Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3136302e302f32312d3234203d3e20383334.roa
File: 3134302e3233332e3136302e302f32312d3234203d3e20383334.roa (raw, json)
Hash identifier: mJVCIxNL1MrOaDp/TSFi5TKBhCTc+itVcjshi2C0HfM=
Subject key identifier: E3:A9:08:91:3A:6A:19:07:F2:6D:6E:EA:F0:22:9D:02:EF:98:1E:A9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1CFC46FA440A529754BDBD037874A1D971AAF94F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3136302e302f32312d3234203d3e20383334.roa
Signing time: Mon 12 Feb 2024 11:11:58 +0000
ROA not before: Mon 12 Feb 2024 11:06:58 +0000
ROA not after: Mon 10 Feb 2025 11:11:58 +0000
asID: 834
IP address blocks: 140.233.160.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Feb 2024 20:29:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:fc:46:fa:44:0a:52:97:54:bd:bd:03:78:74:a1:d9:71:aa:f9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 12 11:06:58 2024 GMT
Not After : Feb 10 11:11:58 2025 GMT
Subject: CN=E3A908913A6A1907F26D6EEAF0229D02EF981EA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:23:48:bc:e9:d4:9e:99:d0:14:b4:f9:52:99:
e9:3f:65:82:c5:06:cf:3a:d0:21:11:ad:e3:9c:2c:
a2:9a:38:ea:bf:c3:ba:99:24:fd:da:fb:21:d5:5a:
bc:10:8c:61:dd:03:58:67:8a:5d:18:08:72:43:e5:
5f:e6:c5:df:c0:8e:d3:4b:9a:83:26:26:57:5f:e6:
86:35:45:a2:04:30:c3:87:fc:fa:5c:da:80:fd:64:
3a:79:bc:79:e6:6f:7f:aa:0b:f4:49:70:3a:d5:ed:
e7:cd:df:15:89:72:62:b8:0a:b7:73:3b:ab:d4:c5:
cc:04:4e:b8:88:63:84:e3:9f:f4:da:86:e8:0f:43:
45:00:75:63:5f:2a:5f:70:19:05:fa:75:c5:0c:44:
e6:41:f8:0e:bd:4d:b6:27:62:f3:f1:83:0f:1d:b2:
98:d2:74:a7:67:68:3d:64:9b:30:ac:2e:84:0d:56:
dd:af:cc:7d:c1:d0:a2:48:fc:e6:5e:65:53:2d:d0:
d6:b7:35:b7:fc:53:fe:0b:8c:6b:ef:91:48:69:c1:
af:e5:e0:c3:dd:4f:95:96:67:b7:1c:25:7d:c4:00:
08:67:66:2b:2d:66:7f:a0:e0:e3:c8:c5:3a:e0:2a:
01:0f:ec:40:89:d6:69:07:4c:67:de:67:46:6a:51:
f9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A9:08:91:3A:6A:19:07:F2:6D:6E:EA:F0:22:9D:02:EF:98:1E:A9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3136302e302f32312d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.160.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:9a:0c:4c:67:7c:a0:84:b4:d6:c2:b2:dc:17:37:6a:80:2f:
f4:f1:84:be:81:d5:a4:a0:5d:38:0e:76:98:8b:7f:58:d4:7f:
56:78:a9:66:3d:e2:a4:a9:68:ba:8b:f2:94:d1:8a:97:a7:10:
44:1e:03:7a:1d:19:6b:2f:20:a3:89:bb:76:9f:46:15:f9:df:
69:84:81:7d:fe:82:85:d7:29:43:36:ef:20:7d:dc:98:eb:1c:
cb:7d:a2:92:22:a0:19:54:56:7c:3a:2a:de:c0:a5:2a:eb:82:
b1:a5:7b:c6:14:72:80:9c:a2:27:26:a4:6a:bc:54:cc:84:ac:
f2:bb:af:b0:8c:a6:f7:8a:a1:21:94:ef:18:a2:1a:43:10:0f:
03:3d:a4:33:b0:00:e6:2a:8c:36:21:ed:d8:40:49:18:a0:15:
5d:fa:4e:d5:b9:1c:5f:26:0d:76:86:17:97:75:45:cb:71:e5:
ac:ab:a1:5c:22:87:89:e2:3c:b7:f9:e2:9d:2d:41:f8:be:de:
84:66:0a:d8:2f:3e:50:33:74:0e:89:82:a4:19:b2:15:b4:73:
b6:2b:64:33:4b:59:51:92:82:12:15:0b:f8:fb:a4:fc:a5:1e:
15:d9:28:64:be:3f:39:fb:f2:87:d6:da:fa:ca:82:41:2d:dc:
8f:37:a5:84
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHPxG+kQKUpdUvb0DeHSh2XGq+U8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMTIxMTA2NThaFw0yNTAyMTAxMTExNThaMDMxMTAvBgNV
BAMTKEUzQTkwODkxM0E2QTE5MDdGMjZENkVFQUYwMjI5RDAyRUY5ODFFQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUI0i86dSemdAUtPlSmek/ZYLF
Bs860CERreOcLKKaOOq/w7qZJP3a+yHVWrwQjGHdA1hnil0YCHJD5V/mxd/AjtNL
moMmJldf5oY1RaIEMMOH/Ppc2oD9ZDp5vHnmb3+qC/RJcDrV7efN3xWJcmK4Crdz
O6vUxcwETriIY4Tjn/TahugPQ0UAdWNfKl9wGQX6dcUMROZB+A69TbYnYvPxgw8d
spjSdKdnaD1kmzCsLoQNVt2vzH3B0KJI/OZeZVMt0Na3Nbf8U/4LjGvvkUhpwa/l
4MPdT5WWZ7ccJX3EAAhnZistZn+g4OPIxTrgKgEP7ECJ1mkHTGfeZ0ZqUflnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU46kIkTpqGQfybW7q8CKdAu+YHqkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzYzMDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA4zp
oDANBgkqhkiG9w0BAQsFAAOCAQEAP5oMTGd8oIS01sKy3Bc3aoAv9PGEvoHVpKBd
OA52mIt/WNR/VnipZj3ipKlouovylNGKl6cQRB4Deh0Zay8go4m7dp9GFfnfaYSB
ff6ChdcpQzbvIH3cmOscy32ikiKgGVRWfDoq3sClKuuCsaV7xhRygJyiJyakarxU
zISs8ruvsIym94qhIZTvGKIaQxAPAz2kM7AA5iqMNiHt2EBJGKAVXfpO1bkcXyYN
doYXl3VFy3HlrKuhXCKHieI8t/ninS1B+L7ehGYK2C8+UDN0DomCpBmyFbRztitk
M0tZUZKCEhUL+Puk/KUeFdkoZL4/Ofvyh9ba+sqCQS3cjzelhA==
-----END CERTIFICATE-----
Generated at Tue Feb 20 23:45:56 2024 by rpki-client on console-ams.rpki-client.org