Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a66653a3a2f34382d3438203d3e20323135393233.roa
File: 326130623a346530373a66653a3a2f34382d3438203d3e20323135393233.roa (raw, json)
Hash identifier: DYDnrBRLoG1ZM+oldw0hNOJfdK7JadIqAA7Bd8VVtQs=
Subject key identifier: 7E:06:D3:38:02:B7:49:0A:B4:72:71:0E:94:80:58:D0:5C:FC:25:F0
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 05A4BDA6720CDDA8C6AA3DA9B7F6C2D22F5AEF65
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a66653a3a2f34382d3438203d3e20323135393233.roa
Signing time: Thu 15 Aug 2024 07:17:26 +0000
ROA not before: Thu 15 Aug 2024 07:12:26 +0000
ROA not after: Thu 14 Aug 2025 07:17:26 +0000
asID: 215923
IP address blocks: 2a0b:4e07:fe::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 29 Oct 2024 14:47:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:a4:bd:a6:72:0c:dd:a8:c6:aa:3d:a9:b7:f6:c2:d2:2f:5a:ef:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Aug 15 07:12:26 2024 GMT
Not After : Aug 14 07:17:26 2025 GMT
Subject: CN=7E06D33802B7490AB472710E948058D05CFC25F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:54:70:3e:51:4e:af:2b:81:13:ec:09:c6:55:
40:21:3e:56:27:1f:cf:1f:32:f4:36:39:9e:4c:8c:
26:1f:f7:14:73:56:b0:b2:7c:aa:3e:8e:e9:e9:01:
4b:64:78:d7:14:c4:f2:be:4b:db:1c:5a:66:30:b1:
e2:cb:47:91:4c:5c:45:62:7f:7b:ca:6f:0f:c4:17:
23:4d:6f:36:6b:24:94:ee:cc:dc:e6:b0:8f:d6:06:
20:e0:03:e2:30:ca:43:fb:da:21:7f:e9:9b:a0:e2:
9c:45:8d:3b:80:b2:76:cc:fe:41:91:2e:51:18:82:
fa:d3:0b:7a:33:90:06:ed:7a:ea:38:ef:f1:c8:7d:
d6:53:d9:ea:b5:b5:ec:a1:80:0f:0d:06:49:b6:c1:
fb:7a:bc:eb:ea:37:bd:20:30:57:a0:24:4d:70:c6:
e1:b0:f9:72:62:e0:3e:50:fc:22:f3:c2:9f:d3:9f:
32:66:be:14:17:34:6f:9e:f3:ea:2d:5a:da:7f:fd:
7b:71:5a:dc:ab:b6:95:02:19:92:82:23:f3:08:7f:
24:f6:da:4b:bf:5b:44:37:2a:bc:9f:7f:f4:a1:87:
5d:99:cb:b6:50:cd:64:c6:f1:59:6c:c5:80:63:1b:
74:ea:8d:46:99:c4:79:1c:39:bd:83:24:6f:6f:5b:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:06:D3:38:02:B7:49:0A:B4:72:71:0E:94:80:58:D0:5C:FC:25:F0
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a66653a3a2f34382d3438203d3e20323135393233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:fe::/48
Signature Algorithm: sha256WithRSAEncryption
60:53:3e:31:71:17:0b:f8:f1:a0:08:62:f1:5b:d9:9d:3c:7a:
28:3d:34:59:e8:94:cf:e8:c9:f9:b5:4d:05:e8:e8:5d:55:cb:
54:de:09:cb:ef:03:c2:8f:4d:77:8b:1d:eb:e9:36:b4:ab:e1:
49:ff:63:be:70:8b:46:5e:c0:c1:24:9c:36:ad:fd:54:ee:00:
06:33:22:26:94:b8:92:fc:eb:3a:f9:e3:4d:be:d4:dd:3a:d1:
9b:d7:c0:a3:6f:87:d7:ec:84:9b:3f:6e:14:d2:38:ab:41:b7:
1f:79:98:94:56:77:25:42:e1:56:69:22:70:9d:e8:06:09:42:
9d:cd:7e:02:69:bc:fd:23:be:0c:de:c9:f0:54:99:a4:be:92:
49:99:52:23:04:b4:eb:6c:c6:ea:cf:f0:be:2e:89:97:8c:88:
b7:e3:69:fc:14:e3:ef:6c:42:99:fa:1c:80:49:f6:b9:25:99:
bb:f2:b3:ed:0a:d6:19:93:32:f5:e5:62:1b:d9:5d:24:98:0c:
64:44:48:c2:1c:76:22:1d:27:fa:d9:c1:63:95:d0:e9:26:70:
2f:92:3c:0e:21:ee:b6:26:cf:18:ea:e0:18:c4:82:e4:4d:ff:
1d:5c:bb:5c:79:b5:56:08:dc:af:c3:f3:c2:f1:cf:79:e5:dc:
f3:a7:91:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUBaS9pnIM3ajGqj2pt/bC0i9a72UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA4MTUwNzEyMjZaFw0yNTA4MTQwNzE3MjZaMDMxMTAvBgNV
BAMTKDdFMDZEMzM4MDJCNzQ5MEFCNDcyNzEwRTk0ODA1OEQwNUNGQzI1RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3VHA+UU6vK4ET7AnGVUAhPlYn
H88fMvQ2OZ5MjCYf9xRzVrCyfKo+junpAUtkeNcUxPK+S9scWmYwseLLR5FMXEVi
f3vKbw/EFyNNbzZrJJTuzNzmsI/WBiDgA+IwykP72iF/6Zug4pxFjTuAsnbM/kGR
LlEYgvrTC3ozkAbteuo47/HIfdZT2eq1teyhgA8NBkm2wft6vOvqN70gMFegJE1w
xuGw+XJi4D5Q/CLzwp/TnzJmvhQXNG+e8+otWtp//XtxWtyrtpUCGZKCI/MIfyT2
2ku/W0Q3Kryff/Shh12Zy7ZQzWTG8VlsxYBjG3TqjUaZxHkcOb2DJG9vW/GrAgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUfgbTOAK3SQq0cnEOlIBY0Fz8JfAwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTY2NjUzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzUz
OTMyMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwAqC04HAP4wDQYJKoZIhvcNAQELBQADggEBAGBTPjFx
Fwv48aAIYvFb2Z08eig9NFnolM/oyfm1TQXo6F1Vy1TeCcvvA8KPTXeLHevpNrSr
4Un/Y75wi0ZewMEknDat/VTuAAYzIiaUuJL86zr5402+1N060ZvXwKNvh9fshJs/
bhTSOKtBtx95mJRWdyVC4VZpInCd6AYJQp3NfgJpvP0jvgzeyfBUmaS+kkmZUiME
tOtsxurP8L4uiZeMiLfjafwU4+9sQpn6HIBJ9rklmbvys+0K1hmTMvXlYhvZXSSY
DGRESMIcdiIdJ/rZwWOV0OkmcC+SPA4h7rYmzxjq4BjEguRN/x1cu1x5tVYI3K/D
88Lxz3nl3POnkac=
-----END CERTIFICATE-----
Generated at Tue Oct 29 17:50:19 2024 by rpki-client on console-ams.rpki-client.org