Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3430373a3a2f34382d3438203d3e20323135353839.roa
File: 326130623a346530373a3430373a3a2f34382d3438203d3e20323135353839.roa (raw, json)
Hash identifier: WsQZekHrMlxCmRrAvHrZCvMg66OGL5l6tMXjGuoXIw8=
Subject key identifier: 88:27:E4:7B:50:6C:55:99:8A:F8:16:60:3C:39:D7:32:D5:C8:B8:C9
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 4F5AD7C0841D3DD6FCCD490BDE0124556F34424E
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3430373a3a2f34382d3438203d3e20323135353839.roa
Signing time: Thu 25 Jul 2024 12:28:38 +0000
ROA not before: Thu 25 Jul 2024 12:23:38 +0000
ROA not after: Thu 24 Jul 2025 12:28:38 +0000
asID: 215589
IP address blocks: 2a0b:4e07:407::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 26 Jul 2024 09:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:5a:d7:c0:84:1d:3d:d6:fc:cd:49:0b:de:01:24:55:6f:34:42:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Jul 25 12:23:38 2024 GMT
Not After : Jul 24 12:28:38 2025 GMT
Subject: CN=8827E47B506C55998AF816603C39D732D5C8B8C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fb:b9:65:8d:6b:45:04:79:27:94:ab:4c:de:
c0:0f:a3:07:9a:16:48:ef:b1:c6:70:91:ba:54:0d:
c0:cd:77:a3:e3:a3:32:cd:9f:64:7c:eb:8b:e0:d2:
93:fb:24:1b:f4:7e:0c:2c:f0:08:8c:f9:ee:ff:31:
53:bd:65:90:95:94:71:18:0b:b7:53:cc:65:af:b7:
ad:be:bd:de:93:dc:aa:fe:fa:14:db:0f:08:fc:9f:
db:39:05:13:9e:ea:d7:8d:27:21:39:a7:3b:44:62:
a0:7c:c1:ee:b8:4d:e7:21:97:3c:42:2c:bb:ea:1d:
1e:33:12:63:55:79:cd:a4:3e:a9:ca:6a:5b:63:21:
ef:39:00:4f:2a:5f:b3:32:35:9a:e3:01:2b:0d:d8:
91:9a:b7:9f:4f:e0:1d:ce:ad:2f:87:cc:17:42:4b:
91:96:1d:49:56:01:88:64:fd:b4:08:98:35:80:5f:
44:4d:a6:6b:b4:89:1f:d4:c9:d6:f3:10:17:34:55:
a7:db:a3:d2:3b:5d:35:29:bf:9d:9c:25:41:69:5b:
66:b7:c2:53:d0:12:81:94:1e:93:15:d3:a4:be:b6:
1f:b9:d3:3e:ae:e2:b9:6b:18:8e:39:d5:89:42:8f:
ce:ae:0b:2d:b3:da:3a:b9:c8:87:8d:82:f6:54:ed:
e0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:27:E4:7B:50:6C:55:99:8A:F8:16:60:3C:39:D7:32:D5:C8:B8:C9
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a3430373a3a2f34382d3438203d3e20323135353839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:407::/48
Signature Algorithm: sha256WithRSAEncryption
32:d9:b0:d0:23:a2:4f:1d:b4:0a:99:be:f3:7c:27:da:12:e5:
d8:e8:2b:2d:92:37:57:fd:dd:3d:f3:d1:92:35:91:c2:f9:9a:
c5:4c:1e:93:18:84:12:a7:5a:64:f4:c7:0c:a5:e7:96:49:82:
01:10:7d:42:23:b9:aa:4b:f1:9a:53:36:c6:bf:f1:83:36:44:
ad:ea:98:ba:88:b9:0e:52:9b:7b:8f:11:52:db:1c:d9:e4:89:
d9:b5:72:c4:cb:b5:d5:24:9e:ac:8b:cd:22:ef:1d:2b:cb:54:
0b:24:ee:3a:e2:35:1e:ee:e9:03:dc:87:0a:03:c4:f6:92:2e:
e7:ab:dc:51:87:f3:30:b5:89:55:94:59:74:6f:01:52:a0:41:
fc:2b:14:e8:99:e2:58:3c:f0:b9:29:94:9b:bc:0d:fb:b9:68:
b3:9f:83:5d:1e:4e:bb:f9:ef:73:60:0b:0e:da:dc:1e:2b:9d:
71:4c:47:c2:8b:2f:43:24:d7:08:47:16:1d:a8:39:65:16:17:
da:9a:92:ff:18:b8:38:65:a4:1e:4c:25:d8:5a:b9:2a:24:37:
eb:87:c3:ff:d0:0e:21:04:65:82:4d:56:c7:45:5f:fc:5c:e4:
e7:da:0b:13:54:c6:dc:03:c4:a4:d2:5d:2a:49:12:4d:51:fa:
38:1e:78:fb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUT1rXwIQdPdb8zUkL3gEkVW80Qk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA3MjUxMjIzMzhaFw0yNTA3MjQxMjI4MzhaMDMxMTAvBgNV
BAMTKDg4MjdFNDdCNTA2QzU1OTk4QUY4MTY2MDNDMzlENzMyRDVDOEI4QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK+7lljWtFBHknlKtM3sAPowea
FkjvscZwkbpUDcDNd6PjozLNn2R864vg0pP7JBv0fgws8AiM+e7/MVO9ZZCVlHEY
C7dTzGWvt62+vd6T3Kr++hTbDwj8n9s5BROe6teNJyE5pztEYqB8we64TechlzxC
LLvqHR4zEmNVec2kPqnKaltjIe85AE8qX7MyNZrjASsN2JGat59P4B3OrS+HzBdC
S5GWHUlWAYhk/bQImDWAX0RNpmu0iR/UydbzEBc0Vafbo9I7XTUpv52cJUFpW2a3
wlPQEoGUHpMV06S+th+50z6u4rlrGI451YlCj86uCy2z2jq5yIeNgvZU7eB5AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUiCfke1BsVZmK+BZgPDnXMtXIuMkwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTM0MzAzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTM1MzgzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoLTgcEBzANBgkqhkiG9w0BAQsFAAOCAQEAMtmw
0COiTx20Cpm+83wn2hLl2OgrLZI3V/3dPfPRkjWRwvmaxUwekxiEEqdaZPTHDKXn
lkmCARB9QiO5qkvxmlM2xr/xgzZEreqYuoi5DlKbe48RUtsc2eSJ2bVyxMu11SSe
rIvNIu8dK8tUCyTuOuI1Hu7pA9yHCgPE9pIu56vcUYfzMLWJVZRZdG8BUqBB/CsU
6JniWDzwuSmUm7wN+7los5+DXR5Ou/nvc2ALDtrcHiudcUxHwosvQyTXCEcWHag5
ZRYX2pqS/xi4OGWkHkwl2Fq5KiQ364fD/9AOIQRlgk1Wx0Vf/Fzk59oLE1TG3APE
pNJdKkkSTVH6OB54+w==
Generated at Fri Jul 26 12:45:48 2024 by rpki-client on console-ams.rpki-client.org