Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e34302e302f32322d3234203d3e20383334.roa
File: 3134362e3130332e34302e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: 8bVgMyuqcX3YKdd5DqXskhDcLRlw3QcXhjcMAVF/pzM=
Subject key identifier: 31:F9:D4:B2:8D:4F:4E:1A:EC:2B:B9:40:3F:10:63:A0:A6:69:84:B1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 669EA849537691FE22ABC3D5663F7655DDF9ED9F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e34302e302f32322d3234203d3e20383334.roa
Signing time: Wed 27 Mar 2024 17:41:11 +0000
ROA not before: Wed 27 Mar 2024 17:36:11 +0000
ROA not after: Wed 26 Mar 2025 17:41:11 +0000
asID: 834
IP address blocks: 146.103.40.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Apr 2024 16:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:9e:a8:49:53:76:91:fe:22:ab:c3:d5:66:3f:76:55:dd:f9:ed:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 27 17:36:11 2024 GMT
Not After : Mar 26 17:41:11 2025 GMT
Subject: CN=31F9D4B28D4F4E1AEC2BB9403F1063A0A66984B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b4:53:11:a5:9b:a8:35:c0:f8:dd:b5:86:e4:
08:7b:06:1c:ea:d2:bf:46:bf:6e:7a:db:9a:b7:fb:
64:f2:02:e1:46:c4:bc:4a:de:a2:bf:0a:45:51:10:
21:d1:fb:34:af:97:68:42:6f:e4:33:8c:3b:19:f9:
2e:a4:8a:c4:c2:f3:06:07:00:61:06:ac:3c:65:e4:
54:2a:cb:4c:d8:08:8b:b4:36:52:8f:3c:a0:23:dc:
65:64:95:73:10:23:a0:c9:c9:f9:93:e4:20:bc:69:
b8:db:eb:bd:6f:1a:b6:d3:28:fd:70:a0:57:50:bd:
e2:4f:2b:70:f3:13:1f:ea:a8:0f:c3:80:17:76:be:
ef:92:71:75:31:fe:9e:f3:63:b2:f4:55:36:ae:aa:
8a:76:4a:63:a0:86:f7:4e:01:ab:2b:58:ee:21:c7:
3f:fc:a7:5d:f9:3e:19:90:84:04:0f:b9:53:53:a4:
8c:9e:22:2a:86:7f:a7:ca:79:42:21:8b:d0:5f:04:
4b:97:23:44:c4:97:17:a5:8b:45:b4:c3:a1:b3:dc:
90:74:1d:20:27:7f:81:de:d9:61:af:9a:a0:88:4f:
2f:2e:a0:7f:65:a1:97:d0:59:82:e2:be:fd:90:9f:
d4:29:fb:8b:d3:55:a9:e4:a6:22:4f:50:25:0d:85:
76:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F9:D4:B2:8D:4F:4E:1A:EC:2B:B9:40:3F:10:63:A0:A6:69:84:B1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e34302e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.40.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:a0:12:4d:fd:01:1f:33:ed:ba:7a:26:63:d5:2f:c2:11:0a:
72:4b:1f:88:cd:54:34:93:c6:6b:b0:d8:a1:31:71:30:fa:55:
33:22:fd:ad:85:9d:f4:94:a4:60:e2:8f:be:d9:3a:d5:28:3a:
b8:55:ea:c6:e9:e6:fa:41:9c:9f:14:a9:9d:33:67:19:07:78:
8f:17:35:c0:d5:af:64:8a:d5:49:47:4d:1c:55:55:2d:cd:dd:
7e:6f:77:13:80:f9:b8:ea:d1:af:4b:d1:f9:15:23:28:cd:68:
41:24:35:05:53:77:f4:2b:e5:8a:1d:a8:df:e5:78:29:ac:ec:
8d:28:bc:00:00:ae:4a:a4:65:78:b5:42:0e:e1:51:48:63:91:
1e:fe:35:7e:e6:80:1e:b9:65:9d:1a:a5:0f:d6:e0:15:ee:b1:
f3:a7:d0:12:0a:8f:b8:12:33:2f:2b:87:b7:16:69:35:0f:a1:
2a:9e:17:e4:51:21:78:fb:d7:6e:b6:dd:d1:a4:7c:3d:be:21:
20:23:60:ed:84:c4:f5:59:34:68:4e:6f:63:a5:ef:e2:7a:ab:
cc:e8:f6:ad:16:ce:aa:c0:c1:94:9d:31:ed:f6:d1:ad:8f:53:
2e:85:47:9b:1e:e1:ab:2d:4a:12:2c:0a:6e:b3:a9:61:8f:a5:
39:f4:e6:89
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZp6oSVN2kf4iq8PVZj92Vd357Z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMjcxNzM2MTFaFw0yNTAzMjYxNzQxMTFaMDMxMTAvBgNV
BAMTKDMxRjlENEIyOEQ0RjRFMUFFQzJCQjk0MDNGMTA2M0EwQTY2OTg0QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOtFMRpZuoNcD43bWG5Ah7Bhzq
0r9Gv25625q3+2TyAuFGxLxK3qK/CkVRECHR+zSvl2hCb+QzjDsZ+S6kisTC8wYH
AGEGrDxl5FQqy0zYCIu0NlKPPKAj3GVklXMQI6DJyfmT5CC8abjb671vGrbTKP1w
oFdQveJPK3DzEx/qqA/DgBd2vu+ScXUx/p7zY7L0VTauqop2SmOghvdOAasrWO4h
xz/8p135PhmQhAQPuVNTpIyeIiqGf6fKeUIhi9BfBEuXI0TElxeli0W0w6Gz3JB0
HSAnf4He2WGvmqCITy8uoH9loZfQWYLivv2Qn9Qp+4vTVankpiJPUCUNhXbDAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUMfnUso1PThrsK7lAPxBjoKZphLEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM2MmUzMTMwMzMyZTM0
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKSZygw
DQYJKoZIhvcNAQELBQADggEBAF+gEk39AR8z7bp6JmPVL8IRCnJLH4jNVDSTxmuw
2KExcTD6VTMi/a2FnfSUpGDij77ZOtUoOrhV6sbp5vpBnJ8UqZ0zZxkHeI8XNcDV
r2SK1UlHTRxVVS3N3X5vdxOA+bjq0a9L0fkVIyjNaEEkNQVTd/Qr5YodqN/leCms
7I0ovAAArkqkZXi1Qg7hUUhjkR7+NX7mgB65ZZ0apQ/W4BXusfOn0BIKj7gSMy8r
h7cWaTUPoSqeF+RRIXj712623dGkfD2+ISAjYO2ExPVZNGhOb2Ol7+J6q8zo9q0W
zqrAwZSdMe320a2PUy6FR5se4astShIsCm6zqWGPpTn05ok=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org