Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562653a3a2f34372d3438203d3e203136353039.roa
File: 326131313a323963303a396562653a3a2f34372d3438203d3e203136353039.roa (raw, json)
Hash identifier: +Gy89ybA1Z02ZVk1Qb4p4nTUf+b8bekfP/lbqOu4QMw=
Subject key identifier: AD:78:B2:45:51:91:F4:60:B2:FC:96:FC:E2:34:56:ED:B5:A1:31:3C
Certificate issuer: /CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Certificate serial: 1E29BD57704206483958C51924559A92EF599CB7
Authority key identifier: 32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562653a3a2f34372d3438203d3e203136353039.roa
Signing time: Tue 30 Jan 2024 06:33:22 +0000
ROA not before: Tue 30 Jan 2024 06:28:22 +0000
ROA not after: Tue 28 Jan 2025 06:33:22 +0000
asID: 16509
IP address blocks: 2a11:29c0:9ebe::/47 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Jun 2024 00:39:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:29:bd:57:70:42:06:48:39:58:c5:19:24:55:9a:92:ef:59:9c:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Validity
Not Before: Jan 30 06:28:22 2024 GMT
Not After : Jan 28 06:33:22 2025 GMT
Subject: CN=AD78B2455191F460B2FC96FCE23456EDB5A1313C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0b:30:50:6e:60:95:5b:2b:03:02:7b:ba:3f:
01:08:ce:10:b3:cd:b1:43:be:4a:f0:74:56:11:ca:
23:ec:38:62:fd:1d:d1:01:93:9e:ed:6a:60:06:91:
35:75:79:0a:cf:68:f4:d4:ab:ba:a8:97:a5:82:aa:
9d:2e:62:a5:ae:c1:34:51:06:78:2d:24:9a:05:81:
c5:a7:9a:03:b7:10:2b:06:98:04:f0:16:b3:1e:22:
78:96:96:7e:64:7a:4f:39:54:26:7c:56:59:94:6f:
6c:6e:00:98:ae:20:38:56:dd:b0:9a:fa:27:09:4c:
1c:52:3c:10:7d:44:73:17:da:23:6d:b8:1b:86:f3:
97:15:58:2a:c5:5e:1b:07:51:62:58:42:02:d1:d2:
a4:ad:71:33:cd:64:0c:23:f3:43:2f:2b:18:c4:61:
55:d4:03:c1:2e:2b:8c:60:d2:1c:34:96:f3:12:b5:
dd:72:05:fd:65:ff:fb:5b:7a:b1:f8:e7:bf:f6:29:
96:9a:fe:55:3f:ec:34:f4:ac:6e:e6:b7:2d:67:57:
5e:bd:f7:bd:8c:63:77:4a:85:3b:08:55:df:75:ff:
7e:8f:e2:cb:9e:57:4d:af:75:8a:46:be:8a:32:9f:
51:38:27:40:77:6c:d9:65:9c:e4:85:59:59:73:8c:
fe:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:78:B2:45:51:91:F4:60:B2:FC:96:FC:E2:34:56:ED:B5:A1:31:3C
X509v3 Authority Key Identifier:
keyid:32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562653a3a2f34372d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9ebe::/47
Signature Algorithm: sha256WithRSAEncryption
9e:eb:f8:ba:04:8f:4b:c2:52:c1:bf:94:de:a1:36:7c:c1:3c:
1b:a7:66:12:c5:5c:ce:b0:d1:0d:7d:6c:fd:d2:53:10:82:63:
