Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3132382e302f32302d3230203d3e2030.roa
File: 3134382e3133352e3132382e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: CteXGS4a/86XWmYVn1ZUcdNUNOHM2sqGTjKXpQuraHg=
Subject key identifier: A1:FF:AD:98:C7:48:99:3C:85:50:35:6F:28:B2:F8:B9:AE:50:17:82
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5446A61DD120784BB10E1A5DD724A7EAE37728FE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3132382e302f32302d3230203d3e2030.roa
Signing time: Fri 05 Jan 2024 10:05:08 +0000
ROA not before: Fri 05 Jan 2024 10:00:08 +0000
ROA not after: Fri 03 Jan 2025 10:05:08 +0000
asID: 0
IP address blocks: 148.135.128.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:46:a6:1d:d1:20:78:4b:b1:0e:1a:5d:d7:24:a7:ea:e3:77:28:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 5 10:00:08 2024 GMT
Not After : Jan 3 10:05:08 2025 GMT
Subject: CN=A1FFAD98C748993C8550356F28B2F8B9AE501782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:dc:b3:16:1c:55:d1:7c:16:bd:67:7c:33:86:
1f:d1:ca:21:d6:1e:fd:43:ca:59:20:a0:82:60:a6:
d8:02:d4:6a:e5:37:35:bb:02:00:b0:df:54:3f:e8:
36:8d:7f:f5:46:31:45:e5:22:2d:52:1b:ac:d3:d0:
c7:e4:e1:4c:b4:68:64:8f:98:d1:99:e5:2e:ee:3d:
7e:b5:00:6e:fd:f7:05:fc:17:b7:77:ce:22:a2:32:
91:45:09:ef:f9:1a:06:5e:41:a6:5b:17:72:9a:d2:
ea:20:08:a0:4f:ba:eb:82:cf:f3:71:59:ee:42:8e:
81:bf:80:c6:9b:62:44:bd:49:a0:60:49:15:a9:49:
32:fc:90:ce:20:bc:86:1e:5c:55:18:22:c8:2e:43:
1b:4d:18:29:6d:0b:6d:34:6e:fe:77:d0:29:a2:b4:
5d:59:d3:97:cc:0a:00:ce:64:77:01:bf:30:7b:cf:
c5:d1:b0:f2:04:0d:be:31:34:ce:4f:c7:7e:46:9f:
d4:fa:24:01:8e:91:4f:c4:3f:f1:71:d7:54:1a:03:
ae:aa:f3:73:2b:fe:76:38:33:45:bd:f5:54:04:05:
ea:b9:2e:35:1e:7e:3a:f3:fa:97:42:5a:d7:3a:84:
ea:6a:ed:4b:6e:4c:c7:88:4b:56:e1:a8:20:dc:4d:
ec:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FF:AD:98:C7:48:99:3C:85:50:35:6F:28:B2:F8:B9:AE:50:17:82
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3132382e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.128.0/20
Signature Algorithm: sha256WithRSAEncryption
95:af:31:a9:da:8b:30:d0:40:19:24:47:55:b4:c7:1e:73:5e:
98:be:b1:19:e1:2a:20:93:07:8e:3f:dd:58:95:7a:9b:d9:1b:
08:2c:80:d6:0d:a9:47:d5:f0:05:24:cc:26:d5:0f:96:67:e4:
b7:da:4a:71:0a:9c:45:de:c1:9a:79:4e:e3:59:eb:37:63:e3:
64:eb:9b:3a:68:c9:8a:d2:8d:e1:f7:e7:cf:98:c4:b9:8d:8a:
fa:4d:b5:ac:cb:9f:d2:4d:f1:fb:af:2b:8a:55:39:bc:73:78:
5d:99:11:ee:bd:0f:d6:30:a0:95:ef:5d:dc:71:6f:49:ed:66:
6a:c1:cd:47:60:e5:ad:e4:85:24:f7:37:8f:ff:d4:85:c7:d9:
89:2a:e5:76:52:b4:cd:51:25:a5:64:b6:b8:26:99:6f:ea:5c:
cf:ae:73:c8:49:64:f1:4f:a3:24:04:f4:0f:d4:1e:13:d7:e3:
9a:a1:de:8e:c7:69:9f:55:6f:f3:29:36:a9:5f:40:82:a0:97:
21:77:62:5e:70:77:d4:03:96:70:e7:04:a5:72:50:90:61:08:
65:af:c8:27:8b:1c:a0:89:56:b7:50:d8:33:c0:7b:d0:11:17:
a9:4c:1d:92:b0:c1:f2:7f:ea:d3:3f:e1:c3:5b:dd:32:13:93:
ef:bd:39:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUVEamHdEgeEuxDhpd1ySn6uN3KP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAxMDUxMDAwMDhaFw0yNTAxMDMxMDA1MDhaMDMxMTAvBgNV
BAMTKEExRkZBRDk4Qzc0ODk5M0M4NTUwMzU2RjI4QjJGOEI5QUU1MDE3ODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD63LMWHFXRfBa9Z3wzhh/RyiHW
Hv1DylkgoIJgptgC1GrlNzW7AgCw31Q/6DaNf/VGMUXlIi1SG6zT0Mfk4Uy0aGSP
mNGZ5S7uPX61AG799wX8F7d3ziKiMpFFCe/5GgZeQaZbF3Ka0uogCKBPuuuCz/Nx
We5CjoG/gMabYkS9SaBgSRWpSTL8kM4gvIYeXFUYIsguQxtNGCltC200bv530Cmi
tF1Z05fMCgDOZHcBvzB7z8XRsPIEDb4xNM5Px35Gn9T6JAGOkU/EP/Fx11QaA66q
83Mr/nY4M0W99VQEBeq5LjUefjrz+pdCWtc6hOpq7UtuTMeIS1bhqCDcTezBAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUof+tmMdImTyFUDVvKLL4ua5QF4IwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMx
MzIzODJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQElIeAMA0G
CSqGSIb3DQEBCwUAA4IBAQCVrzGp2osw0EAZJEdVtMcec16YvrEZ4SogkweOP91Y
lXqb2RsILIDWDalH1fAFJMwm1Q+WZ+S32kpxCpxF3sGaeU7jWes3Y+Nk65s6aMmK
0o3h9+fPmMS5jYr6TbWsy5/STfH7ryuKVTm8c3hdmRHuvQ/WMKCV713ccW9J7WZq
wc1HYOWt5IUk9zeP/9SFx9mJKuV2UrTNUSWlZLa4Jplv6lzPrnPISWTxT6MkBPQP
1B4T1+Oaod6Ox2mfVW/zKTapX0CCoJchd2JecHfUA5Zw5wSlclCQYQhlr8gnixyg
iVa3UNgzwHvQERepTB2SsMHyf+rTP+HDW90yE5PvvTn4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org