Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e382e302f32332d3233203d3e203239303636.roa
File: 3134362e3130332e382e302f32332d3233203d3e203239303636.roa (raw, json)
Hash identifier: fJYuGW5nLpGD3ayuCNG5sL58D3B36QkBgRO9Gbo+NSY=
Subject key identifier: EC:D4:E4:C2:8D:1D:FA:0D:E7:04:A3:FE:02:50:80:20:95:E6:58:4D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6D55F0254026D98AFFDFD4B083FE2C921F0CDA49
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e382e302f32332d3233203d3e203239303636.roa
Signing time: Sun 24 Mar 2024 21:45:28 +0000
ROA not before: Sun 24 Mar 2024 21:40:28 +0000
ROA not after: Sun 23 Mar 2025 21:45:28 +0000
asID: 29066
IP address blocks: 146.103.8.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:55:f0:25:40:26:d9:8a:ff:df:d4:b0:83:fe:2c:92:1f:0c:da:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 24 21:40:28 2024 GMT
Not After : Mar 23 21:45:28 2025 GMT
Subject: CN=ECD4E4C28D1DFA0DE704A3FE0250802095E6584D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:67:a1:a8:2c:43:42:59:8f:b9:a3:78:11:1a:
ee:42:11:b2:31:6b:b2:b8:f8:12:06:06:df:a6:82:
39:37:e0:ff:61:f9:df:f2:5f:f7:07:35:c4:3e:a7:
38:c7:24:c3:3f:70:78:5f:ab:b2:7a:98:6f:ad:cd:
07:c3:3d:07:5e:c5:ed:53:90:41:83:ab:e3:f3:d5:
91:44:a6:3d:d5:24:ca:37:a5:08:01:06:77:4b:b9:
ea:8d:fb:07:39:87:be:ee:f6:c0:20:cc:a4:00:19:
ef:23:04:79:b7:59:ad:d3:bc:53:44:91:4a:6b:56:
b9:3a:0f:da:23:3c:31:e1:1f:2f:f3:3e:21:09:14:
cc:e3:db:f0:01:36:ee:45:d9:b8:a3:e4:61:fe:b6:
94:74:24:2a:3c:a7:69:db:11:c7:bf:42:3b:c2:fa:
e8:99:ac:90:58:f5:f3:be:1c:67:58:c3:38:ad:9e:
e5:91:66:da:7c:ef:53:21:26:ee:a2:0e:93:93:af:
13:fa:bd:ca:ce:49:9f:b7:b6:fc:b3:45:1f:b2:88:
9f:a3:b4:a5:31:10:48:cb:15:4a:ba:e3:62:44:92:
3c:4c:bd:8e:60:30:a0:06:66:58:e6:60:63:88:72:
88:46:30:5c:5d:73:11:61:b3:94:1b:c3:89:aa:1e:
35:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D4:E4:C2:8D:1D:FA:0D:E7:04:A3:FE:02:50:80:20:95:E6:58:4D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134362e3130332e382e302f32332d3233203d3e203239303636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.8.0/23
Signature Algorithm: sha256WithRSAEncryption
b2:24:3e:d6:1d:6b:aa:1f:9c:bc:82:3e:93:12:c5:d2:54:16:
67:d6:8e:07:a5:f1:13:89:dd:0d:0d:f0:51:ef:56:00:51:45:
71:05:1e:87:6e:46:e6:d8:f7:f6:2e:f5:ca:1d:85:e0:7d:78:
9b:6c:f9:a2:da:bc:45:f3:35:6c:c0:83:63:e2:cc:45:90:41:
5d:21:20:69:f6:cd:2f:0a:bc:28:15:68:0f:31:1d:dd:ca:14:
b8:bc:32:7d:64:d8:e5:09:4d:62:0d:c6:a6:db:7e:03:04:51:
d1:ac:f8:ac:2c:44:74:53:d2:ae:0f:1a:07:9e:c5:bf:71:2d:
52:a0:d7:55:95:ef:ec:42:d0:0f:43:79:54:10:e0:ff:8b:8b:
6d:7b:19:db:ae:66:8c:07:50:b7:9a:51:a8:29:55:86:75:23:
40:c2:79:60:49:25:60:8f:f9:92:a2:4d:57:67:02:b5:ea:66:
53:0d:83:43:11:df:48:8c:14:15:78:c8:e2:2c:23:f6:4b:43:
e4:28:3f:db:c8:99:2c:b5:8e:a6:b1:d2:13:20:17:ca:40:0f:
e8:ef:79:46:8b:fc:b9:20:05:af:b4:83:bd:90:5f:55:be:6e:
41:3e:b8:60:77:cc:77:4a:f7:c0:42:c5:e9:b0:ce:ee:a3:4a:
a7:b9:07:02
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUbVXwJUAm2Yr/39Swg/4skh8M2kkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMjQyMTQwMjhaFw0yNTAzMjMyMTQ1MjhaMDMxMTAvBgNV
BAMTKEVDRDRFNEMyOEQxREZBMERFNzA0QTNGRTAyNTA4MDIwOTVFNjU4NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Z6GoLENCWY+5o3gRGu5CEbIx
a7K4+BIGBt+mgjk34P9h+d/yX/cHNcQ+pzjHJMM/cHhfq7J6mG+tzQfDPQdexe1T
kEGDq+Pz1ZFEpj3VJMo3pQgBBndLueqN+wc5h77u9sAgzKQAGe8jBHm3Wa3TvFNE
kUprVrk6D9ojPDHhHy/zPiEJFMzj2/ABNu5F2bij5GH+tpR0JCo8p2nbEce/QjvC
+uiZrJBY9fO+HGdYwzitnuWRZtp871MhJu6iDpOTrxP6vcrOSZ+3tvyzRR+yiJ+j
tKUxEEjLFUq642JEkjxMvY5gMKAGZljmYGOIcohGMFxdcxFhs5Qbw4mqHjVfAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU7NTkwo0d+g3nBKP+AlCAIJXmWE0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM2MmUzMTMwMzMyZTM4
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzOTMwMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZJn
CDANBgkqhkiG9w0BAQsFAAOCAQEAsiQ+1h1rqh+cvII+kxLF0lQWZ9aOB6XxE4nd
DQ3wUe9WAFFFcQUeh25G5tj39i71yh2F4H14m2z5otq8RfM1bMCDY+LMRZBBXSEg
afbNLwq8KBVoDzEd3coUuLwyfWTY5QlNYg3Gptt+AwRR0az4rCxEdFPSrg8aB57F
v3EtUqDXVZXv7ELQD0N5VBDg/4uLbXsZ265mjAdQt5pRqClVhnUjQMJ5YEklYI/5
kqJNV2cCtepmUw2DQxHfSIwUFXjI4iwj9ktD5Cg/28iZLLWOprHSEyAXykAP6O95
Rov8uSAFr7SDvZBfVb5uQT64YHfMd0r3wELF6bDO7qNKp7kHAg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org