Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a65353a3a2f34382d3438203d3e203133383532.roa
File: 326130623a346530373a65353a3a2f34382d3438203d3e203133383532.roa (raw, json)
Hash identifier: bGwp+SgU/8AMGm9qBqBbmiJiBLSPpfpTDNzBVPJGZno=
Subject key identifier: DA:46:C0:1D:B8:A6:DC:3C:3B:1A:03:39:96:EA:BF:7F:6F:A5:27:B0
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 58A78210DF03D8EAD5CF57BCC8BDBAD2089F445D
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a65353a3a2f34382d3438203d3e203133383532.roa
Signing time: Sat 21 Sep 2024 17:50:05 +0000
ROA not before: Sat 21 Sep 2024 17:45:05 +0000
ROA not after: Sat 20 Sep 2025 17:50:05 +0000
asID: 13852
IP address blocks: 2a0b:4e07:e5::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Oct 2024 14:45:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:a7:82:10:df:03:d8:ea:d5:cf:57:bc:c8:bd:ba:d2:08:9f:44:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Sep 21 17:45:05 2024 GMT
Not After : Sep 20 17:50:05 2025 GMT
Subject: CN=DA46C01DB8A6DC3C3B1A033996EABF7F6FA527B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:75:8f:e7:3b:9e:53:3e:22:7d:0c:aa:a5:33:
de:63:3b:17:8e:a4:97:6c:48:9a:5f:33:4b:c0:53:
5b:8a:42:a2:83:e2:28:89:de:a9:60:22:81:97:38:
3a:61:1b:d3:eb:17:fe:bc:f1:25:f7:aa:65:a2:48:
c4:04:7b:90:f3:b2:99:14:b8:e0:6a:a7:83:f0:19:
23:6b:0d:8d:33:5a:72:b9:2b:ea:ca:c7:22:76:f5:
31:a9:70:db:74:6f:da:52:2c:a3:b5:f2:d3:9f:ab:
ec:9b:23:10:00:e5:55:2c:79:22:bb:ba:ff:7d:9a:
ec:e9:13:e9:9d:23:fd:42:c3:27:00:cc:10:af:b1:
24:05:e1:cf:44:d3:83:e4:98:78:5d:ce:9f:5c:47:
98:c1:56:5c:48:43:e8:97:09:56:24:c0:eb:5e:aa:
57:95:5d:cb:5f:7b:40:d7:7e:34:61:4b:d6:ef:34:
80:de:1d:23:cf:3a:d9:ec:27:74:17:74:2e:1e:2b:
a6:9e:0a:d4:33:5d:d7:2e:13:f4:53:91:19:da:19:
59:1b:04:ad:18:6a:62:82:50:b3:e0:20:c2:e7:b2:
e3:04:8f:74:46:30:58:24:f9:a1:cf:d1:f7:d4:81:
52:c7:9d:d2:a9:ce:f6:6f:c3:ea:55:f4:5d:b0:10:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:46:C0:1D:B8:A6:DC:3C:3B:1A:03:39:96:EA:BF:7F:6F:A5:27:B0
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a65353a3a2f34382d3438203d3e203133383532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:e5::/48
Signature Algorithm: sha256WithRSAEncryption
5a:e4:e3:6e:57:b1:c1:67:b6:ae:c4:63:f5:40:7e:84:ac:32:
90:7e:17:b0:12:39:e0:ae:4c:ae:52:bf:63:1d:d4:83:66:10:
d0:03:14:7f:25:fc:74:11:df:bf:96:03:81:77:1f:20:3e:98:
a0:29:6c:85:fc:cf:e7:fb:8d:ad:25:24:1d:75:ca:00:41:0a:
78:a0:1a:45:04:21:55:94:66:12:45:b4:b0:a2:5e:85:1e:6a:
d0:c7:a0:49:c3:22:d0:a2:9a:e2:35:7e:98:ff:58:e8:f4:27:
a3:6a:2e:cf:ce:b9:57:c9:1a:24:fe:ef:91:88:f2:09:f0:1d:
fb:f9:5a:64:8e:6a:22:ef:2a:7f:41:57:72:23:d7:01:1b:09:
69:16:fc:84:75:3a:73:9b:76:33:b7:0d:b5:5c:1b:ff:39:ee:
47:02:e0:cd:23:53:4a:b6:6a:61:17:bd:59:72:8b:53:d3:f8:
0c:58:43:f5:b2:75:a0:31:f5:0b:a9:6d:3d:62:66:32:fd:ff:
88:3c:0f:9a:eb:8f:7f:ab:b8:25:1e:d2:c0:6c:4f:f7:20:77:
10:a9:d5:6b:5f:e5:f4:e1:fa:24:c7:6d:98:12:a6:3e:47:7c:
78:ce:03:df:82:bc:40:7e:5c:bc:1b:3b:5f:d6:47:03:7f:f3:
58:9a:87:30
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUWKeCEN8D2OrVz1e8yL260gifRF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA5MjExNzQ1MDVaFw0yNTA5MjAxNzUwMDVaMDMxMTAvBgNV
BAMTKERBNDZDMDFEQjhBNkRDM0MzQjFBMDMzOTk2RUFCRjdGNkZBNTI3QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5dY/nO55TPiJ9DKqlM95jOxeO
pJdsSJpfM0vAU1uKQqKD4iiJ3qlgIoGXODphG9PrF/688SX3qmWiSMQEe5DzspkU
uOBqp4PwGSNrDY0zWnK5K+rKxyJ29TGpcNt0b9pSLKO18tOfq+ybIxAA5VUseSK7
uv99muzpE+mdI/1CwycAzBCvsSQF4c9E04PkmHhdzp9cR5jBVlxIQ+iXCVYkwOte
qleVXctfe0DXfjRhS9bvNIDeHSPPOtnsJ3QXdC4eK6aeCtQzXdcuE/RTkRnaGVkb
BK0YamKCULPgIMLnsuMEj3RGMFgk+aHP0ffUgVLHndKpzvZvw+pV9F2wEPRnAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQU2kbAHbim3Dw7GgM5luq/f2+lJ7AwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBsQYIKwYBBQUHAQsEgaQwgaEwgZ4GCCsGAQUF
BzALhoGRcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTY1MzUzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzgz
NTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/
BBMwETAPBAIAAjAJAwcAKgtOBwDlMA0GCSqGSIb3DQEBCwUAA4IBAQBa5ONuV7HB
Z7auxGP1QH6ErDKQfhewEjngrkyuUr9jHdSDZhDQAxR/Jfx0Ed+/lgOBdx8gPpig
KWyF/M/n+42tJSQddcoAQQp4oBpFBCFVlGYSRbSwol6FHmrQx6BJwyLQopriNX6Y
/1jo9Cejai7PzrlXyRok/u+RiPIJ8B37+Vpkjmoi7yp/QVdyI9cBGwlpFvyEdTpz
m3Yztw21XBv/Oe5HAuDNI1NKtmphF71ZcotT0/gMWEP1snWgMfULqW09YmYy/f+I
PA+a649/q7glHtLAbE/3IHcQqdVrX+X04fokx22YEqY+R3x4zgPfgrxAfly8Gztf
1kcDf/NYmocw
-----END CERTIFICATE-----
Generated at Tue Oct 29 17:39:21 2024 by rpki-client on console-fra.rpki-client.org