Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3139322e302f32342d3234203d3e2033333230.roa
File: 3134302e3233332e3139322e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: m4LpoOxHL2NnAsGxJ1jfcaAR3tOHDp7o5qYtDk3Srpc=
Subject key identifier: A8:6C:9D:06:F0:05:8B:A6:A5:EC:BF:F9:7F:94:9F:7A:4F:E3:0D:DE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0F7D17AC99F65C35E4389C22AC92EEAF18C2EDD7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3139322e302f32342d3234203d3e2033333230.roa
Signing time: Tue 06 Feb 2024 13:53:11 +0000
ROA not before: Tue 06 Feb 2024 13:48:11 +0000
ROA not after: Tue 04 Feb 2025 13:53:11 +0000
asID: 3320
IP address blocks: 140.233.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:7d:17:ac:99:f6:5c:35:e4:38:9c:22:ac:92:ee:af:18:c2:ed:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 6 13:48:11 2024 GMT
Not After : Feb 4 13:53:11 2025 GMT
Subject: CN=A86C9D06F0058BA6A5ECBFF97F949F7A4FE30DDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ad:93:51:52:0b:0e:99:9c:49:21:17:51:8c:
c2:17:76:1a:91:bd:1a:53:6d:2d:a0:d0:ce:f5:7d:
09:9c:bd:56:01:8c:09:c1:1a:73:cf:68:cc:a0:15:
12:82:c1:52:ef:a6:d8:f4:ea:4d:89:66:ac:7e:62:
97:29:dc:48:57:26:3f:47:da:94:51:35:d4:48:1c:
d3:41:49:18:30:2c:a6:18:63:4e:93:20:d1:e8:d8:
cb:23:aa:b4:87:25:44:bc:66:20:b5:0b:65:c8:34:
f3:58:ba:2f:23:c4:d1:36:5c:03:62:93:eb:ac:06:
90:b1:b3:df:97:50:d8:87:5f:cb:f3:ef:af:72:5b:
22:9e:fb:54:b7:50:e6:db:a0:8d:a5:5e:59:ea:66:
48:14:d1:2a:13:f3:23:b0:5b:ad:d9:4c:2c:e5:d4:
fc:de:74:a1:76:b5:3e:12:14:d8:5d:bc:48:8d:9b:
83:09:9a:e4:35:82:ca:79:f3:11:9f:f2:03:d0:63:
cc:68:91:a5:a3:8e:93:55:59:00:39:bd:e8:18:54:
76:1c:0f:97:39:17:fe:4b:1f:5b:e8:c0:a4:4a:ad:
68:8b:5d:be:29:e4:5b:f0:5e:b0:f8:17:be:df:31:
28:d2:3a:4b:d9:c0:da:06:59:27:f1:76:4d:2e:21:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6C:9D:06:F0:05:8B:A6:A5:EC:BF:F9:7F:94:9F:7A:4F:E3:0D:DE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3233332e3139322e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.192.0/24
Signature Algorithm: sha256WithRSAEncryption
39:18:0b:24:59:b5:ab:eb:41:c1:cd:60:09:e3:6e:8e:76:4c:
b6:66:cd:a1:ca:8c:87:4f:ad:a8:87:42:6c:a0:02:2e:50:54:
c5:65:55:17:8e:80:b0:0b:3b:97:fa:4f:5c:87:dc:ee:ea:15:
77:a1:44:a2:1a:7d:49:81:9a:a6:ff:35:3d:54:84:1b:fe:00:
89:76:6d:22:e7:af:d6:14:bf:e0:49:3b:79:ee:f1:37:99:ea:
c9:5f:0a:d9:4e:06:3c:ef:7b:02:59:37:ec:3c:e3:0c:e9:f5:
e1:f4:11:49:f4:6b:47:4a:6d:0d:a3:85:d5:d6:b1:f3:82:ab:
cd:83:c4:63:50:c4:1f:e1:6e:e8:1f:54:4e:b7:cc:5a:30:30:
3e:17:46:71:7d:3a:4e:c7:0d:a1:79:7d:02:45:1e:a0:77:48:
4f:59:f8:70:50:dd:d5:fd:29:75:95:bb:6b:d0:f9:89:40:5a:
a1:e2:c0:d6:61:32:c9:b7:f5:76:be:fc:b4:87:81:7b:e6:c2:
af:54:06:bd:49:ed:4b:d4:c6:26:31:5c:aa:d7:13:14:49:2b:
ba:dd:58:3e:01:c8:3d:14:fb:ca:96:0f:db:d8:a0:0c:a8:31:
41:b7:e5:e8:36:54:d5:7a:41:82:aa:20:64:e8:3a:11:dc:8f:
cf:4f:f8:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD30XrJn2XDXkOJwirJLurxjC7dcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAyMDYxMzQ4MTFaFw0yNTAyMDQxMzUzMTFaMDMxMTAvBgNV
BAMTKEE4NkM5RDA2RjAwNThCQTZBNUVDQkZGOTdGOTQ5RjdBNEZFMzBEREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDarZNRUgsOmZxJIRdRjMIXdhqR
vRpTbS2g0M71fQmcvVYBjAnBGnPPaMygFRKCwVLvptj06k2JZqx+Ypcp3EhXJj9H
2pRRNdRIHNNBSRgwLKYYY06TINHo2MsjqrSHJUS8ZiC1C2XINPNYui8jxNE2XANi
k+usBpCxs9+XUNiHX8vz769yWyKe+1S3UObboI2lXlnqZkgU0SoT8yOwW63ZTCzl
1PzedKF2tT4SFNhdvEiNm4MJmuQ1gsp58xGf8gPQY8xokaWjjpNVWQA5vegYVHYc
D5c5F/5LH1vowKRKrWiLXb4p5FvwXrD4F77fMSjSOkvZwNoGWSfxdk0uIba9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqGydBvAFi6al7L/5f5Sfek/jDd4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMjMzMzMyZTMx
MzkzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzMzMjMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
jOnAMA0GCSqGSIb3DQEBCwUAA4IBAQA5GAskWbWr60HBzWAJ426Odky2Zs2hyoyH
T62oh0JsoAIuUFTFZVUXjoCwCzuX+k9ch9zu6hV3oUSiGn1JgZqm/zU9VIQb/gCJ
dm0i56/WFL/gSTt57vE3merJXwrZTgY873sCWTfsPOMM6fXh9BFJ9GtHSm0No4XV
1rHzgqvNg8RjUMQf4W7oH1ROt8xaMDA+F0ZxfTpOxw2heX0CRR6gd0hPWfhwUN3V
/Sl1lbtr0PmJQFqh4sDWYTLJt/V2vvy0h4F75sKvVAa9Se1L1MYmMVyq1xMUSSu6
3Vg+Acg9FPvKlg/b2KAMqDFBt+XoNlTVekGCqiBk6DoR3I/PT/hO
-----END CERTIFICATE-----
Generated at Sat Apr 6 12:13:37 2024 by rpki-client on console-fra.rpki-client.org