Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3232342e302f32302d3230203d3e2030.roa
File: 3134382e3133352e3232342e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: MmtePW3r+3Neh8oePWPE3xkUUgOidg0ttkNaOi5rcAk=
Subject key identifier: 4A:4D:6A:5B:B3:40:D3:5A:28:85:FA:4F:FB:A2:7C:CC:D1:CF:1C:E9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 76943224ED3A595DB73B3EC71099038975D12325
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3232342e302f32302d3230203d3e2030.roa
Signing time: Fri 05 Jan 2024 10:05:08 +0000
ROA not before: Fri 05 Jan 2024 10:00:08 +0000
ROA not after: Fri 03 Jan 2025 10:05:08 +0000
asID: 0
IP address blocks: 148.135.224.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sat 06 Apr 2024 11:09:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:94:32:24:ed:3a:59:5d:b7:3b:3e:c7:10:99:03:89:75:d1:23:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 5 10:00:08 2024 GMT
Not After : Jan 3 10:05:08 2025 GMT
Subject: CN=4A4D6A5BB340D35A2885FA4FFBA27CCCD1CF1CE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:31:fd:c5:ff:a5:d2:3f:41:74:0a:7d:9b:54:
3f:fb:2a:cf:f4:1f:93:5d:c1:e2:c1:0e:de:df:9a:
45:73:9a:68:c8:cd:3b:2b:55:b9:23:9a:87:41:82:
57:66:c0:ba:b2:08:0b:cb:17:cb:96:10:8a:58:bc:
23:08:03:4f:d0:3b:6e:b2:22:18:e1:aa:5e:a7:1b:
46:20:ad:9a:47:22:ac:c3:1b:cf:87:83:69:b5:86:
6e:50:8f:9b:3f:06:92:e8:ee:91:b3:ec:31:ee:2d:
5f:e9:dd:0a:3d:79:88:06:d2:89:b4:0a:30:3c:1c:
96:25:a6:53:0a:5f:1c:58:60:2f:ff:93:87:6d:a7:
b9:af:a9:d4:2b:89:84:09:f3:0d:da:c0:f3:45:aa:
f3:3f:eb:03:31:d9:0b:45:85:1c:ad:95:70:c2:37:
df:aa:dd:7e:35:ae:25:68:e4:b1:6f:2e:ab:11:a7:
3d:a8:26:52:a7:eb:cd:35:2a:d9:38:20:c7:a4:15:
ee:05:59:81:4a:fd:0a:96:f8:02:04:f7:64:ac:ab:
99:66:1b:f5:d5:6d:7f:be:97:1e:88:e3:9e:8b:09:
67:39:86:b7:5e:00:ba:aa:f7:cf:c5:f4:d1:57:9a:
aa:c2:58:b1:dc:2c:cb:bb:6f:96:d9:fd:3a:8b:38:
e8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4D:6A:5B:B3:40:D3:5A:28:85:FA:4F:FB:A2:7C:CC:D1:CF:1C:E9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e3232342e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.224.0/20
Signature Algorithm: sha256WithRSAEncryption
9b:a7:51:4b:93:5e:5a:62:1d:a5:e4:53:bd:28:0e:dc:b4:c2:
21:e1:92:8e:09:17:3b:34:a0:fc:17:4c:c9:32:9c:a4:fe:8b:
2c:60:a6:d3:af:76:e1:2d:a3:8e:30:7e:fb:b6:80:94:03:93:
11:0e:39:52:37:7a:74:96:27:84:5a:bc:04:84:00:42:6b:15:
b8:77:35:a3:79:65:5a:39:57:a3:c5:18:76:b4:91:ef:a5:60:
4a:14:34:eb:66:98:46:13:d0:73:7b:1b:ce:ef:b5:66:20:fb:
87:fa:48:97:43:97:e9:a7:df:8a:fe:11:2a:0b:56:ff:08:50:
73:91:f2:6b:37:7e:05:8b:01:25:57:81:e5:99:a3:c0:66:53:
32:97:30:00:af:f2:df:34:9d:9c:67:b9:c6:9a:49:ae:6c:0f:
7c:e6:e5:d7:26:8d:1d:dc:1d:3e:04:68:37:54:36:6d:8b:52:
eb:37:7b:53:74:55:82:cb:6f:ab:b2:6a:d7:7b:d8:8c:6c:8c:
d8:13:9d:b5:40:b0:f6:be:6d:d6:75:9b:cd:6a:ec:36:0c:ba:
4b:0d:6b:67:23:9f:c1:c9:43:b7:e8:d5:12:82:97:27:2f:df:
08:06:10:f6:93:49:f8:29:d9:48:36:41:ca:17:0f:c7:12:3b:
36:88:87:c9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUdpQyJO06WV23Oz7HEJkDiXXRIyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDAxMDUxMDAwMDhaFw0yNTAxMDMxMDA1MDhaMDMxMTAvBgNV
BAMTKDRBNEQ2QTVCQjM0MEQzNUEyODg1RkE0RkZCQTI3Q0NDRDFDRjFDRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsMf3F/6XSP0F0Cn2bVD/7Ks/0
H5NdweLBDt7fmkVzmmjIzTsrVbkjmodBgldmwLqyCAvLF8uWEIpYvCMIA0/QO26y
Ihjhql6nG0YgrZpHIqzDG8+Hg2m1hm5Qj5s/BpLo7pGz7DHuLV/p3Qo9eYgG0om0
CjA8HJYlplMKXxxYYC//k4dtp7mvqdQriYQJ8w3awPNFqvM/6wMx2QtFhRytlXDC
N9+q3X41riVo5LFvLqsRpz2oJlKn6801Ktk4IMekFe4FWYFK/QqW+AIE92Ssq5lm
G/XVbX++lx6I456LCWc5hrdeALqq98/F9NFXmqrCWLHcLMu7b5bZ/TqLOOhNAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUSk1qW7NA01oohfpP+6J8zNHPHOkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMy
MzIzNDJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQElIfgMA0G
CSqGSIb3DQEBCwUAA4IBAQCbp1FLk15aYh2l5FO9KA7ctMIh4ZKOCRc7NKD8F0zJ
Mpyk/ossYKbTr3bhLaOOMH77toCUA5MRDjlSN3p0lieEWrwEhABCaxW4dzWjeWVa
OVejxRh2tJHvpWBKFDTrZphGE9BzexvO77VmIPuH+kiXQ5fpp9+K/hEqC1b/CFBz
kfJrN34FiwElV4HlmaPAZlMylzAAr/LfNJ2cZ7nGmkmubA985uXXJo0d3B0+BGg3
VDZti1LrN3tTdFWCy2+rsmrXe9iMbIzYE521QLD2vm3WdZvNauw2DLpLDWtnI5/B
yUO36NUSgpcnL98IBhD2k0n4KdlINkHKFw/HEjs2iIfJ
-----END CERTIFICATE-----
Generated at Sat Apr 6 12:13:38 2024 by rpki-client on console-fra.rpki-client.org