Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3132382e302f32302d3234203d3e20383334.roa
File: 3134302e3135302e3132382e302f32302d3234203d3e20383334.roa (raw, json)
Hash identifier: NeR6ye9vmLdpupEia6OzqbgpItDajvVniFmcw0L3zY4=
Subject key identifier: A6:6B:9D:D5:B7:6A:90:C1:01:EB:3E:00:DB:10:3F:2E:BD:CB:78:4A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3ACDA93EF7918C7B7C3D230A9F8F7EDAF782C540
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3132382e302f32302d3234203d3e20383334.roa
Signing time: Thu 08 Feb 2024 00:01:49 +0000
ROA not before: Wed 07 Feb 2024 23:56:49 +0000
ROA not after: Thu 06 Feb 2025 00:01:49 +0000
asID: 834
IP address blocks: 140.150.128.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 17:13:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:cd:a9:3e:f7:91:8c:7b:7c:3d:23:0a:9f:8f:7e:da:f7:82:c5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 7 23:56:49 2024 GMT
Not After : Feb 6 00:01:49 2025 GMT
Subject: CN=A66B9DD5B76A90C101EB3E00DB103F2EBDCB784A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:00:fc:aa:a7:b3:3a:45:89:94:80:26:a2:9a:
26:31:2a:a0:18:3c:90:93:1d:80:cc:3d:65:44:e0:
c8:df:71:04:c7:9a:ac:02:21:e0:56:fe:66:c6:f3:
7e:5f:e6:04:9d:d2:ed:fc:8b:2a:30:6c:86:e9:e8:
22:2c:a8:85:ba:4a:7c:74:b8:7a:f3:a9:1c:de:82:
93:1c:85:bf:c3:65:73:f5:3b:2b:12:2f:63:ae:42:
1d:b6:c6:a4:d2:4b:12:0f:e9:3d:c1:63:09:6d:49:
04:70:61:87:a0:c3:d7:cd:51:50:2c:1b:f3:a6:b4:
47:8a:38:c2:43:12:5c:ed:45:eb:9d:71:35:a4:86:
6a:3a:23:3d:d6:36:ac:60:63:7e:13:6b:67:32:b3:
52:96:69:25:c5:4e:3c:b5:19:7c:11:0f:54:01:d5:
d4:cd:2c:d7:84:d2:08:49:77:03:59:16:0d:08:7f:
88:4b:52:90:48:1d:8b:03:96:b1:04:35:4d:55:53:
7b:a3:2e:ea:5e:b2:01:4d:2a:12:8a:96:0d:55:88:
aa:83:74:f1:c4:0a:2a:11:7a:13:20:39:c5:ca:98:
32:72:3f:26:3a:e0:84:83:f4:fd:64:74:c3:3a:94:
55:96:1c:af:4b:eb:db:a3:54:8c:3a:58:bd:e9:56:
86:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6B:9D:D5:B7:6A:90:C1:01:EB:3E:00:DB:10:3F:2E:BD:CB:78:4A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3132382e302f32302d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.128.0/20
Signature Algorithm: sha256WithRSAEncryption
b0:3c:62:23:4e:c2:60:45:04:1d:41:c0:4a:de:68:db:b0:2c:
f1:bf:0b:da:75:a8:54:5c:08:07:15:08:a7:0e:aa:03:52:96:
18:99:7a:60:cc:c7:c5:28:43:ce:22:99:ba:54:9e:69:3b:65:
a2:ee:cb:46:0e:ff:12:34:46:ed:44:61:2c:5b:0c:90:77:87:
e9:f2:0b:51:31:81:4c:e9:55:59:a6:43:5d:47:4e:12:29:87:
46:e4:92:f7:fe:b4:97:dd:29:9f:b2:73:2e:a4:24:31:f4:b0:
36:e0:88:c2:eb:0a:55:ad:05:5c:ba:15:3d:bd:f0:58:4e:3e:
75:2e:6d:cb:30:95:c1:53:80:dd:0e:87:a5:77:07:7c:09:e4:
62:8e:22:37:27:50:eb:2c:28:2b:97:0f:03:86:ce:8d:cc:43:
43:f3:60:83:78:7b:cb:08:5a:33:84:af:05:57:85:bb:bf:f3:
dc:21:81:af:43:f0:90:1d:b0:15:3f:bb:72:8b:7c:6c:da:b1:
e8:e1:06:dc:f1:06:b3:94:d1:16:3e:c8:9d:6b:44:4e:c7:62:
ba:dd:7c:35:ef:a4:95:9b:0b:89:f2:5b:ec:ea:88:8b:fb:d9:
f8:d6:ab:e5:c9:34:3e:fa:23:b0:2e:ab:c7:41:2d:8d:01:31:
a1:08:cb:32
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOs2pPveRjHt8PSMKn49+2veCxUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMDcyMzU2NDlaFw0yNTAyMDYwMDAxNDlaMDMxMTAvBgNV
BAMTKEE2NkI5REQ1Qjc2QTkwQzEwMUVCM0UwMERCMTAzRjJFQkRDQjc4NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYAPyqp7M6RYmUgCaimiYxKqAY
PJCTHYDMPWVE4MjfcQTHmqwCIeBW/mbG835f5gSd0u38iyowbIbp6CIsqIW6Snx0
uHrzqRzegpMchb/DZXP1OysSL2OuQh22xqTSSxIP6T3BYwltSQRwYYegw9fNUVAs
G/OmtEeKOMJDElztReudcTWkhmo6Iz3WNqxgY34Ta2cys1KWaSXFTjy1GXwRD1QB
1dTNLNeE0ghJdwNZFg0If4hLUpBIHYsDlrEENU1VU3ujLupesgFNKhKKlg1ViKqD
dPHECioRehMgOcXKmDJyPyY64ISD9P1kdMM6lFWWHK9L69ujVIw6WL3pVobHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpmud1bdqkMEB6z4A2xA/Lr3LeEowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzIzODJlMzAyZjMyMzAyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBIyW
gDANBgkqhkiG9w0BAQsFAAOCAQEAsDxiI07CYEUEHUHASt5o27As8b8L2nWoVFwI
BxUIpw6qA1KWGJl6YMzHxShDziKZulSeaTtlou7LRg7/EjRG7URhLFsMkHeH6fIL
UTGBTOlVWaZDXUdOEimHRuSS9/60l90pn7JzLqQkMfSwNuCIwusKVa0FXLoVPb3w
WE4+dS5tyzCVwVOA3Q6HpXcHfAnkYo4iNydQ6ywoK5cPA4bOjcxDQ/Ngg3h7ywha
M4SvBVeFu7/z3CGBr0PwkB2wFT+7cot8bNqx6OEG3PEGs5TRFj7InWtETsdiut18
Ne+klZsLifJb7OqIi/vZ+Nar5ck0PvojsC6rx0EtjQExoQjLMg==
-----END CERTIFICATE-----
Generated at Wed Mar 6 21:47:28 2024 by rpki-client on console-ams.rpki-client.org