0QyRDgyODFERUM3RERCRjVCQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1oeg5b2LhIAMs2hGgLTXzZ3WN
SS12h/N6rIneBgDrhQsb3HBOUiwwEmwY3Io5QL2/51NasorPmvJzWw99RebJwN9P
ZNOX0ADgRDtauL1R8nps1W6V7FFpXl0Amz3HFzoLkG/VoSU7lxdaadT81IjR71OS
oTEa3wWWTAYuAYf9W9tSH1e94HXn1QSL8TytkWWuw003qeRM8l4kuTtqsCRGRyak
AjW7Gp0slqts9OrMIMpQJ/yALmMFNaC+WxyKqbygL+04g1jms2i2y9kGDMDu6x+R
K1jmj5zn00bCG+UR4wzkiFniRC4SPevkGM8x+7SUiH0Czl2W2ytdSckfI3dNAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU56eYSZKaJJafbc0tgoHex92/W8IwHwYDVR0j
BBgwFoAULiZ0Jjrs1XJnP4dhSRnKSSx5+uowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmQ3YzIzMWUtYTMzYy00NTU1LWI0MmUtZDAyMDkzODQ5
Mjk5LzAvMkUyNjc0MjYzQUVDRDU3MjY3M0Y4NzYxNDkxOUNBNDkyQzc5RkFFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0xpWjBKanJzMVhKblA0ZGhTUm5LU1N4
NS11by5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmQ3YzIzMWUt
YTMzYy00NTU1LWI0MmUtZDAyMDkzODQ5Mjk5LzAvMzQzNTJlMzYzNjJlMzYzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1CPDANBgkq
hkiG9w0BAQsFAAOCAQEAdVhSIs0nnOb34dT9GoxkYXYGRDfHa12jSOOn6hr8o9Hl
UtVocygZHdPXNJyK6Fj5dNDhk11OeAw/IeTeRCy2bARojzw/tfBkK5xJT+tkUoQl
vDsc/hP7Wz9tnCVhHKraWJPUyMWPAi6pBNs0uYCea6Z8GthBOHUiG19aI/vApVdH
u3woczPj02AidbNWYoLtaSmba1p+J1lqd06nvQt2ZB89U1NaMrL1xfpJobiyx6Nf
pJCqZasOc46twUVdszBVoM3W0ysWKr5vWQqWbDF7I6OWy2P0YeMpiva8tNFhjbF2
9ydPpa5SaIyfxHF9Y8u9qDY51hg/qviS43kcUpE8nQ==
-----END CERTIFICATE-----
Generated at Tue May 6 17:18:49 2025 by rpki-client