Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3132382e302f31392d3139203d3e203134363138.roa
File: 3134302e3233332e3132382e302f31392d3139203d3e203134363138.roa (raw, json)
Hash identifier: rGZ8XmcaJrJmoc7lUpYfdyf00H5KWsNzFoBlpFMOv9g=
Subject key identifier: 21:BD:1C:DB:EB:C1:8B:15:35:4A:E6:4A:6B:9E:AC:28:1A:F9:D7:DE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1D8E6F10C83DB4CAB3C4F3B6710B0008F2A8D4FF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3132382e302f31392d3139203d3e203134363138.roa
Signing time: Mon 12 Feb 2024 05:23:05 +0000
ROA not before: Mon 12 Feb 2024 05:18:05 +0000
ROA not after: Mon 10 Feb 2025 05:23:05 +0000
asID: 14618
IP address blocks: 140.233.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Wed 14 Feb 2024 11:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:8e:6f:10:c8:3d:b4:ca:b3:c4:f3:b6:71:0b:00:08:f2:a8:d4:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 12 05:18:05 2024 GMT
Not After : Feb 10 05:23:05 2025 GMT
Subject: CN=21BD1CDBEBC18B15354AE64A6B9EAC281AF9D7DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:da:df:29:17:57:37:a2:60:3e:57:e0:16:
a0:18:5e:2c:31:76:07:61:91:6d:db:fd:e9:dc:0d:
f2:35:4a:00:cb:8b:5d:49:b3:d1:49:71:95:52:b4:
92:9a:71:ac:ff:32:12:58:3e:17:83:91:b4:ef:1e:
62:9a:cc:fa:28:18:12:ef:a3:25:5f:e8:d2:1c:a0:
95:bd:5f:22:17:b2:e4:72:af:f0:5d:53:0d:aa:ea:
f9:c2:52:d6:b2:65:e3:85:ab:f1:02:06:3e:69:6c:
61:a8:ec:6a:06:1e:15:0d:64:82:80:53:6b:25:9e:
29:d2:a6:18:eb:ca:14:07:11:53:cb:32:3a:65:e5:
74:9c:52:cd:27:f0:fb:94:25:83:91:23:04:19:1f:
88:27:c8:af:09:f0:11:41:4b:74:00:32:35:0f:08:
61:16:f5:39:ac:2f:22:ad:c1:64:ab:0b:38:2a:0f:
db:db:87:ad:e0:f2:f3:5b:8b:e2:81:21:0f:c0:54:
ee:19:1e:ee:9d:aa:f0:48:22:12:7d:9d:f5:68:04:
6f:23:f2:9b:6f:39:fb:14:69:5b:cf:45:83:ba:96:
c7:f0:f9:c2:8d:ff:1a:41:07:ab:e1:76:88:09:45:
1e:8a:1e:72:db:57:48:b6:5b:97:82:41:90:d3:9a:
e8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:BD:1C:DB:EB:C1:8B:15:35:4A:E6:4A:6B:9E:AC:28:1A:F9:D7:DE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3132382e302f31392d3139203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:23:57:8a:5e:8d:fe:1c:7e:c3:a5:4c:d2:3d:29:25:fb:04:
81:80:6d:c2:46:3a:0d:2d:b5:64:31:4a:2f:c1:db:63:33:d6:
29:1b:e0:77:7c:be:88:30:cc:61:3e:b6:0c:a3:d5:07:c1:cc:
7d:fa:dc:6f:76:2f:b6:74:d7:60:5f:8f:72:72:bc:06:6b:af:
23:c2:60:4d:8b:79:c8:76:d9:32:ea:52:57:12:33:a6:6f:0f:
6c:e1:c8:09:cc:46:8b:08:ce:80:8c:00:5c:7d:df:e8:d9:a7:
8d:78:f7:3f:1a:66:c8:ed:32:b0:b1:37:0c:09:9f:3a:c6:bb:
41:f0:79:85:ea:c3:45:db:ce:8e:b3:3e:21:22:ce:ca:34:74:
7c:c8:23:5d:16:0a:d8:4f:bf:f5:a9:37:41:ea:f0:9e:b7:d9:
4b:64:15:03:6c:b1:81:47:40:d4:66:88:82:0f:6c:f1:c2:0a:
b7:65:47:0b:b1:38:68:7f:12:27:b9:d2:b5:5c:7b:ae:24:2f:
0a:c6:34:9f:a8:30:b2:10:a4:d8:d9:47:cc:46:20:16:9c:72:
68:0a:0c:cc:a1:89:65:2c:fc:dd:c4:92:99:b7:93:ec:81:e2:
65:36:c7:0c:fb:e5:66:eb:a2:b1:8b:2c:90:22:c6:ab:4a:da:
4d:32:aa:4b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHY5vEMg9tMqzxPO2cQsACPKo1P8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMTIwNTE4MDVaFw0yNTAyMTAwNTIzMDVaMDMxMTAvBgNV
BAMTKDIxQkQxQ0RCRUJDMThCMTUzNTRBRTY0QTZCOUVBQzI4MUFGOUQ3REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaoNrfKRdXN6JgPlfgFqAYXiwx
dgdhkW3b/encDfI1SgDLi11Js9FJcZVStJKacaz/MhJYPheDkbTvHmKazPooGBLv
oyVf6NIcoJW9XyIXsuRyr/BdUw2q6vnCUtayZeOFq/ECBj5pbGGo7GoGHhUNZIKA
U2slninSphjryhQHEVPLMjpl5XScUs0n8PuUJYORIwQZH4gnyK8J8BFBS3QAMjUP
CGEW9TmsLyKtwWSrCzgqD9vbh63g8vNbi+KBIQ/AVO4ZHu6dqvBIIhJ9nfVoBG8j
8ptvOfsUaVvPRYO6lsfw+cKN/xpBB6vhdogJRR6KHnLbV0i2W5eCQZDTmug9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIb0c2+vBixU1SuZKa56sKBr5194wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzIzODJlMzAyZjMxMzkyZDMxMzkyMDNkM2UyMDMxMzQzNjMxMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAWM6YAwDQYJKoZIhvcNAQELBQADggEBAKkjV4pejf4cfsOlTNI9KSX7BIGAbcJG
Og0ttWQxSi/B22Mz1ikb4Hd8vogwzGE+tgyj1QfBzH363G92L7Z012Bfj3JyvAZr
ryPCYE2Lech22TLqUlcSM6ZvD2zhyAnMRosIzoCMAFx93+jZp4149z8aZsjtMrCx
NwwJnzrGu0HweYXqw0Xbzo6zPiEizso0dHzII10WCthPv/WpN0Hq8J632UtkFQNs
sYFHQNRmiIIPbPHCCrdlRwuxOGh/Eie50rVce64kLwrGNJ+oMLIQpNjZR8xGIBac
cmgKDMyhiWUs/N3Ekpm3k+yB4mU2xwz75WbrorGLLJAixqtK2k0yqks=
-----END CERTIFICATE-----
Generated at Wed Feb 14 15:10:47 2024 by rpki-client on console-ams.rpki-client.org