Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3137322e302f32322d3232203d3e20313734.roa
File: 3134302e3233332e3137322e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier: NicAPpimPOKDc6W0oc3WtKNONIAfbIKU+UPu0NWybsw=
Subject key identifier: 91:19:BE:A8:B9:9C:1B:52:97:C9:3E:61:88:99:8B:3F:AA:08:79:5E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 74982C1C4E8C06F29DD4C684E7F94F1F0911BBD1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3137322e302f32322d3232203d3e20313734.roa
Signing time: Mon 12 Feb 2024 11:11:01 +0000
ROA not before: Mon 12 Feb 2024 11:06:01 +0000
ROA not after: Mon 10 Feb 2025 11:11:01 +0000
asID: 174
IP address blocks: 140.233.172.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:98:2c:1c:4e:8c:06:f2:9d:d4:c6:84:e7:f9:4f:1f:09:11:bb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 12 11:06:01 2024 GMT
Not After : Feb 10 11:11:01 2025 GMT
Subject: CN=9119BEA8B99C1B5297C93E6188998B3FAA08795E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:93:3f:48:f3:19:20:1c:95:f4:d0:cb:72:
97:fe:09:c7:ed:4d:04:f2:53:92:33:cc:90:60:4b:
9d:7e:f1:66:79:41:03:7a:5a:fb:5f:63:95:3b:c8:
ba:f2:f2:e3:bd:48:1b:e2:72:0a:66:dc:8b:e9:0b:
0f:e8:8f:35:ff:a7:e3:1f:3b:67:35:4b:5e:e2:18:
6d:18:a1:d3:7e:36:35:61:e3:9c:5d:58:c7:e3:16:
3a:a2:1e:80:ad:01:fd:2b:17:f4:fb:46:bb:07:72:
8f:60:66:9c:79:60:12:16:66:c4:87:2c:83:01:51:
5c:d5:3d:77:04:dc:05:ef:75:86:c8:86:3f:4b:a2:
ce:a0:15:18:9c:21:fd:24:c2:f0:5c:c1:83:e7:e7:
19:79:01:2b:8d:97:f3:e5:3b:a5:70:91:4a:17:1d:
c5:2a:fb:43:ee:45:33:1f:cd:85:ba:20:bf:9f:84:
d4:2a:93:82:69:23:d5:86:63:c1:2f:8a:62:77:66:
04:2e:08:fc:2d:01:50:a0:5e:ef:19:71:99:ac:17:
e8:81:40:18:9e:fb:7c:ee:9b:4f:6b:3d:e2:aa:ed:
76:6e:55:94:db:7a:38:eb:ae:8d:aa:f9:28:78:85:
19:a5:7b:3e:84:f6:3e:05:62:97:ff:43:20:9b:2c:
a6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:19:BE:A8:B9:9C:1B:52:97:C9:3E:61:88:99:8B:3F:AA:08:79:5E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3137322e302f32322d3232203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.172.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:53:5a:ab:f1:f1:f7:89:3b:9b:a1:51:36:25:32:7c:b7:1e:
7e:68:45:f5:18:4e:5c:da:22:7b:cf:ae:c1:b8:45:d1:cb:b5:
21:86:e6:51:16:f5:c5:9c:48:9b:84:87:04:26:ab:1b:27:61:
03:15:c8:db:22:d3:bd:dd:89:e1:07:dd:bf:29:a7:10:36:76:
60:48:cf:c0:11:09:79:38:ec:c8:12:dd:a4:ee:a4:c2:3a:a3:
49:b1:52:4d:95:02:3a:97:f8:d1:ff:69:d2:19:42:7e:83:34:
2d:95:48:5a:ee:d3:c6:4b:54:49:5a:23:e3:80:f4:f5:a2:6a:
ff:b5:07:b9:67:c1:ae:19:5e:45:55:b9:cd:97:cd:b5:a8:75:
c1:e4:a9:cd:0e:a8:3e:c5:1d:13:b1:7b:ec:d4:40:04:48:04:
57:4e:ec:d7:5b:3c:39:db:17:d4:82:84:68:8f:41:35:9c:65:
8d:a4:00:8a:4f:55:31:83:ba:02:d3:b5:70:57:ff:de:a0:6c:
2d:83:39:b9:2d:fb:e2:7b:89:ce:19:5f:f9:f0:80:7e:ad:a0:
37:31:37:49:10:15:1f:17:65:b3:a0:2c:b2:a8:b4:97:4b:cd:
a6:ba:e1:c6:e8:81:30:32:a6:88:8a:87:3e:af:68:dc:8c:18:
47:b0:c8:7e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdJgsHE6MBvKd1MaE5/lPHwkRu9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMTIxMTA2MDFaFw0yNTAyMTAxMTExMDFaMDMxMTAvBgNV
BAMTKDkxMTlCRUE4Qjk5QzFCNTI5N0M5M0U2MTg4OTk4QjNGQUEwODc5NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM/pM/SPMZIByV9NDLcpf+Ccft
TQTyU5IzzJBgS51+8WZ5QQN6WvtfY5U7yLry8uO9SBvicgpm3IvpCw/ojzX/p+Mf
O2c1S17iGG0YodN+NjVh45xdWMfjFjqiHoCtAf0rF/T7RrsHco9gZpx5YBIWZsSH
LIMBUVzVPXcE3AXvdYbIhj9Los6gFRicIf0kwvBcwYPn5xl5ASuNl/PlO6VwkUoX
HcUq+0PuRTMfzYW6IL+fhNQqk4JpI9WGY8EvimJ3ZgQuCPwtAVCgXu8ZcZmsF+iB
QBie+3zum09rPeKq7XZuVZTbejjrro2q+Sh4hRmlez6E9j4FYpf/QyCbLKZXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkRm+qLmcG1KXyT5hiJmLP6oIeV4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzczNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAozp
rDANBgkqhkiG9w0BAQsFAAOCAQEAPVNaq/Hx94k7m6FRNiUyfLcefmhF9RhOXNoi
e8+uwbhF0cu1IYbmURb1xZxIm4SHBCarGydhAxXI2yLTvd2J4QfdvymnEDZ2YEjP
wBEJeTjsyBLdpO6kwjqjSbFSTZUCOpf40f9p0hlCfoM0LZVIWu7TxktUSVoj44D0
9aJq/7UHuWfBrhleRVW5zZfNtah1weSpzQ6oPsUdE7F77NRABEgEV07s11s8OdsX
1IKEaI9BNZxljaQAik9VMYO6AtO1cFf/3qBsLYM5uS374nuJzhlf+fCAfq2gNzE3
SRAVHxdls6Assqi0l0vNprrhxuiBMDKmiIqHPq9o3IwYR7DIfg==
-----END CERTIFICATE-----
Generated at Sat Apr 6 11:51:06 2024 by rpki-client on console-ams.rpki-client.org