Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
File: 34352e3133322e39392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: hsye45IFMmxW4ZBl45i4QN871CET7oDAdQTAyIUpWK4=
Subject key identifier: C3:61:29:3A:E5:FE:95:B0:3C:C6:89:6D:99:0B:C8:FA:30:76:05:1A
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 033BC9BEF37C752A473731192FF518C37A60D77C
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
Signing time: Thu 12 Jun 2025 08:41:44 +0000
ROA not before: Thu 12 Jun 2025 08:36:44 +0000
ROA not after: Thu 11 Jun 2026 08:41:44 +0000
asID: 834
IP address blocks: 45.132.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 13:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:3b:c9:be:f3:7c:75:2a:47:37:31:19:2f:f5:18:c3:7a:60:d7:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Jun 12 08:36:44 2025 GMT
Not After : Jun 11 08:41:44 2026 GMT
Subject: CN=C361293AE5FE95B03CC6896D990BC8FA3076051A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0a:a3:ca:30:e5:8e:a5:fe:cb:85:11:85:b8:
dc:54:63:f9:3f:a6:b8:c8:ca:7b:91:1d:f8:f3:52:
dd:18:13:10:96:1c:5d:84:a5:d0:65:37:ad:01:9f:
7b:05:29:fc:af:b0:6f:75:b8:f3:1b:3b:ef:99:df:
d0:43:ea:64:e3:5f:e3:ea:93:20:6d:b8:31:d7:ed:
37:7e:59:7c:ec:fb:8a:e1:fc:57:56:ee:7f:9a:09:
2e:0a:bd:3e:49:2d:16:50:78:a8:91:f5:25:11:da:
82:1b:91:bc:10:e8:ea:68:4f:04:ad:85:e4:66:43:
0c:dd:10:53:84:5f:50:4e:27:b3:94:8b:05:de:b1:
2a:dd:84:c7:d3:f5:aa:1c:27:f3:fa:06:49:5a:51:
cf:20:8e:83:09:90:6f:80:6c:82:07:49:15:b3:51:
26:2a:64:26:ed:c3:64:f5:41:19:a8:c3:04:01:44:
8c:7e:31:fd:9f:86:49:21:fd:17:11:9b:84:b7:98:
77:b7:23:fb:c1:3d:dc:bc:4c:5c:f3:c5:10:db:77:
b3:fb:6e:a8:c8:84:c1:e4:0e:e5:d6:03:eb:e0:ef:
96:3c:f3:da:d6:d3:d3:d0:28:5c:e2:b1:af:61:a6:
62:06:c5:9e:db:73:22:ee:e2:83:53:04:ad:f0:ec:
4f:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:61:29:3A:E5:FE:95:B0:3C:C6:89:6D:99:0B:C8:FA:30:76:05:1A
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:54:8f:50:2a:dd:76:78:6e:ba:e9:fd:17:a7:7e:1d:a8:4a:
94:db:ff:53:58:32:ce:aa:a3:bb:4b:84:70:46:1a:ce:33:51:
06:d2:24:ff:d0:2c:42:4d:e4:4a:f6:70:3e:a6:11:0c:8b:24:
da:10:b4:97:6f:e9:04:86:48:61:fa:28:19:57:26:fd:bc:0b:
a7:73:1f:1e:ec:13:25:23:f4:d4:e0:ff:c4:52:33:ba:78:df:
7b:d8:43:03:e7:2f:6c:af:84:4d:19:62:82:ac:d4:16:b7:61:
ef:6d:f3:19:fb:1d:69:3c:7b:04:de:2e:76:62:df:f2:ca:2f:
51:30:88:e6:aa:8e:22:e2:71:24:07:15:66:51:a8:eb:d6:2c:
bc:d1:92:4e:30:f4:81:fd:ec:f8:3b:e9:59:49:7c:dc:e0:f8:
20:fe:04:d2:a8:8a:10:8a:bf:06:1b:06:fb:b8:be:cd:64:b5:
e1:11:dc:6a:79:f1:8d:21:4d:7a:87:2d:0e:17:eb:b6:d4:fa:
a6:d9:1b:98:12:57:d6:24:40:4d:94:77:96:ad:14:bc:50:78:
38:74:02:24:a0:0c:85:ec:17:ec:a4:c8:0a:af:cc:57:88:8a:
a0:b7:ad:c6:6b:37:3e:e9:1e:94:53:53:58:e2:7d:92:75:56:
c7:5e:ad:cd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUAzvJvvN8dSpHNzEZL/UYw3pg13wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTA2MTIwODM2NDRaFw0yNjA2MTEwODQxNDRaMDMxMTAvBgNV
BAMTKEMzNjEyOTNBRTVGRTk1QjAzQ0M2ODk2RDk5MEJDOEZBMzA3NjA1MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXCqPKMOWOpf7LhRGFuNxUY/k/
prjIynuRHfjzUt0YExCWHF2EpdBlN60Bn3sFKfyvsG91uPMbO++Z39BD6mTjX+Pq
kyBtuDHX7Td+WXzs+4rh/FdW7n+aCS4KvT5JLRZQeKiR9SUR2oIbkbwQ6OpoTwSt
heRmQwzdEFOEX1BOJ7OUiwXesSrdhMfT9aocJ/P6BklaUc8gjoMJkG+AbIIHSRWz
USYqZCbtw2T1QRmowwQBRIx+Mf2fhkkh/RcRm4S3mHe3I/vBPdy8TFzzxRDbd7P7
bqjIhMHkDuXWA+vg75Y889rW09PQKFzisa9hpmIGxZ7bcyLu4oNTBK3w7E+jAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUw2EpOuX+lbA8xoltmQvI+jB2BRowHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRjMA0G
CSqGSIb3DQEBCwUAA4IBAQCxVI9QKt12eG666f0Xp34dqEqU2/9TWDLOqqO7S4Rw
RhrOM1EG0iT/0CxCTeRK9nA+phEMiyTaELSXb+kEhkhh+igZVyb9vAuncx8e7BMl
I/TU4P/EUjO6eN972EMD5y9sr4RNGWKCrNQWt2HvbfMZ+x1pPHsE3i52Yt/yyi9R
MIjmqo4i4nEkBxVmUajr1iy80ZJOMPSB/ez4O+lZSXzc4Pgg/gTSqIoQir8GGwb7
uL7NZLXhEdxqefGNIU16hy0OF+u21Pqm2RuYElfWJEBNlHeWrRS8UHg4dAIkoAyF
7BfspMgKr8xXiIqgt63Gazc+6R6UU1NY4n2SdVbHXq3N
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:15:57 2025 by rpki-client