Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a3a2f33322d3332203d3e20323135333138.roa
File: 326131343a316563373a3a2f33322d3332203d3e20323135333138.roa (raw, json)
Hash identifier: VnwgZ74cTpvBIX+PIAi/bOSjx8dE1TzQR7l3RIBN/10=
Subject key identifier: D2:99:23:AE:2D:81:B9:C3:01:A2:A6:87:28:4B:15:2B:2F:2B:05:1A
Certificate issuer: /CN=3134ee987e08d8b5583feef621a03150c4f35434
Certificate serial: 141FC9636EB89F1C2E03C4CE24B3EA0F39E70B23
Authority key identifier: 31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a3a2f33322d3332203d3e20323135333138.roa
Signing time: Thu 08 Aug 2024 09:47:09 +0000
ROA not before: Thu 08 Aug 2024 09:42:09 +0000
ROA not after: Thu 07 Aug 2025 09:47:09 +0000
asID: 215318
IP address blocks: 2a14:1ec7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Sep 2024 11:20:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:1f:c9:63:6e:b8:9f:1c:2e:03:c4:ce:24:b3:ea:0f:39:e7:0b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3134ee987e08d8b5583feef621a03150c4f35434
Validity
Not Before: Aug 8 09:42:09 2024 GMT
Not After : Aug 7 09:47:09 2025 GMT
Subject: CN=D29923AE2D81B9C301A2A687284B152B2F2B051A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f0:67:e5:e9:77:51:bc:80:6f:b4:4a:9c:19:
c4:3f:db:2f:05:d3:b2:7b:c0:01:3d:f4:78:64:68:
91:5d:9d:41:ef:b2:4f:74:b8:70:41:6a:90:43:84:
f9:b5:16:c4:7a:ca:03:3c:fe:08:d5:77:44:17:00:
3f:57:ca:5e:5b:ce:ee:47:fa:5b:72:92:8a:96:3c:
f1:ce:c8:59:fe:d0:af:9c:ed:e1:e2:d8:75:fa:35:
8c:07:e9:4b:23:d3:f7:0a:d5:13:1e:ca:6a:35:eb:
5f:0e:8a:49:04:88:f8:7e:2b:59:81:1a:e1:d0:2f:
6c:4f:7f:6d:d8:8b:a9:d8:bb:2d:45:c4:6b:de:77:
ac:52:c6:cb:c3:7e:51:59:dc:d0:d0:49:91:bb:7b:
35:e6:3a:8e:3d:0b:e5:6b:a6:3f:06:91:09:8c:22:
c3:80:0f:3b:d5:36:b9:bf:25:3a:be:71:50:2c:b5:
a4:6c:09:7a:5b:41:bc:fe:81:ea:0f:ec:18:94:94:
45:cd:bb:15:73:c4:06:f9:85:d2:8e:5c:fc:4e:89:
87:2c:e4:04:d9:36:24:15:b8:d1:b5:37:fc:4a:c2:
5c:f3:56:08:fe:f5:58:a4:90:09:fd:11:7b:7c:09:
ae:9c:3f:ba:19:bf:57:4c:3f:c9:fd:6e:ac:e4:8a:
b0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:99:23:AE:2D:81:B9:C3:01:A2:A6:87:28:4B:15:2B:2F:2B:05:1A
X509v3 Authority Key Identifier:
keyid:31:34:EE:98:7E:08:D8:B5:58:3F:EE:F6:21:A0:31:50:C4:F3:54:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/3134EE987E08D8B5583FEEF621A03150C4F35434.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MTTumH4I2LVYP-72IaAxUMTzVDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/326131343a316563373a3a2f33322d3332203d3e20323135333138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7::/32
Signature Algorithm: sha256WithRSAEncryption