98:a7:1e:2b:c2:96:55:67:0f:02:c7:c0:12:1a:a3:b5:c3:e9:
eb:f6:d8:09:a2:cd:48:e2:0c:9d:50:02:d9:9f:51:94:55:51:
c1:9f:4f:e9:4e:8b:b3:f7:ba:a1:54:73:82:90:b7:f0:79:ed:
c0:dd:ee:34:75:57:95:41:c5:2b:8d:27:7b:3b:e5:10:11:db:
93:9a:74:04:8e:a9:f9:c5:7a:a0:c0:6f:bb:07:d8:8d:27:78:
6f:fe:67:d0:7a:5a:e9:ef:f2:e6:9a:cb:22:cf:5f:35:01:bd:
e5:d9:2f:6a:80:27:d6:02:64:fe:c8:19:21:69:64:12:ce:ed:
a9:48:87:49:a5:3f:6c:0d:ef:09:d3:60:cc:86:8e:a9:d0:71:
99:94:17:6d:a5:c1:ca:b1:38:e8:a2:79:ae:02:16:d0:24:22:
ee:16:92:7b:57:4a:d9:97:f8:3e:27:de:7c:94:fc:9d:64:d5:
7c:a8:e7:29:50:34:6e:b8:41:a2:12:73:78:32:12:a7:ba:67:
8d:e8:59:c0:a8:10:5a:88:15:ef:46:58:3e:40:ec:26:a4:45:
61:2a:c2:f2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUHim9V3BCBkg5WMUZJFWaku9ZnLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVC
NEQxQjBDNDAeFw0yNDAxMzAwNjI4MjJaFw0yNTAxMjgwNjMzMjJaMDMxMTAvBgNV
BAMTKEFENzhCMjQ1NTE5MUY0NjBCMkZDOTZGQ0UyMzQ1NkVEQjVBMTMxM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8CzBQbmCVWysDAnu6PwEIzhCz
zbFDvkrwdFYRyiPsOGL9HdEBk57tamAGkTV1eQrPaPTUq7qol6WCqp0uYqWuwTRR
BngtJJoFgcWnmgO3ECsGmATwFrMeIniWln5kek85VCZ8VlmUb2xuAJiuIDhW3bCa
+icJTBxSPBB9RHMX2iNtuBuG85cVWCrFXhsHUWJYQgLR0qStcTPNZAwj80MvKxjE
YVXUA8EuK4xg0hw0lvMStd1yBf1l//tberH457/2KZaa/lU/7DT0rG7mty1nV169
972MY3dKhTsIVd91/36P4sueV02vdYpGvooyn1E4J0B3bNllnOSFWVlzjP4tAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUrXiyRVGR9GCy/Jb84jRW7bWhMTwwHwYDVR0j
BBgwFoAUMjmKFAahwdMjymPLMg/9HrTRsMQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzgvMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVCNEQxQjBDNC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjM5OEExNDA2QTFDMUQzMjNDQTYzQ0Iz
MjBGRkQxRUI0RDFCMEM0LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xYmY4ZTk3Ny03Mjc4LTQ2Y2YtYWJkMS05OWNkMWZkMmJlNGUvOC8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5NjU2MjY1M2EzYTJmMzQzNzJkMzQzODIwM2QzZTIwMzEz
NjM1MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHASoRKcCevjANBgkqhkiG9w0BAQsFAAOCAQEAnuv4
ugSPS8JSwb+U3qE2fME8G6dmEsVczrDRDX1s/dJTEIJjmKceK8KWVWcPAsfAEhqj
tcPp6/bYCaLNSOIMnVAC2Z9RlFVRwZ9P6U6Ls/e6oVRzgpC38HntwN3uNHVXlUHF
K40nezvlEBHbk5p0BI6p+cV6oMBvuwfYjSd4b/5n0Hpa6e/y5prLIs9fNQG95dkv
aoAn1gJk/sgZIWlkEs7tqUiHSaU/bA3vCdNgzIaOqdBxmZQXbaXByrE46KJ5rgIW
0CQi7haSe1dK2Zf4PifefJT8nWTVfKjnKVA0brhBohJzeDISp7pnjehZwKgQWogV
70ZYPkDsJqRFYSrC8g==
-----END CERTIFICATE-----
Generated at Sat Jun 22 03:57:34 2024 by rpki-client on console-ams.rpki-client.org