Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32392e302f32342d3234203d3e203239383032.roa
File: 3134372e37392e32392e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: EE10DEE5TzVW8wENysZTyiu0V9liZ2gt7vEJFkmkjWs=
Subject key identifier: 48:B0:0F:5F:A2:58:4A:92:DC:FC:F2:3A:D6:A6:10:39:9D:59:44:40
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 09F900A68A85D5E3AF2A2D96763959E15CDFB6D0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32392e302f32342d3234203d3e203239383032.roa
Signing time: Wed 03 Apr 2024 17:16:15 +0000
ROA not before: Wed 03 Apr 2024 17:11:15 +0000
ROA not after: Wed 02 Apr 2025 17:16:15 +0000
asID: 29802
IP address blocks: 147.79.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:f9:00:a6:8a:85:d5:e3:af:2a:2d:96:76:39:59:e1:5c:df:b6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 3 17:11:15 2024 GMT
Not After : Apr 2 17:16:15 2025 GMT
Subject: CN=48B00F5FA2584A92DCFCF23AD6A610399D594440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:75:17:70:fb:b5:29:77:d9:8a:fc:a9:85:d2:
be:81:01:56:7f:5f:f8:33:93:e9:b4:7a:50:8d:07:
61:59:9c:e8:a5:d9:b3:75:f3:18:28:08:11:82:2e:
4f:1d:7f:9a:e2:d1:ad:71:38:5c:84:f3:77:9f:d5:
ec:83:1c:6c:e9:cd:90:fb:97:89:33:a2:b0:1f:16:
eb:21:51:af:eb:df:18:04:2c:69:72:3b:70:9a:19:
f4:33:96:35:c3:91:15:1d:21:88:dc:e2:81:d5:5a:
99:b7:4a:76:30:08:3e:30:ff:a0:ab:f4:a6:bd:0f:
01:0b:eb:e6:d5:75:3d:da:63:e7:96:83:36:e2:69:
89:ba:6b:5a:dc:86:b8:06:62:ba:d9:c4:aa:a3:f0:
31:f5:89:c8:a7:1b:89:21:2c:e8:cc:fb:49:07:6a:
7c:f5:ee:47:66:4a:98:f9:15:64:c8:d4:b5:c3:71:
59:f2:a8:f7:3b:05:8f:d6:32:a2:4e:f8:bd:b0:3e:
0b:76:d1:e0:0d:51:09:83:9e:8a:2e:23:95:e1:b9:
90:f4:54:9e:79:b7:e0:ca:cc:16:44:25:70:76:44:
b9:7e:a8:1c:e4:e8:8f:3a:3f:44:12:dd:36:7b:9d:
b9:b5:df:2b:cc:56:85:59:0c:d2:77:86:16:53:cd:
31:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B0:0F:5F:A2:58:4A:92:DC:FC:F2:3A:D6:A6:10:39:9D:59:44:40
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e32392e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:c9:06:87:4f:5d:78:7b:a0:96:88:d7:40:9b:6e:55:e4:0e:
dd:be:2d:5f:ac:c5:46:52:20:60:8b:27:53:4b:0d:a1:08:9f:
72:84:7a:ab:54:46:35:f1:ad:fd:a8:83:29:25:bc:48:0e:ca:
05:5b:a1:0c:3d:f3:b8:9a:f1:62:67:57:26:14:8e:ef:a0:05:
a5:13:c9:4b:f3:7a:77:3a:44:bb:87:b5:a3:88:78:eb:08:e6:
65:aa:1e:a9:0a:6c:8b:21:43:27:e1:f4:6e:8a:29:c4:cd:3e:
1f:05:f1:e2:aa:85:b2:17:9c:51:b8:4c:97:27:1e:9a:9c:80:
f2:30:2b:a4:91:31:ac:01:9a:46:92:7b:fe:1b:ed:d7:e9:21:
5d:ec:83:44:cb:24:be:0b:b7:36:e3:ac:22:b2:ae:4b:a9:3f:
65:76:c7:11:ba:a2:af:c3:c4:e2:04:d1:ce:4f:5f:d5:23:ad:
05:b6:29:20:40:43:34:3f:46:b6:9a:91:f8:dd:53:94:42:2e:
54:39:c8:3d:5e:7e:f1:09:cd:e2:aa:d8:d5:f8:ca:d2:c1:57:
ec:3c:a2:1c:3b:66:a4:c9:97:e9:e7:80:fa:f3:04:f8:9c:5f:
2b:c4:32:33:06:7f:56:8d:a8:6e:65:a1:68:1f:b1:62:52:73:
39:76:41:d4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCfkApoqF1eOvKi2WdjlZ4VzfttAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MDMxNzExMTVaFw0yNTA0MDIxNzE2MTVaMDMxMTAvBgNV
BAMTKDQ4QjAwRjVGQTI1ODRBOTJEQ0ZDRjIzQUQ2QTYxMDM5OUQ1OTQ0NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrdRdw+7Upd9mK/KmF0r6BAVZ/
X/gzk+m0elCNB2FZnOil2bN18xgoCBGCLk8df5ri0a1xOFyE83ef1eyDHGzpzZD7
l4kzorAfFushUa/r3xgELGlyO3CaGfQzljXDkRUdIYjc4oHVWpm3SnYwCD4w/6Cr
9Ka9DwEL6+bVdT3aY+eWgzbiaYm6a1rchrgGYrrZxKqj8DH1icinG4khLOjM+0kH
anz17kdmSpj5FWTI1LXDcVnyqPc7BY/WMqJO+L2wPgt20eANUQmDnoouI5XhuZD0
VJ55t+DKzBZEJXB2RLl+qBzk6I86P0QS3TZ7nbm13yvMVoVZDNJ3hhZTzTGnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUSLAPX6JYSpLc/PI61qYQOZ1ZREAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJNP
HTANBgkqhkiG9w0BAQsFAAOCAQEAuMkGh09deHuglojXQJtuVeQO3b4tX6zFRlIg
YIsnU0sNoQifcoR6q1RGNfGt/aiDKSW8SA7KBVuhDD3zuJrxYmdXJhSO76AFpRPJ
S/N6dzpEu4e1o4h46wjmZaoeqQpsiyFDJ+H0boopxM0+HwXx4qqFshecUbhMlyce
mpyA8jArpJExrAGaRpJ7/hvt1+khXeyDRMskvgu3NuOsIrKuS6k/ZXbHEbqir8PE
4gTRzk9f1SOtBbYpIEBDND9GtpqR+N1TlEIuVDnIPV5+8QnN4qrY1fjK0sFX7Dyi
HDtmpMmX6eeA+vME+JxfK8QyMwZ/Vo2obmWhaB+xYlJzOXZB1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org