Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3366373a3a2f34382d3438203d3e20323134393039.roa
File: 326130663a383563313a3366373a3a2f34382d3438203d3e20323134393039.roa (raw, json)
Hash identifier: ORQ9+i3yQghWdP4K1zjmqZC/oTp2FTpgIctO5ycUoSk=
Subject key identifier: 37:30:9A:DA:EC:EE:A8:A1:F1:CD:A3:42:AD:3C:04:2C:FB:F6:4C:30
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 6835CD9D8814099F031D45D9A56EA194BBD8E18E
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3366373a3a2f34382d3438203d3e20323134393039.roa
Signing time: Tue 14 May 2024 17:13:21 +0000
ROA not before: Tue 14 May 2024 17:08:21 +0000
ROA not after: Tue 13 May 2025 17:13:21 +0000
asID: 214909
IP address blocks: 2a0f:85c1:3f7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 16:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:35:cd:9d:88:14:09:9f:03:1d:45:d9:a5:6e:a1:94:bb:d8:e1:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: May 14 17:08:21 2024 GMT
Not After : May 13 17:13:21 2025 GMT
Subject: CN=37309ADAECEEA8A1F1CDA342AD3C042CFBF64C30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:06:c1:98:24:e6:d8:94:b4:47:38:56:cf:b0:
d4:8a:fd:fe:d2:b7:74:58:cc:9f:1f:9d:90:b6:24:
f4:54:19:ca:f2:21:fc:05:5b:a0:17:f8:31:b3:90:
da:80:76:6f:03:18:16:22:c8:d2:60:35:fd:63:38:
bf:6d:09:9e:2c:7e:86:0f:f2:7e:30:a1:41:d1:eb:
a2:03:e1:ac:22:84:4b:02:d7:b5:08:1d:18:62:80:
b6:76:56:99:58:09:dd:d0:ec:13:1e:81:ad:42:45:
b0:11:78:6f:ef:36:93:ed:3a:04:f1:8a:09:25:59:
a2:a6:a4:78:80:c9:8a:95:9b:4a:39:22:7d:02:5f:
63:d8:28:de:28:c1:5d:d3:50:e7:51:91:9b:54:64:
a2:88:3f:f9:3d:a9:25:e8:63:ea:55:2b:b4:8a:cb:
f9:40:3c:58:71:77:96:02:2f:31:31:cc:c4:c4:65:
30:b6:c2:1f:7c:e2:4a:0f:f9:bb:d8:ec:f7:5b:43:
29:bf:0a:ee:6d:91:ff:0a:64:09:8d:f5:13:76:f2:
6c:3b:c6:cd:6c:41:d0:8c:2f:83:6a:56:4a:20:8f:
b4:30:3d:5c:21:71:01:ad:1b:60:fd:bd:10:68:2b:
17:3b:79:45:e7:a9:66:62:a1:8b:25:04:c1:71:1f:
db:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:30:9A:DA:EC:EE:A8:A1:F1:CD:A3:42:AD:3C:04:2C:FB:F6:4C:30
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/326130663a383563313a3366373a3a2f34382d3438203d3e20323134393039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f7::/48
Signature Algorithm: sha256WithRSAEncryption
5e:f2:2a:97:8a:d4:0c:fb:00:60:3d:0e:2d:d5:30:c6:50:dc:
a1:17:a8:f9:ab:8c:dd:04:dd:b5:36:d6:8c:68:d6:e3:c3:7d:
a3:d9:5b:6e:62:46:a6:94:f7:48:64:99:62:05:33:fa:06:91:
95:c0:20:69:75:02:55:32:b7:fc:31:8d:e7:7c:be:76:60:ef:
20:8a:f7:46:7f:1a:48:2c:ef:e0:8d:9e:5d:91:63:c0:1b:22:
b8:74:42:63:34:c7:65:1c:46:dd:dc:94:e3:c6:9e:23:d9:04:
68:d2:f1:ea:76:e0:30:6e:dc:98:da:fa:34:ce:6f:0c:10:1f:
13:c7:d4:a1:f1:79:fc:24:60:4a:4e:9c:9f:6f:0b:2f:0d:ec:
c7:95:30:71:ed:77:ee:b5:81:a6:f4:87:81:d1:51:51:bb:65:
1e:ad:51:a7:4e:3e:6a:44:34:65:b0:6a:03:b4:c8:c8:da:51:
7e:84:85:b3:da:49:48:73:4a:4f:96:ec:cf:b9:40:56:27:a3:
90:8d:ef:fd:58:19:2c:5b:4a:d0:9b:65:bc:f0:94:1a:f0:58:
be:d8:8e:0b:b9:a4:c4:18:84:71:c6:73:16:31:27:52:04:b8:
a8:ee:6f:fb:bf:e8:8e:f3:87:99:ff:96:e5:23:5e:73:8c:ea:
21:a6:2b:47
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUaDXNnYgUCZ8DHUXZpW6hlLvY4Y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MTQxNzA4MjFaFw0yNTA1MTMxNzEzMjFaMDMxMTAvBgNV
BAMTKDM3MzA5QURBRUNFRUE4QTFGMUNEQTM0MkFEM0MwNDJDRkJGNjRDMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHBsGYJObYlLRHOFbPsNSK/f7S
t3RYzJ8fnZC2JPRUGcryIfwFW6AX+DGzkNqAdm8DGBYiyNJgNf1jOL9tCZ4sfoYP
8n4woUHR66ID4awihEsC17UIHRhigLZ2VplYCd3Q7BMega1CRbAReG/vNpPtOgTx
igklWaKmpHiAyYqVm0o5In0CX2PYKN4owV3TUOdRkZtUZKKIP/k9qSXoY+pVK7SK
y/lAPFhxd5YCLzExzMTEZTC2wh984koP+bvY7PdbQym/Cu5tkf8KZAmN9RN28mw7
xs1sQdCML4NqVkogj7QwPVwhcQGtG2D9vRBoKxc7eUXnqWZioYslBMFxH9unAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUNzCa2uzuqKHxzaNCrTwELPv2TDAwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMt
YTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhmMTk2LzAvMzI2MTMwNjYzYTM4MzU2MzMx
M2EzMzY2MzczYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzQzOTMwMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqD4XBA/cwDQYJKoZIhvcNAQELBQADggEBAF7yKpeK1Az7AGA9Di3V
MMZQ3KEXqPmrjN0E3bU21oxo1uPDfaPZW25iRqaU90hkmWIFM/oGkZXAIGl1AlUy
t/wxjed8vnZg7yCK90Z/Gkgs7+CNnl2RY8AbIrh0QmM0x2UcRt3clOPGniPZBGjS
8ep24DBu3Jja+jTObwwQHxPH1KHxefwkYEpOnJ9vCy8N7MeVMHHtd+61gab0h4HR
UVG7ZR6tUadOPmpENGWwagO0yMjaUX6EhbPaSUhzSk+W7M+5QFYno5CN7/1YGSxb
StCbZbzwlBrwWL7Yjgu5pMQYhHHGcxYxJ1IEuKjub/u/6I7zh5n/luUjXnOM6iGm
K0c=
-----END CERTIFICATE-----
Generated at Thu May 23 21:03:48 2024 by rpki-client on console-ams.rpki-client.org