7f:30:e1:3a:b7:d5:d6:8d:97:40:74:50:43:fa:cf:5e:77:f0:
07:fa:3d:13:75:fc:c7:da:f1:a7:06:a3:b9:37:b3:ea:33:0f:
60:36:75:02:09:ee:e4:c8:0a:74:9d:d6:66:82:87:5f:cb:66:
c2:36:f2:ee:8f:42:8c:7c:ff:8b:76:7f:bf:5a:28:43:fb:bf:
dd:14:29:8a:3f:ea:3d:fe:d1:b2:bc:f1:6c:a5:69:03:3a:c3:
e4:20:fb:cc:92:99:bc:f6:29:52:eb:1f:4a:33:93:f9:a4:9b:
c1:0e:69:33:bc:74:d6:2d:32:88:d0:74:83:5b:65:58:ac:89:
a9:2f:46:13:02:2f:7a:4e:1d:2e:d4:49:7d:a6:72:88:ad:71:
3b:30:76:8f:78:f3:bc:4a:b1:b5:b0:ca:d3:c6:be:5b:09:11:
2c:c0:af:91:22:95:e5:a4:df:82:50:3a:e3:49:2c:bb:5b:35:
df:15:9c:52:16:95:e2:5d:cf:40:3a:e1:28:d1:60:d9:2e:36:
d9:7d:5c:25:c1:fd:4c:a5:7a:f3:18:25:a4:b0:8d:bc:b6:4a:
a0:86:7d:f3:55:5f:ca:f6:30:8b:cc:51:bb:a9:38:76:6d:8f:
19:aa:a1:9b:97:4e:14:c2:b0:66:69:a5:cf:bf:d3:0d:19:93:
44:a3:68:96
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUFB/JY264nxwuA8TOJLPqDznnCyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzEzNGVlOTg3ZTA4ZDhiNTU4M2ZlZWY2MjFhMDMxNTBj
NGYzNTQzNDAeFw0yNDA4MDgwOTQyMDlaFw0yNTA4MDcwOTQ3MDlaMDMxMTAvBgNV
BAMTKEQyOTkyM0FFMkQ4MUI5QzMwMUEyQTY4NzI4NEIxNTJCMkYyQjA1MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe8Gfl6XdRvIBvtEqcGcQ/2y8F
07J7wAE99HhkaJFdnUHvsk90uHBBapBDhPm1FsR6ygM8/gjVd0QXAD9Xyl5bzu5H
+ltykoqWPPHOyFn+0K+c7eHi2HX6NYwH6Usj0/cK1RMeymo1618OikkEiPh+K1mB
GuHQL2xPf23Yi6nYuy1FxGved6xSxsvDflFZ3NDQSZG7ezXmOo49C+Vrpj8GkQmM
IsOADzvVNrm/JTq+cVAstaRsCXpbQbz+geoP7BiUlEXNuxVzxAb5hdKOXPxOiYcs
5ATZNiQVuNG1N/xKwlzzVgj+9VikkAn9EXt8Ca6cP7oZv1dMP8n9bqzkirBhAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU0pkjri2BucMBoqaHKEsVKy8rBRowHwYDVR0j
BBgwFoAUMTTumH4I2LVYP+72IaAxUMTzVDQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWEzYmI5M2YtOThhNC00YzdlLWEwZTEtODA1N2E0ZjA4
NmM5LzAvMzEzNEVFOTg3RTA4RDhCNTU4M0ZFRUY2MjFBMDMxNTBDNEYzNTQzNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL01UVHVtSDRJMkxWWVAtNzJJYUF4VU1U
elZEUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWEzYmI5M2Yt
OThhNC00YzdlLWEwZTEtODA1N2E0ZjA4NmM5LzAvMzI2MTMxMzQzYTMxNjU2MzM3
M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzMTM1MzMzMTM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA
KhQexzANBgkqhkiG9w0BAQsFAAOCAQEAfzDhOrfV1o2XQHRQQ/rPXnfwB/o9E3X8
x9rxpwajuTez6jMPYDZ1Agnu5MgKdJ3WZoKHX8tmwjby7o9CjHz/i3Z/v1ooQ/u/
3RQpij/qPf7RsrzxbKVpAzrD5CD7zJKZvPYpUusfSjOT+aSbwQ5pM7x01i0yiNB0
g1tlWKyJqS9GEwIvek4dLtRJfaZyiK1xOzB2j3jzvEqxtbDK08a+WwkRLMCvkSKV
5aTfglA640ksu1s13xWcUhaV4l3PQDrhKNFg2S422X1cJcH9TKV68xglpLCNvLZK
oIZ981VfyvYwi8xRu6k4dm2PGaqhm5dOFMKwZmmlz7/TDRmTRKNolg==
-----END CERTIFICATE-----
Generated at Mon Sep 16 16:37:21 2024 by rpki-client on console-fra.rpki-client.org