Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3136382e302f32322d3232203d3e20313734.roa
File: 3134302e3233332e3136382e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier: WK+MLn7V7CZxIMaKnv4s5iPA0uwGprF2r1rQQ19IZzY=
Subject key identifier: CF:47:77:8E:17:A6:CC:3E:05:80:E7:F7:EC:68:03:5F:99:A4:A9:58
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 76B6707A9E16D6B4107B283A6A772CE06FC8A8FB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3136382e302f32322d3232203d3e20313734.roa
Signing time: Mon 12 Feb 2024 11:11:01 +0000
ROA not before: Mon 12 Feb 2024 11:06:01 +0000
ROA not after: Mon 10 Feb 2025 11:11:01 +0000
asID: 174
IP address blocks: 140.233.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:b6:70:7a:9e:16:d6:b4:10:7b:28:3a:6a:77:2c:e0:6f:c8:a8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 12 11:06:01 2024 GMT
Not After : Feb 10 11:11:01 2025 GMT
Subject: CN=CF47778E17A6CC3E0580E7F7EC68035F99A4A958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b5:0f:da:93:4c:a2:8f:46:81:2c:13:25:b0:
99:20:c1:4b:87:96:a2:7d:b4:0c:e5:53:9e:56:09:
5b:5c:b4:04:d1:c2:f4:44:27:be:c8:e2:4b:e6:91:
a7:88:6e:98:93:a9:70:63:ad:e1:a2:b0:a5:56:84:
95:35:44:18:cb:bd:6e:49:77:74:22:b7:23:79:d1:
7f:77:03:90:a8:e0:b4:52:e5:68:f9:bb:5f:04:9e:
67:b5:e2:7f:4e:89:b4:cd:10:6a:8e:d7:bc:98:0a:
0d:43:99:61:e5:fd:4b:cf:59:8e:5d:7d:73:29:44:
1b:a4:48:93:12:35:95:d8:29:73:76:22:1d:f3:6b:
26:a5:16:f5:f9:1d:b0:bf:b0:3e:97:92:84:af:18:
e0:7b:87:77:5e:75:1f:f5:4d:f4:3d:a0:e1:07:22:
62:b5:cc:2f:73:01:91:95:93:9e:8e:69:c9:ed:17:
12:99:95:4e:f8:13:52:72:6f:17:16:0e:7d:5b:0d:
13:1e:b2:6c:05:54:7d:b6:f1:e5:53:5a:4c:7c:64:
0b:e4:7e:ef:2a:c5:1d:ae:26:86:62:2c:4f:77:6a:
b8:1f:22:a8:9b:80:44:59:f0:15:40:36:bf:39:7e:
6f:ed:c5:a1:a5:2f:5a:e0:b4:3e:91:cf:b8:31:e8:
63:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:47:77:8E:17:A6:CC:3E:05:80:E7:F7:EC:68:03:5F:99:A4:A9:58
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3136382e302f32322d3232203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:87:87:e3:6f:ce:00:4b:db:b9:81:2e:ca:7a:d2:75:7b:0c:
60:1a:2f:b4:f1:36:db:56:0b:fa:9d:e5:d0:84:5f:10:4d:7d:
c8:68:3f:9b:6f:3c:71:d2:eb:37:62:8b:5c:27:d6:d8:62:dd:
ef:86:d1:8c:00:28:40:1a:02:51:42:bb:90:ca:17:47:19:1a:
13:68:ff:e1:a9:9f:d4:42:df:79:61:6a:bd:83:8f:da:0f:23:
10:b1:d4:8c:e4:49:59:88:87:6f:7f:82:7c:b9:2a:f6:47:bd:
ed:9a:56:6e:03:dd:c0:71:f1:eb:f1:a1:38:9b:2e:8e:e4:ff:
5d:07:16:e0:ec:fd:a0:94:54:cc:a8:7c:44:9a:49:6c:c7:06:
ee:ab:b8:89:7c:4d:d2:32:2a:8e:06:39:49:75:a3:20:fd:08:
96:d2:a8:a5:81:40:70:92:a6:7e:76:4f:fd:94:e0:28:f7:9d:
66:12:17:3c:fc:bb:54:b0:2e:bd:b3:27:00:91:c4:0a:80:85:
35:39:4e:24:fd:e0:35:a9:ce:67:05:02:5c:ea:47:f1:98:7e:
5e:65:2f:d7:37:c9:af:50:77:3e:11:bd:0d:aa:64:ac:b8:49:
23:8b:65:48:ed:2f:5b:95:80:20:6f:06:6e:d0:91:50:74:e1:
77:b6:a8:5b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdrZwep4W1rQQeyg6ancs4G/IqPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMTIxMTA2MDFaFw0yNTAyMTAxMTExMDFaMDMxMTAvBgNV
BAMTKENGNDc3NzhFMTdBNkNDM0UwNTgwRTdGN0VDNjgwMzVGOTlBNEE5NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9tQ/ak0yij0aBLBMlsJkgwUuH
lqJ9tAzlU55WCVtctATRwvREJ77I4kvmkaeIbpiTqXBjreGisKVWhJU1RBjLvW5J
d3QityN50X93A5Co4LRS5Wj5u18Enme14n9OibTNEGqO17yYCg1DmWHl/UvPWY5d
fXMpRBukSJMSNZXYKXN2Ih3zayalFvX5HbC/sD6XkoSvGOB7h3dedR/1TfQ9oOEH
ImK1zC9zAZGVk56OacntFxKZlU74E1JybxcWDn1bDRMesmwFVH228eVTWkx8ZAvk
fu8qxR2uJoZiLE93argfIqibgERZ8BVANr85fm/txaGlL1rgtD6Rz7gx6GMPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUz0d3jhemzD4FgOf37GgDX5mkqVgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzYzODJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzczNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAozp
qDANBgkqhkiG9w0BAQsFAAOCAQEAtIeH42/OAEvbuYEuynrSdXsMYBovtPE221YL
+p3l0IRfEE19yGg/m288cdLrN2KLXCfW2GLd74bRjAAoQBoCUUK7kMoXRxkaE2j/
4amf1ELfeWFqvYOP2g8jELHUjORJWYiHb3+CfLkq9ke97ZpWbgPdwHHx6/GhOJsu
juT/XQcW4Oz9oJRUzKh8RJpJbMcG7qu4iXxN0jIqjgY5SXWjIP0IltKopYFAcJKm
fnZP/ZTgKPedZhIXPPy7VLAuvbMnAJHECoCFNTlOJP3gNanOZwUCXOpH8Zh+XmUv
1zfJr1B3PhG9DapkrLhJI4tlSO0vW5WAIG8GbtCRUHThd7aoWw==
-----END CERTIFICATE-----
Generated at Sat Apr 6 11:51:06 2024 by rpki-client on console-ams.rpki-client.org