Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3135322e302f32312d3234203d3e203339353231.roa
File: 3134302e3135302e3135322e302f32312d3234203d3e203339353231.roa (raw, json)
Hash identifier: TFYULPf+xVdKrnkxnNjdnGQ3xqxMbr6O0iRDEhkXmAM=
Subject key identifier: 28:A0:B6:7D:04:29:94:17:63:E6:35:23:DE:C7:90:84:41:95:D8:66
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0914D074A0E51F4BD05EA9B1A27063099DA139DA
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3135322e302f32312d3234203d3e203339353231.roa
Signing time: Thu 15 Feb 2024 15:05:12 +0000
ROA not before: Thu 15 Feb 2024 15:00:12 +0000
ROA not after: Thu 13 Feb 2025 15:05:12 +0000
asID: 39521
IP address blocks: 140.150.152.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:14:d0:74:a0:e5:1f:4b:d0:5e:a9:b1:a2:70:63:09:9d:a1:39:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 15 15:00:12 2024 GMT
Not After : Feb 13 15:05:12 2025 GMT
Subject: CN=28A0B67D0429941763E63523DEC790844195D866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:01:aa:0d:e7:ba:64:02:17:cc:97:f3:a1:ef:
fb:bf:f0:d3:90:18:fb:a4:3e:52:1b:5f:85:51:95:
e9:0b:6c:73:4e:cf:25:c9:25:74:47:3d:98:6d:8e:
be:a8:e3:07:5a:26:82:ef:c2:6e:3f:81:69:e1:90:
71:56:65:38:45:13:85:bc:a4:10:13:58:56:6d:08:
df:1e:3b:39:15:c5:a3:a4:6c:da:c6:63:a7:80:21:
26:78:29:e7:2c:86:ef:3e:57:2b:31:f1:89:40:ae:
93:4f:c3:88:58:3b:bb:d4:11:2d:b0:04:69:e9:03:
d1:c0:cf:79:83:c1:6c:f2:07:23:02:aa:9c:8c:f9:
60:0b:fc:5d:a6:51:4d:b5:1a:e3:14:44:06:5c:46:
bb:50:66:fc:ee:df:94:5b:2f:72:4a:7a:c2:e9:fb:
db:15:c0:5b:59:ee:1b:7b:a4:4c:d7:1d:c2:f7:fc:
ac:d5:c1:71:d2:0b:04:8a:53:42:0e:f7:9d:48:92:
40:9d:c3:12:33:9c:a4:ba:31:db:aa:31:4a:a5:8e:
18:55:01:51:78:93:fb:fd:a2:d2:31:f5:f1:bf:b6:
06:f3:78:31:b3:84:a6:f9:e6:37:96:45:f3:dd:9e:
29:64:d8:10:84:24:81:ce:43:5f:b8:cd:2d:92:ad:
42:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A0:B6:7D:04:29:94:17:63:E6:35:23:DE:C7:90:84:41:95:D8:66
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3135322e302f32312d3234203d3e203339353231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.152.0/21
Signature Algorithm: sha256WithRSAEncryption
81:99:72:16:cd:c4:ba:21:3c:4d:67:cb:73:10:e4:b9:80:3a:
32:ae:e2:bb:4b:6d:7a:9a:cf:2e:de:29:7f:c6:24:0f:68:13:
b4:f7:4c:9f:d8:ae:4c:e7:66:91:36:12:8d:d8:20:43:aa:7f:
59:ed:15:8f:90:4d:9e:c9:d4:94:10:29:f3:ab:14:fe:9d:d1:
65:43:c5:cc:7e:2a:5a:15:0d:90:27:01:32:2a:00:a9:55:85:
03:f9:2c:43:01:a2:34:9e:b3:b9:f0:1e:18:a3:39:a4:cc:4a:
08:b8:7e:8a:1f:66:a7:9e:ab:f9:4e:7b:fc:51:43:04:cf:35:
ca:6d:63:8b:c9:6f:d0:cf:d3:8b:15:23:aa:70:77:e0:fa:d2:
46:3a:44:63:e4:96:3f:78:2b:66:e2:d1:eb:62:a3:14:ef:77:
3a:b6:5e:32:08:c6:38:29:ae:8c:56:dc:a6:74:3c:a5:0b:e9:
29:ee:c4:20:2f:c2:1b:3d:e6:fe:21:52:62:50:b6:75:75:f9:
c9:c4:0d:e7:60:6e:e3:9b:ed:5d:3d:bf:c5:a0:9c:72:42:41:
3f:85:b7:d8:d4:d8:59:be:5a:ac:25:83:b7:ab:ce:94:72:4a:
e3:15:61:17:98:10:ec:96:d7:62:1c:dc:57:8a:da:2f:7c:58:
b9:53:c0:cf
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCRTQdKDlH0vQXqmxonBjCZ2hOdowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMTUxNTAwMTJaFw0yNTAyMTMxNTA1MTJaMDMxMTAvBgNV
BAMTKDI4QTBCNjdEMDQyOTk0MTc2M0U2MzUyM0RFQzc5MDg0NDE5NUQ4NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGAaoN57pkAhfMl/Oh7/u/8NOQ
GPukPlIbX4VRlekLbHNOzyXJJXRHPZhtjr6o4wdaJoLvwm4/gWnhkHFWZThFE4W8
pBATWFZtCN8eOzkVxaOkbNrGY6eAISZ4Kecshu8+Vysx8YlArpNPw4hYO7vUES2w
BGnpA9HAz3mDwWzyByMCqpyM+WAL/F2mUU21GuMURAZcRrtQZvzu35RbL3JKesLp
+9sVwFtZ7ht7pEzXHcL3/KzVwXHSCwSKU0IO951IkkCdwxIznKS6MduqMUqljhhV
AVF4k/v9otIx9fG/tgbzeDGzhKb55jeWRfPdnilk2BCEJIHOQ1+4zS2SrUK7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKKC2fQQplBdj5jUj3seQhEGV2GYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzUzMjJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMzMzkzNTMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAOMlpgwDQYJKoZIhvcNAQELBQADggEBAIGZchbNxLohPE1ny3MQ5LmAOjKu4rtL
bXqazy7eKX/GJA9oE7T3TJ/YrkznZpE2Eo3YIEOqf1ntFY+QTZ7J1JQQKfOrFP6d
0WVDxcx+KloVDZAnATIqAKlVhQP5LEMBojSes7nwHhijOaTMSgi4foofZqeeq/lO
e/xRQwTPNcptY4vJb9DP04sVI6pwd+D60kY6RGPklj94K2bi0etioxTvdzq2XjII
xjgproxW3KZ0PKUL6SnuxCAvwhs95v4hUmJQtnV1+cnEDedgbuOb7V09v8WgnHJC
QT+Ft9jU2Fm+Wqwlg7erzpRySuMVYReYEOyW12Ic3FeK2i98WLlTwM8=
-----END CERTIFICATE-----
Generated at Sat Apr 6 12:13:37 2024 by rpki-client on console-fra.rpki-client.org