Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32382e302f32342d3234203d3e20383334.roa
File: 3134372e37392e32382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: i4WvKXcrUKH/d2sxwkAW8tBJik1QBQnNPSRy4uyazMY=
Subject key identifier: AD:D8:9C:68:DA:6D:4B:78:32:06:80:6D:64:E5:A6:02:59:3F:F3:14
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 45DC91D3D416EAC06D8D8C4089321ABB86E515A4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32382e302f32342d3234203d3e20383334.roa
Signing time: Wed 03 Apr 2024 17:18:56 +0000
ROA not before: Wed 03 Apr 2024 17:13:56 +0000
ROA not after: Wed 02 Apr 2025 17:18:56 +0000
asID: 834
IP address blocks: 147.79.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:dc:91:d3:d4:16:ea:c0:6d:8d:8c:40:89:32:1a:bb:86:e5:15:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 3 17:13:56 2024 GMT
Not After : Apr 2 17:18:56 2025 GMT
Subject: CN=ADD89C68DA6D4B783206806D64E5A602593FF314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c1:f8:60:49:94:17:a8:f1:3c:e5:fb:65:ba:
5b:e5:ee:6d:6f:5c:93:61:48:aa:5e:3e:0d:a7:02:
7d:e9:8c:a8:b9:f3:20:db:d2:93:be:2d:b2:ad:06:
3e:e8:d8:fc:68:fe:e4:eb:62:29:ea:d6:e8:0e:bc:
89:7b:6a:ed:b9:b4:34:bc:c0:44:4f:bd:93:5f:81:
8c:58:f9:9b:3d:ce:36:aa:d7:9c:d3:e6:58:1a:f5:
75:de:22:37:3d:c7:3a:23:11:e4:60:b4:d6:e6:45:
f1:7e:5c:f7:1d:6b:80:b7:ce:2e:84:ac:dc:60:ea:
04:8b:00:2f:2b:1a:7b:46:b6:19:05:80:8b:c9:eb:
1f:54:37:07:67:29:c3:68:bd:dc:2f:ed:6a:46:79:
0b:18:7a:5d:29:aa:ac:6e:89:a3:ba:96:4d:fa:fe:
0e:d6:05:64:fe:15:98:f6:0e:fe:14:5f:4c:02:0c:
f2:d2:c4:3e:64:62:88:18:ea:3f:28:ec:3c:27:31:
8a:14:54:58:82:b5:36:b3:ca:02:33:d1:20:34:a1:
70:23:da:99:c7:bb:43:41:83:78:d0:3a:40:52:9b:
d7:34:9d:9e:16:66:28:9a:83:12:33:77:d9:0c:e9:
bb:b0:d9:30:b7:90:cb:89:07:64:0f:25:6d:01:75:
ac:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D8:9C:68:DA:6D:4B:78:32:06:80:6D:64:E5:A6:02:59:3F:F3:14
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.28.0/24
Signature Algorithm: sha256WithRSAEncryption
15:d2:61:35:c1:99:a4:44:c9:82:f0:a5:bd:86:08:65:3c:49:
b5:a9:d1:e4:98:de:2c:f0:c3:39:72:d8:54:ee:d4:24:e0:d6:
28:b6:b8:eb:1c:71:d2:dd:22:55:b0:3e:f2:b0:24:0e:f4:10:
a9:0a:fd:41:ab:31:15:81:9a:3f:a8:7e:58:0d:64:3a:62:2c:
e7:39:0e:4e:e3:e4:76:e5:d2:cf:ac:98:0e:7b:b8:77:2a:9e:
60:87:6d:57:e3:c9:2e:4a:9b:71:f6:2f:63:53:b3:6a:c6:0e:
de:09:4e:8f:32:e8:39:ab:04:8f:89:12:f5:df:12:7d:28:89:
8b:d7:21:58:be:f1:0f:e2:fa:6a:2c:74:2e:7c:0b:cc:98:bb:
88:0e:ee:51:e8:a0:03:b7:b7:08:ce:a3:68:99:43:f9:5a:cb:
f5:a1:1e:96:dc:44:4b:37:73:14:ee:8b:c8:12:2e:81:a1:cc:
ed:cf:79:40:23:17:a5:a2:30:d4:88:cf:b5:55:3a:9f:92:10:
e3:b2:38:0e:32:68:29:47:88:71:7e:8b:74:a2:8b:58:19:11:
8d:26:d6:ae:9b:d1:6d:a9:d3:cf:7a:c8:75:c3:1b:d5:2a:28:
27:a6:35:82:a5:78:09:1c:d8:9a:25:52:e1:9e:17:9a:14:4d:
4a:88:8b:ee
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIURdyR09QW6sBtjYxAiTIau4blFaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MDMxNzEzNTZaFw0yNTA0MDIxNzE4NTZaMDMxMTAvBgNV
BAMTKEFERDg5QzY4REE2RDRCNzgzMjA2ODA2RDY0RTVBNjAyNTkzRkYzMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuwfhgSZQXqPE85ftlulvl7m1v
XJNhSKpePg2nAn3pjKi58yDb0pO+LbKtBj7o2Pxo/uTrYinq1ugOvIl7au25tDS8
wERPvZNfgYxY+Zs9zjaq15zT5lga9XXeIjc9xzojEeRgtNbmRfF+XPcda4C3zi6E
rNxg6gSLAC8rGntGthkFgIvJ6x9UNwdnKcNovdwv7WpGeQsYel0pqqxuiaO6lk36
/g7WBWT+FZj2Dv4UX0wCDPLSxD5kYogY6j8o7DwnMYoUVFiCtTazygIz0SA0oXAj
2pnHu0NBg3jQOkBSm9c0nZ4WZiiagxIzd9kM6buw2TC3kMuJB2QPJW0BdawnAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUrdicaNptS3gyBoBtZOWmAlk/8xQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk08cMA0G
CSqGSIb3DQEBCwUAA4IBAQAV0mE1wZmkRMmC8KW9hghlPEm1qdHkmN4s8MM5cthU
7tQk4NYotrjrHHHS3SJVsD7ysCQO9BCpCv1BqzEVgZo/qH5YDWQ6YiznOQ5O4+R2
5dLPrJgOe7h3Kp5gh21X48kuSptx9i9jU7Nqxg7eCU6PMug5qwSPiRL13xJ9KImL
1yFYvvEP4vpqLHQufAvMmLuIDu5R6KADt7cIzqNomUP5Wsv1oR6W3ERLN3MU7ovI
Ei6Bocztz3lAIxelojDUiM+1VTqfkhDjsjgOMmgpR4hxfot0ootYGRGNJtaum9Ft
qdPPesh1wxvVKignpjWCpXgJHNiaJVLhnheaFE1KiIvu
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org