Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a65303a3a2f34342d3438203d3e20323136333131.roa
File: 326130623a346530373a65303a3a2f34342d3438203d3e20323136333131.roa (raw, json)
Hash identifier: okIOcDqZjIkpE3B9aIUD50UTCLcKTihYfqzLsEDOLXQ=
Subject key identifier: DC:A3:61:79:83:AA:63:80:57:94:6A:7C:6C:E5:A3:53:4D:B5:D7:F1
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 1834D6D5AB1F73F3EF5FC0AB8BE8DF9148C635EE
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a65303a3a2f34342d3438203d3e20323136333131.roa
Signing time: Wed 31 Jul 2024 14:41:10 +0000
ROA not before: Wed 31 Jul 2024 14:36:10 +0000
ROA not after: Wed 30 Jul 2025 14:41:10 +0000
asID: 216311
IP address blocks: 2a0b:4e07:e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 16 Sep 2024 09:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:34:d6:d5:ab:1f:73:f3:ef:5f:c0:ab:8b:e8:df:91:48:c6:35:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Jul 31 14:36:10 2024 GMT
Not After : Jul 30 14:41:10 2025 GMT
Subject: CN=DCA3617983AA638057946A7C6CE5A3534DB5D7F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:7e:9c:88:ce:21:5b:ec:af:f1:95:fd:39:
e5:35:59:17:ec:e0:d3:26:81:57:1d:5e:d2:62:12:
17:61:8d:34:b8:a7:d3:24:fe:10:b8:aa:d3:a0:fa:
50:91:70:f4:7f:75:5b:83:61:0e:ec:b3:54:bb:ae:
2d:4b:86:ed:94:12:02:fe:b7:8e:9d:17:c3:40:07:
77:8c:3b:e0:d0:8c:ed:f9:82:1d:99:04:52:a9:92:
fb:f6:75:aa:35:2f:31:50:84:b9:26:c4:a6:3f:be:
4c:03:37:89:44:7c:19:0d:6a:fb:a2:3c:5b:fb:5c:
57:76:27:74:5c:f0:84:1d:01:67:5c:e4:78:fa:84:
8c:11:d4:c5:92:1f:e7:22:73:90:4b:1b:f7:2e:77:
04:b8:5f:73:7e:92:67:02:65:90:8e:e7:7a:13:22:
90:b3:0a:a2:92:a7:a6:37:66:8d:70:91:71:e3:a3:
40:7c:cc:66:11:35:b0:fa:40:72:08:06:49:12:00:
33:09:d1:5b:63:c3:2c:5c:45:62:f6:bc:67:4a:a9:
c3:90:b2:54:a4:1c:57:c2:83:29:ee:b9:9c:3f:da:
f3:59:48:d1:46:b3:b9:22:d3:b4:41:6c:36:c1:be:
04:b9:9a:a2:a0:3a:92:4b:7f:b6:43:d0:d4:9a:58:
19:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A3:61:79:83:AA:63:80:57:94:6A:7C:6C:E5:A3:53:4D:B5:D7:F1
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a65303a3a2f34342d3438203d3e20323136333131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:e0::/44
Signature Algorithm: sha256WithRSAEncryption
8e:25:82:ad:c3:65:43:6c:32:7a:78:92:f0:cd:bb:4c:57:f4:
28:d2:bc:eb:07:2d:c0:23:bb:06:61:ce:97:bf:37:80:77:7a:
36:31:d4:ca:8b:aa:b9:bd:6f:38:84:b3:10:c4:e4:cb:f1:18:
4d:f7:b1:c8:1d:11:cf:58:16:7f:53:f5:6b:f2:72:2c:ec:72:
36:c8:5c:dd:64:41:0c:08:9e:81:2b:d0:38:7c:5e:8b:8d:9c:
e1:3c:f6:4f:ce:19:37:53:ba:e2:9e:9e:27:61:c5:80:88:ed:
bc:5f:47:ba:30:ba:b2:10:00:33:a9:4b:5c:d8:8e:23:12:80:
c3:a4:66:c4:d8:f6:ea:99:c5:00:a3:02:3e:3e:b6:24:5e:fb:
18:b2:3f:e1:77:8b:4c:88:e6:f4:1a:76:0d:14:08:2b:7d:bb:
99:01:81:d0:64:ca:17:03:34:1c:e2:00:0f:12:6d:70:03:a7:
9b:3c:77:53:c4:a1:56:9c:dd:cf:a7:b8:4d:a2:33:f9:7e:a0:
84:a8:23:80:87:8d:79:43:7f:ef:41:06:4e:76:30:db:bc:fd:
9e:d8:d7:04:e6:5d:15:ff:a3:93:12:6b:f9:22:a3:c9:f3:3b:
ed:23:94:3a:e7:d6:5a:48:cc:ec:08:da:20:ad:a5:03:43:68:
19:42:41:3c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUGDTW1asfc/PvX8Cri+jfkUjGNe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA3MzExNDM2MTBaFw0yNTA3MzAxNDQxMTBaMDMxMTAvBgNV
BAMTKERDQTM2MTc5ODNBQTYzODA1Nzk0NkE3QzZDRTVBMzUzNERCNUQ3RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdZn6ciM4hW+yv8ZX9OeU1WRfs
4NMmgVcdXtJiEhdhjTS4p9Mk/hC4qtOg+lCRcPR/dVuDYQ7ss1S7ri1Lhu2UEgL+
t46dF8NAB3eMO+DQjO35gh2ZBFKpkvv2dao1LzFQhLkmxKY/vkwDN4lEfBkNavui
PFv7XFd2J3Rc8IQdAWdc5Hj6hIwR1MWSH+cic5BLG/cudwS4X3N+kmcCZZCO53oT
IpCzCqKSp6Y3Zo1wkXHjo0B8zGYRNbD6QHIIBkkSADMJ0VtjwyxcRWL2vGdKqcOQ
slSkHFfCgynuuZw/2vNZSNFGs7ki07RBbDbBvgS5mqKgOpJLf7ZD0NSaWBnBAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQU3KNheYOqY4BXlGp8bOWjU0211/EwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTY1MzAzYTNhMmYzNDM0MmQzNDM4MjAzZDNlMjAzMjMxMzYz
MzMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwQqC04HAOAwDQYJKoZIhvcNAQELBQADggEBAI4lgq3D
ZUNsMnp4kvDNu0xX9CjSvOsHLcAjuwZhzpe/N4B3ejYx1MqLqrm9bziEsxDE5Mvx
GE33scgdEc9YFn9T9WvycizscjbIXN1kQQwInoEr0Dh8XouNnOE89k/OGTdTuuKe
nidhxYCI7bxfR7owurIQADOpS1zYjiMSgMOkZsTY9uqZxQCjAj4+tiRe+xiyP+F3
i0yI5vQadg0UCCt9u5kBgdBkyhcDNBziAA8SbXADp5s8d1PEoVac3c+nuE2iM/l+
oISoI4CHjXlDf+9BBk52MNu8/Z7Y1wTmXRX/o5MSa/kio8nzO+0jlDrn1lpIzOwI
2iCtpQNDaBlCQTw=
-----END CERTIFICATE-----
Generated at Mon Sep 16 10:47:33 2024 by rpki-client on console-fra.rpki-client.org