Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3230382e302f32302d3230203d3e2030.roa
File: 3134382e3133352e3230382e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: lra9ATrs9qHFcDq/SrCzb3X27PLcn7aL8NQg19sbDfY=
Subject key identifier: 0A:38:79:C5:BE:4A:F1:0B:89:EA:1A:AB:2E:1F:B0:63:57:EC:C8:FF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 49ED7C345CAEF34E3806571E5D6C304CF1FA5218
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3230382e302f32302d3230203d3e2030.roa
Signing time: Fri 05 Jan 2024 10:05:08 +0000
ROA not before: Fri 05 Jan 2024 10:00:08 +0000
ROA not after: Fri 03 Jan 2025 10:05:08 +0000
asID: 0
IP address blocks: 148.135.208.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ed:7c:34:5c:ae:f3:4e:38:06:57:1e:5d:6c:30:4c:f1:fa:52:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 5 10:00:08 2024 GMT
Not After : Jan 3 10:05:08 2025 GMT
Subject: CN=0A3879C5BE4AF10B89EA1AAB2E1FB06357ECC8FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ce:ed:73:52:6d:ea:d7:a6:8e:d7:cc:1a:02:
b4:7b:51:ee:00:66:03:c3:aa:7e:e1:46:ba:0c:98:
49:0f:e4:3e:70:99:c2:84:22:13:79:d5:6b:b3:97:
1d:d6:e3:5d:6f:8a:e7:69:c8:66:49:1d:0f:df:3b:
79:bd:0a:82:c6:06:90:2a:fe:cd:a0:ba:d4:83:d5:
2b:14:14:38:de:c8:93:ab:e9:34:66:91:3d:26:e9:
70:8b:1d:95:f9:a8:04:0b:62:cd:4d:46:a1:95:af:
4a:7b:ca:0b:b5:d9:e9:90:08:e9:5d:cb:26:50:da:
2f:cc:9a:58:33:1a:14:7d:e6:a9:83:ee:45:9b:dd:
8b:c9:61:89:a2:4e:2c:87:13:ae:de:0f:08:34:20:
06:0b:c3:84:93:6b:a8:cd:ce:e3:ee:b4:f2:31:9e:
9e:d5:45:ff:a1:0b:90:b3:1f:74:05:fe:31:3c:a5:
65:7f:31:75:15:9c:96:49:20:c5:3c:60:de:02:84:
9f:4c:3a:f0:2a:bf:1f:1e:ca:76:f0:1e:c5:10:1b:
26:5a:64:53:6b:35:a7:86:bc:e8:4f:a2:86:75:47:
eb:c2:04:12:06:5f:59:e6:c4:e0:e9:e8:c8:d8:63:
1c:71:3c:f4:67:81:09:73:a7:9b:b9:90:da:66:be:
1d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:38:79:C5:BE:4A:F1:0B:89:EA:1A:AB:2E:1F:B0:63:57:EC:C8:FF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3230382e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.208.0/20
Signature Algorithm: sha256WithRSAEncryption
47:a6:b0:da:d6:ce:fa:ac:2d:74:53:0f:d9:f0:3f:b4:50:6a:
76:07:79:1f:26:6f:01:84:91:51:64:32:c4:03:5f:b4:09:59:
bf:b4:9b:ee:2d:54:3a:82:e0:47:3b:12:e4:5b:27:15:5a:06:
71:8b:22:12:19:28:92:bf:b8:1a:80:0a:7b:5c:ce:72:21:2e:
4d:fc:47:16:89:0f:a3:9a:3f:04:37:00:b8:85:f4:de:a3:83:
e5:71:2f:ab:6d:e4:7b:f4:5e:0d:94:85:00:2d:b4:d5:99:93:
33:68:c9:6b:9b:77:df:d7:64:7b:e8:17:4d:e4:5b:18:e6:9a:
73:3a:3b:e8:94:47:b5:0a:6d:e2:96:54:6e:2c:42:4e:2f:bd:
ea:16:04:09:b7:bf:f3:f4:36:eb:88:61:00:f1:7f:4c:87:2c:
40:0f:27:1b:c1:66:1b:3e:31:55:a9:30:50:d3:fd:7f:41:2f:
de:e5:7d:be:99:00:c1:44:f8:07:da:13:8e:d3:46:99:e0:08:
92:24:dd:70:d0:20:84:e9:93:94:97:76:2d:a9:dc:d6:71:e4:
8e:5c:8d:75:7e:99:95:e6:ed:ec:92:46:ca:02:5b:46:8d:1e:
4d:76:27:3d:7b:6a:82:8b:d5:1b:b8:12:3d:5e:89:c0:28:b3:
ae:dd:28:dd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSe18NFyu8044BlceXWwwTPH6UhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAxMDUxMDAwMDhaFw0yNTAxMDMxMDA1MDhaMDMxMTAvBgNV
BAMTKDBBMzg3OUM1QkU0QUYxMEI4OUVBMUFBQjJFMUZCMDYzNTdFQ0M4RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7zu1zUm3q16aO18waArR7Ue4A
ZgPDqn7hRroMmEkP5D5wmcKEIhN51Wuzlx3W411viudpyGZJHQ/fO3m9CoLGBpAq
/s2gutSD1SsUFDjeyJOr6TRmkT0m6XCLHZX5qAQLYs1NRqGVr0p7ygu12emQCOld
yyZQ2i/MmlgzGhR95qmD7kWb3YvJYYmiTiyHE67eDwg0IAYLw4STa6jNzuPutPIx
np7VRf+hC5CzH3QF/jE8pWV/MXUVnJZJIMU8YN4ChJ9MOvAqvx8eynbwHsUQGyZa
ZFNrNaeGvOhPooZ1R+vCBBIGX1nmxODp6MjYYxxxPPRngQlzp5u5kNpmvh03AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUCjh5xb5K8QuJ6hqrLh+wY1fsyP8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMy
MzAzODJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQElIfQMA0G
CSqGSIb3DQEBCwUAA4IBAQBHprDa1s76rC10Uw/Z8D+0UGp2B3kfJm8BhJFRZDLE
A1+0CVm/tJvuLVQ6guBHOxLkWycVWgZxiyISGSiSv7gagAp7XM5yIS5N/EcWiQ+j
mj8ENwC4hfTeo4PlcS+rbeR79F4NlIUALbTVmZMzaMlrm3ff12R76BdN5FsY5ppz
OjvolEe1Cm3illRuLEJOL73qFgQJt7/z9DbriGEA8X9MhyxADycbwWYbPjFVqTBQ
0/1/QS/e5X2+mQDBRPgH2hOO00aZ4AiSJN1w0CCE6ZOUl3YtqdzWceSOXI11fpmV
5u3skkbKAltGjR5Ndic9e2qCi9UbuBI9XonAKLOu3Sjd
-----END CERTIFICATE-----
Generated at Sat Apr 6 12:13:38 2024 by rpki-client on console-fra.rpki-client.org