Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32302e302f32322d3232203d3e20313734.roa
File: 3134372e37392e32302e302f32322d3232203d3e20313734.roa (raw, json)
Hash identifier: 91BX5H2VOodm2WKN7sfEn38gfVU5GWexaAdnSLj7gtc=
Subject key identifier: B1:EE:50:70:2F:52:3C:FA:8D:CA:69:3B:2F:9A:5F:55:24:E5:AA:2C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 26DB0A6C926A3B04EFF229E9D52B4467CBEB2970
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32302e302f32322d3232203d3e20313734.roa
Signing time: Tue 05 Mar 2024 10:20:04 +0000
ROA not before: Tue 05 Mar 2024 10:15:04 +0000
ROA not after: Tue 04 Mar 2025 10:20:04 +0000
asID: 174
IP address blocks: 147.79.20.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 18 Mar 2024 14:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:db:0a:6c:92:6a:3b:04:ef:f2:29:e9:d5:2b:44:67:cb:eb:29:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 5 10:15:04 2024 GMT
Not After : Mar 4 10:20:04 2025 GMT
Subject: CN=B1EE50702F523CFA8DCA693B2F9A5F5524E5AA2C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f7:09:37:68:a6:bd:4d:06:a0:3c:e4:75:63:
9e:24:b6:2a:36:8f:4b:7d:b9:a0:f7:5d:2f:80:86:
45:7f:be:9d:97:aa:64:06:2d:10:2e:b9:e1:9e:4d:
93:bf:cd:59:18:04:d6:54:ea:af:1c:30:3d:41:d0:
50:49:5a:b4:be:6e:7b:3d:89:14:04:18:27:9d:06:
d2:fb:a9:e1:96:30:b5:21:8a:3e:62:a3:67:5e:ab:
d7:b9:dd:7c:6e:65:61:9f:04:b4:68:36:eb:bf:17:
b7:a1:2a:97:da:e9:8a:10:66:1c:70:b3:ee:20:0e:
a6:6a:9e:87:82:b3:b7:d5:a3:c5:14:58:90:3c:d9:
9d:ff:e3:ca:dc:ee:4c:99:7f:76:b9:d4:38:2a:e1:
db:aa:0b:2d:c7:39:97:ca:c5:4e:3e:7c:6c:84:e9:
59:a3:87:05:da:9a:01:0c:0a:f5:4f:22:51:76:73:
48:42:4d:84:4d:99:57:91:25:d4:51:17:6f:8b:fd:
54:46:aa:d0:2f:a2:55:f1:58:26:25:0d:1d:26:e6:
65:60:6a:5c:79:93:d6:ce:22:55:22:4e:c5:9c:11:
fc:fb:71:60:80:06:64:a9:bf:e3:0a:51:97:82:ee:
16:65:33:db:1b:23:f1:ba:50:c4:72:b2:53:ba:95:
41:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:EE:50:70:2F:52:3C:FA:8D:CA:69:3B:2F:9A:5F:55:24:E5:AA:2C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32302e302f32322d3232203d3e20313734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.20.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:b7:f3:1a:cd:55:5f:2d:19:c6:b0:2a:52:31:3b:86:a6:9e:
22:8c:3f:c5:2e:74:c7:0b:e1:db:07:bd:80:78:29:2e:62:c1:
15:62:c0:57:dc:05:77:b0:fd:59:56:49:1e:1d:b6:78:a5:87:
b4:9c:bc:ec:e0:10:70:f7:70:8b:08:51:d8:45:ee:b4:4e:11:
e2:3f:ab:8c:69:4b:10:83:d8:d2:9e:e2:a1:fc:82:d0:9c:3d:
62:dd:86:21:f7:2a:f7:da:20:4e:55:16:be:33:12:5b:00:21:
d7:d9:67:2c:4e:8b:54:57:58:50:5e:fc:7f:26:b7:ff:f8:f8:
47:12:4f:2a:bd:a0:ae:7e:0f:09:9d:76:46:6f:9e:77:22:12:
e8:14:7e:2e:ff:1d:ef:d4:ed:92:cb:a4:e8:1d:56:99:e5:8c:
fc:bb:1d:dd:61:38:47:29:17:82:d5:b1:72:0a:fb:d4:17:e9:
a2:76:22:a1:94:74:b6:c7:db:63:b3:3d:ad:3f:38:7f:e0:b2:
fe:73:bc:00:6a:37:cb:d8:1a:60:68:23:e2:7d:20:66:ca:1f:
61:8d:f2:06:0b:22:f2:d5:92:7a:4b:bc:58:6e:70:20:53:d8:
4f:78:d9:87:64:d8:89:91:a5:b8:23:ed:1f:0e:4f:24:ab:98:
df:b3:4f:34
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUJtsKbJJqOwTv8inp1StEZ8vrKXAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMDUxMDE1MDRaFw0yNTAzMDQxMDIwMDRaMDMxMTAvBgNV
BAMTKEIxRUU1MDcwMkY1MjNDRkE4RENBNjkzQjJGOUE1RjU1MjRFNUFBMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk9wk3aKa9TQagPOR1Y54ktio2
j0t9uaD3XS+AhkV/vp2XqmQGLRAuueGeTZO/zVkYBNZU6q8cMD1B0FBJWrS+bns9
iRQEGCedBtL7qeGWMLUhij5io2deq9e53XxuZWGfBLRoNuu/F7ehKpfa6YoQZhxw
s+4gDqZqnoeCs7fVo8UUWJA82Z3/48rc7kyZf3a51Dgq4duqCy3HOZfKxU4+fGyE
6VmjhwXamgEMCvVPIlF2c0hCTYRNmVeRJdRRF2+L/VRGqtAvolXxWCYlDR0m5mVg
alx5k9bOIlUiTsWcEfz7cWCABmSpv+MKUZeC7hZlM9sbI/G6UMRyslO6lUH7AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUse5QcC9SPPqNymk7L5pfVSTlqiwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjMw
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEzNzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk08UMA0G
CSqGSIb3DQEBCwUAA4IBAQBPt/MazVVfLRnGsCpSMTuGpp4ijD/FLnTHC+HbB72A
eCkuYsEVYsBX3AV3sP1ZVkkeHbZ4pYe0nLzs4BBw93CLCFHYRe60ThHiP6uMaUsQ
g9jSnuKh/ILQnD1i3YYh9yr32iBOVRa+MxJbACHX2WcsTotUV1hQXvx/Jrf/+PhH
Ek8qvaCufg8JnXZGb553IhLoFH4u/x3v1O2Sy6ToHVaZ5Yz8ux3dYThHKReC1bFy
CvvUF+midiKhlHS2x9tjsz2tPzh/4LL+c7wAajfL2BpgaCPifSBmyh9hjfIGCyLy
1ZJ6S7xYbnAgU9hPeNmHZNiJkaW4I+0fDk8kq5jfs080
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org