Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e36342e302f32302d3234203d3e203136353039.roa
File: 3134372e37392e36342e302f32302d3234203d3e203136353039.roa (raw, json)
Hash identifier: z3in+cgK284i3lE7+3IHMAQ81VJPiFHhG25yztIn8I8=
Subject key identifier: DB:76:F5:46:E3:D3:A5:AC:E8:BE:23:5C:46:EA:18:FC:30:54:DA:18
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4D0E1D2CC552C0F60E1A727555BB914D867AB3E9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e36342e302f32302d3234203d3e203136353039.roa
Signing time: Sun 31 Mar 2024 16:43:57 +0000
ROA not before: Sun 31 Mar 2024 16:38:57 +0000
ROA not after: Sun 30 Mar 2025 16:43:57 +0000
asID: 16509
IP address blocks: 147.79.64.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:0e:1d:2c:c5:52:c0:f6:0e:1a:72:75:55:bb:91:4d:86:7a:b3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 31 16:38:57 2024 GMT
Not After : Mar 30 16:43:57 2025 GMT
Subject: CN=DB76F546E3D3A5ACE8BE235C46EA18FC3054DA18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:14:34:51:70:7e:a4:ee:96:5f:e8:ba:57:77:
a1:dd:13:90:a3:8e:84:8b:50:3a:17:4c:12:11:29:
23:e1:e4:14:86:92:ce:7e:63:d4:61:ab:24:e4:e4:
e3:10:d6:9b:81:23:b0:85:1e:2e:03:e2:41:65:30:
5b:d8:0f:d3:e5:77:7a:d8:37:65:50:bc:4b:3b:c1:
e1:00:d9:32:e6:f3:3e:62:20:62:d7:58:c2:0c:f0:
34:ba:22:84:84:43:55:fa:b7:48:a6:45:98:cb:a8:
87:fc:c7:3f:39:e6:45:6d:78:e0:97:8e:8b:c1:a6:
25:eb:02:a0:4e:94:39:26:e2:45:70:9c:0b:15:10:
c6:df:a8:f1:a3:ee:06:07:3a:4d:26:40:f2:2e:5b:
93:b6:6f:7c:c0:9f:f5:b9:ab:0f:42:ca:af:09:06:
f9:aa:a7:d6:ff:dd:93:aa:74:6b:e8:a7:4c:61:ed:
3a:3c:fb:9f:09:09:a0:b9:bb:3a:8e:c8:e6:4d:6c:
84:71:48:e2:dd:26:28:1b:e8:32:c9:ee:1f:a5:12:
4f:5d:3a:53:a0:3d:29:01:ef:a7:28:20:ac:89:fe:
0f:c3:ee:d6:a3:fd:5c:e4:17:5c:c0:b3:d1:e5:8a:
a1:2e:cb:61:e3:f9:90:50:7d:45:06:c8:37:0e:c7:
49:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:76:F5:46:E3:D3:A5:AC:E8:BE:23:5C:46:EA:18:FC:30:54:DA:18
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134372e37392e36342e302f32302d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.64.0/20
Signature Algorithm: sha256WithRSAEncryption
42:52:60:a8:7b:e0:30:50:b3:8f:a5:ab:31:88:40:e1:28:93:
63:97:a2:a2:df:6b:20:8e:6f:f3:f8:7e:de:22:e9:6a:66:8e:
54:45:29:15:57:5d:77:df:da:2f:9c:2f:8c:c1:ef:2b:cd:35:
87:7e:b6:8c:63:b4:d0:94:86:13:0f:b3:40:e3:6b:ec:a6:16:
1c:38:45:83:31:1b:02:c1:db:32:5d:9a:35:9e:5d:65:90:95:
f8:03:e9:78:6f:0b:76:43:ee:e5:e0:cf:b4:14:8c:3f:74:e8:
38:99:54:04:13:ee:ea:63:81:44:1b:5c:2a:7a:39:1d:85:d8:
60:39:00:a2:67:c2:7c:8a:fc:13:c9:6e:ae:86:4d:47:ad:78:
90:0d:b7:20:a0:95:8d:a6:75:71:19:2f:75:b3:a6:90:45:fc:
b0:a9:04:dd:e2:df:8c:0a:98:12:02:66:e3:a3:d2:7c:56:b7:
d5:80:49:69:d1:04:22:42:b3:63:10:e2:ff:3f:e9:63:2c:3f:
90:42:10:39:90:87:8f:b2:db:a3:a1:54:84:d9:58:1e:44:d5:
2b:b9:cf:05:dd:36:09:28:dc:b8:77:29:44:47:46:23:c4:91:
4d:5e:44:26:1c:b9:8e:98:24:51:f4:e5:92:f6:ea:59:e2:63:
84:25:35:b0
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTQ4dLMVSwPYOGnJ1VbuRTYZ6s+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAzMzExNjM4NTdaFw0yNTAzMzAxNjQzNTdaMDMxMTAvBgNV
BAMTKERCNzZGNTQ2RTNEM0E1QUNFOEJFMjM1QzQ2RUExOEZDMzA1NERBMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1FDRRcH6k7pZf6LpXd6HdE5Cj
joSLUDoXTBIRKSPh5BSGks5+Y9RhqyTk5OMQ1puBI7CFHi4D4kFlMFvYD9Pld3rY
N2VQvEs7weEA2TLm8z5iIGLXWMIM8DS6IoSEQ1X6t0imRZjLqIf8xz855kVteOCX
jovBpiXrAqBOlDkm4kVwnAsVEMbfqPGj7gYHOk0mQPIuW5O2b3zAn/W5qw9Cyq8J
Bvmqp9b/3ZOqdGvop0xh7To8+58JCaC5uzqOyOZNbIRxSOLdJigb6DLJ7h+lEk9d
OlOgPSkB76coIKyJ/g/D7taj/VzkF1zAs9HliqEuy2Hj+ZBQfUUGyDcOx0m/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU23b1RuPTpazoviNcRuoY/DBU2hgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM3MmUzNzM5MmUzNjM0
MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJNP
QDANBgkqhkiG9w0BAQsFAAOCAQEAQlJgqHvgMFCzj6WrMYhA4SiTY5eiot9rII5v
8/h+3iLpamaOVEUpFVddd9/aL5wvjMHvK801h362jGO00JSGEw+zQONr7KYWHDhF
gzEbAsHbMl2aNZ5dZZCV+APpeG8LdkPu5eDPtBSMP3ToOJlUBBPu6mOBRBtcKno5
HYXYYDkAomfCfIr8E8luroZNR614kA23IKCVjaZ1cRkvdbOmkEX8sKkE3eLfjAqY
EgJm46PSfFa31YBJadEEIkKzYxDi/z/pYyw/kEIQOZCHj7Lbo6FUhNlYHkTVK7nP
Bd02CSjcuHcpREdGI8SRTV5EJhy5jpgkUfTlkvbqWeJjhCU1sA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org