Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393030333a3a2f34382d3438203d3e203437323732.roa
File: 326131313a323963303a393030333a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: ewz65x0eI0MghrvtTYvlYkIdJgNz+IeIv25zmCyrVc0=
Subject key identifier: 07:91:67:8D:01:9C:33:62:E7:2E:B7:3C:0D:F5:AE:63:D1:4E:E0:F2
Certificate issuer: /CN=CDC014669D381152AFB94B76936268BFF73E7D50
Certificate serial: 11EF35D1827E3118D8503E823992FBD41C48FA6C
Authority key identifier: CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393030333a3a2f34382d3438203d3e203437323732.roa
Signing time: Sun 26 Nov 2023 11:08:45 +0000
ROA not before: Sun 26 Nov 2023 11:03:45 +0000
ROA not after: Sun 24 Nov 2024 11:08:45 +0000
asID: 47272
IP address blocks: 2a11:29c0:9003::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 06:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ef:35:d1:82:7e:31:18:d8:50:3e:82:39:92:fb:d4:1c:48:fa:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDC014669D381152AFB94B76936268BFF73E7D50
Validity
Not Before: Nov 26 11:03:45 2023 GMT
Not After : Nov 24 11:08:45 2024 GMT
Subject: CN=0791678D019C3362E72EB73C0DF5AE63D14EE0F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:a5:5f:cc:f8:5b:bd:28:3c:41:b2:8f:3c:
b3:35:c9:39:5c:34:a0:79:99:9a:13:61:0d:49:0f:
57:ab:81:6d:a3:17:70:29:a2:c2:92:de:6e:c3:e7:
0b:aa:3d:24:c9:ce:c0:49:6f:48:d1:af:5d:8c:63:
92:ee:02:d1:f4:98:a1:88:8a:31:b8:a0:a0:01:ef:
dc:b4:10:a8:3a:23:52:58:31:0e:93:3e:2c:1c:04:
0f:e5:64:31:ef:be:c1:09:79:ab:a9:af:b6:d5:4c:
8b:dd:50:1a:c4:c2:fa:cb:80:bd:46:35:0c:43:90:
e8:f3:ff:79:a9:56:02:c5:9f:a7:de:13:84:f2:be:
bd:37:de:5e:ab:91:8b:a5:bf:3e:90:8b:59:03:05:
a5:51:7b:16:03:50:95:de:7d:c2:b8:59:d4:35:11:
00:26:74:35:90:44:ac:e0:5e:a0:a0:d4:95:9e:28:
38:25:e9:b5:e5:23:3b:4e:85:06:0a:31:55:f1:93:
2f:c8:30:ce:0e:c2:48:d8:f1:0b:0f:2c:ea:f8:43:
82:e3:f9:2e:3e:7e:60:bb:e4:f9:05:bb:4e:e2:33:
6d:49:f3:dc:3f:7c:33:90:7f:94:45:d4:c9:fb:37:
83:78:34:5c:66:96:9a:bd:7a:b5:14:f6:ba:05:92:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:91:67:8D:01:9C:33:62:E7:2E:B7:3C:0D:F5:AE:63:D1:4E:E0:F2
X509v3 Authority Key Identifier:
keyid:CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393030333a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9003::/48
Signature Algorithm: sha256WithRSAEncryption
0c:81:1c:25:a5:c8:bd:41:6c:dd:54:79:ab:ee:f4:e5:1d:b0:
c9:d0:bb:0f:c3:51:b6:52:30:38:ee:a7:cf:37:a9:8c:3e:b6:
53:a8:b2:15:a5:ac:6b:8e:82:6a:d1:cc:fb:ac:f9:43:2d:92:
27:26:56:37:4d:23:c6:db:3a:0d:46:f5:ba:68:0b:ff:fb:80:
62:bb:e2:49:20:0a:15:40:c4:a6:99:62:4d:0b:77:99:99:af:
47:c4:24:a1:25:47:48:3b:62:db:db:58:ba:7e:39:22:6c:9e:
a0:ce:62:c6:0e:43:39:a3:5f:a5:7b:2b:86:a7:28:d2:2c:51:
23:39:80:02:4d:d4:18:3f:4f:b3:a0:16:d5:56:2f:bc:41:64:
16:21:4f:99:c9:fc:53:56:4f:d1:c3:36:69:e7:92:1f:16:0e:
33:9f:06:64:11:00:55:b4:80:cc:44:ed:10:13:92:45:26:89:
80:79:9c:b4:3d:79:dc:8d:e2:d2:49:e1:63:67:cc:af:72:fd:
9a:93:dd:bd:13:7a:a5:d1:8a:13:68:e6:bb:da:d5:49:9a:3d:
b6:d2:a8:a3:5b:71:32:b5:b1:f0:4d:12:92:1e:c7:9a:44:86:
24:64:0a:dd:27:05:a7:5d:12:cc:e0:ff:f4:d2:89:23:e3:7e:
08:87:b5:1a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUEe810YJ+MRjYUD6COZL71BxI+mwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZG
NzNFN0Q1MDAeFw0yMzExMjYxMTAzNDVaFw0yNDExMjQxMTA4NDVaMDMxMTAvBgNV
BAMTKDA3OTE2NzhEMDE5QzMzNjJFNzJFQjczQzBERjVBRTYzRDE0RUUwRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCckqVfzPhbvSg8QbKPPLM1yTlc
NKB5mZoTYQ1JD1ergW2jF3AposKS3m7D5wuqPSTJzsBJb0jRr12MY5LuAtH0mKGI
ijG4oKAB79y0EKg6I1JYMQ6TPiwcBA/lZDHvvsEJeaupr7bVTIvdUBrEwvrLgL1G
NQxDkOjz/3mpVgLFn6feE4Tyvr033l6rkYulvz6Qi1kDBaVRexYDUJXefcK4WdQ1
EQAmdDWQRKzgXqCg1JWeKDgl6bXlIztOhQYKMVXxky/IMM4OwkjY8QsPLOr4Q4Lj
+S4+fmC75PkFu07iM21J89w/fDOQf5RF1Mn7N4N4NFxmlpq9erUU9roFksTLAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUB5FnjQGcM2LnLrc8DfWuY9FO4PIwHwYDVR0j
BBgwFoAUzcAUZp04EVKvuUt2k2Jov/c+fVAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzIvQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZGNzNFN0Q1MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9DREMwMTQ2NjlEMzgxMTUyQUZCOTRCNzY5
MzYyNjhCRkY3M0U3RDUwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMjUzZDk3My1kNWJmLTQ1NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzAzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoRKcCQAzANBgkqhkiG9w0BAQsFAAOCAQEADIEc
JaXIvUFs3VR5q+705R2wydC7D8NRtlIwOO6nzzepjD62U6iyFaWsa46CatHM+6z5
Qy2SJyZWN00jxts6DUb1umgL//uAYrviSSAKFUDEppliTQt3mZmvR8QkoSVHSDti
29tYun45ImyeoM5ixg5DOaNfpXsrhqco0ixRIzmAAk3UGD9Ps6AW1VYvvEFkFiFP
mcn8U1ZP0cM2aeeSHxYOM58GZBEAVbSAzETtEBOSRSaJgHmctD153I3i0knhY2fM
r3L9mpPdvRN6pdGKE2jmu9rVSZo9ttKoo1txMrWx8E0Skh7HmkSGJGQK3ScFp10S
zOD/9NKJI+N+CIe1Gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:59 2024 by rpki-client on console-ams.rpki-client.org