Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138382e302f32322d3232203d3e20313734.roa
File: 3134302e3233332e3138382e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier: 1Ti57s3nfXwUTQUXmIEQ2DE/ZKgwHR4/WHm1ppCzP40=
Subject key identifier: 69:FA:8F:F1:6E:D0:EF:9F:75:FC:26:DD:C3:63:77:81:00:8D:D7:23
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 37E80B29F8D4DFC06EEAC6F29F4080001DEF2828
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138382e302f32322d3232203d3e20313734.roa
Signing time: Tue 20 Feb 2024 20:29:02 +0000
ROA not before: Tue 20 Feb 2024 20:24:02 +0000
ROA not after: Tue 18 Feb 2025 20:29:02 +0000
asID: 174
IP address blocks: 140.233.188.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:e8:0b:29:f8:d4:df:c0:6e:ea:c6:f2:9f:40:80:00:1d:ef:28:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 20 20:24:02 2024 GMT
Not After : Feb 18 20:29:02 2025 GMT
Subject: CN=69FA8FF16ED0EF9F75FC26DDC3637781008DD723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b3:0d:12:3e:ce:42:11:f3:3d:1f:1d:af:32:
31:fb:86:82:3f:14:58:4b:5b:14:27:c0:25:cd:41:
a7:32:b9:b7:70:10:7b:c8:56:0b:03:4f:ef:15:62:
04:18:ad:a8:13:93:b6:cf:31:9a:be:e3:6a:7b:52:
ad:7b:0f:d7:41:f7:9b:b2:94:90:02:5d:b2:02:51:
69:14:b5:48:06:f2:94:2d:79:9d:80:09:3c:c8:1f:
1e:5d:da:b9:d7:8c:b1:6b:46:a0:a2:66:ad:e1:5d:
8a:3c:e0:db:94:f6:0b:22:59:b0:e7:65:bd:71:10:
5f:6e:ce:0d:f5:6a:df:ac:20:6f:03:d7:2f:8c:e9:
99:fd:7a:58:35:e2:38:d0:20:a5:2e:21:52:d0:fc:
47:78:4b:05:10:13:dc:22:28:b3:af:be:37:f7:aa:
7c:39:6b:be:a3:25:e1:31:53:9b:5a:90:06:97:30:
91:89:78:2d:a7:2d:3f:6c:b5:0e:22:a7:19:15:9a:
55:85:1e:ba:d2:e5:10:a4:56:92:d3:3e:10:0c:02:
3a:f4:88:8b:39:f9:87:30:71:e4:2f:7e:3c:02:22:
bb:c3:83:cb:12:4a:46:e8:b8:57:40:d0:29:64:a8:
a7:c5:0a:67:e6:41:72:f4:0e:b4:6e:49:89:8e:8f:
c6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FA:8F:F1:6E:D0:EF:9F:75:FC:26:DD:C3:63:77:81:00:8D:D7:23
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3138382e302f32322d3232203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.188.0/22
Signature Algorithm: sha256WithRSAEncryption
99:1f:73:bd:c5:85:41:18:44:22:08:c9:bb:dd:3d:3c:52:b4:
eb:8d:f6:b3:c5:14:eb:0b:90:4e:91:7f:4d:2e:57:73:42:ed:
bf:8e:68:d9:fa:58:26:b4:ff:56:cc:a3:c7:8e:b2:3f:09:a3:
9c:01:c5:f9:06:0e:91:9d:92:23:02:33:cc:30:22:ca:57:63:
ed:c3:f6:8a:92:4d:c3:d5:1d:cb:e8:07:9b:1c:4c:cb:58:53:
2f:09:31:fb:6b:7c:2e:a3:c8:90:60:e8:18:71:3b:56:40:18:
b0:73:ba:5a:6f:c3:fe:41:4d:51:a5:e0:cc:20:aa:b6:14:c2:
9b:6e:63:41:2b:7d:20:b5:20:73:c7:29:30:f9:8b:47:ce:45:
a7:01:ad:dd:44:37:24:72:de:5e:00:3d:51:32:2d:40:17:7e:
23:6f:4b:3d:21:3f:aa:ad:e3:68:1d:fc:9c:fb:fb:c6:69:21:
2e:42:36:1a:5a:08:c3:33:75:b3:9e:2b:e9:57:14:df:4c:a6:
fb:dd:da:f8:23:0d:d1:63:42:79:1b:86:ec:1b:14:16:0b:06:
54:d8:f9:89:7b:fc:66:bb:3f:67:c4:89:12:2d:36:6b:74:b3:
1e:c7:5e:65:56:86:04:f8:e0:f1:a2:6f:6d:b5:9f:82:05:78:
d9:71:86:f8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUN+gLKfjU38Bu6sbyn0CAAB3vKCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMjAyMDI0MDJaFw0yNTAyMTgyMDI5MDJaMDMxMTAvBgNV
BAMTKDY5RkE4RkYxNkVEMEVGOUY3NUZDMjZEREMzNjM3NzgxMDA4REQ3MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChsw0SPs5CEfM9Hx2vMjH7hoI/
FFhLWxQnwCXNQacyubdwEHvIVgsDT+8VYgQYragTk7bPMZq+42p7Uq17D9dB95uy
lJACXbICUWkUtUgG8pQteZ2ACTzIHx5d2rnXjLFrRqCiZq3hXYo84NuU9gsiWbDn
Zb1xEF9uzg31at+sIG8D1y+M6Zn9elg14jjQIKUuIVLQ/Ed4SwUQE9wiKLOvvjf3
qnw5a76jJeExU5takAaXMJGJeC2nLT9stQ4ipxkVmlWFHrrS5RCkVpLTPhAMAjr0
iIs5+YcwceQvfjwCIrvDg8sSSkbouFdA0ClkqKfFCmfmQXL0DrRuSYmOj8ZBAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUafqP8W7Q7591/Cbdw2N3gQCN1yMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzgzODJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMxMzczNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAozp
vDANBgkqhkiG9w0BAQsFAAOCAQEAmR9zvcWFQRhEIgjJu909PFK06432s8UU6wuQ
TpF/TS5Xc0Ltv45o2fpYJrT/Vsyjx46yPwmjnAHF+QYOkZ2SIwIzzDAiyldj7cP2
ipJNw9Udy+gHmxxMy1hTLwkx+2t8LqPIkGDoGHE7VkAYsHO6Wm/D/kFNUaXgzCCq
thTCm25jQSt9ILUgc8cpMPmLR85FpwGt3UQ3JHLeXgA9UTItQBd+I29LPSE/qq3j
aB38nPv7xmkhLkI2GloIwzN1s54r6VcU30ym+93a+CMN0WNCeRuG7BsUFgsGVNj5
iXv8Zrs/Z8SJEi02a3SzHsdeZVaGBPjg8aJvbbWfggV42XGG+A==
-----END CERTIFICATE-----
Generated at Sat Apr 6 11:51:06 2024 by rpki-client on console-ams.rpki-client.org