Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a313430303a3a2f34302d3430203d3e20313939353832.roa
File: 326130353a646663313a313430303a3a2f34302d3430203d3e20313939353832.roa (raw, json)
Hash identifier: vwy6CLWzfnQxJauRBdkwQM6qjdRDEBN1rbKT2/RpydE=
Subject key identifier: 69:C2:03:AF:20:F6:3E:64:78:E8:84:E3:0C:3A:70:2D:53:A9:6A:E3
Certificate issuer: /CN=A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1
Certificate serial: 284A538ECD23A293C7AF32974C1D0EFB6CDAB524
Authority key identifier: A8:45:D8:47:B2:7C:18:D2:A8:C4:3F:47:ED:AA:EE:AB:5C:CC:0B:E1
Authority info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a313430303a3a2f34302d3430203d3e20313939353832.roa
Signing time: Fri 19 Jan 2024 17:47:25 +0000
ROA not before: Fri 19 Jan 2024 17:42:25 +0000
ROA not after: Fri 17 Jan 2025 17:47:25 +0000
asID: 199582
IP address blocks: 2a05:dfc1:1400::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 28 Mar 2024 22:34:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:4a:53:8e:cd:23:a2:93:c7:af:32:97:4c:1d:0e:fb:6c:da:b5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1
Validity
Not Before: Jan 19 17:42:25 2024 GMT
Not After : Jan 17 17:47:25 2025 GMT
Subject: CN=69C203AF20F63E6478E884E30C3A702D53A96AE3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:1b:de:eb:36:71:36:79:31:09:36:f6:d9:
4d:82:17:b9:2f:d0:4b:d1:86:a1:b1:2b:76:ca:58:
51:d1:b4:91:30:e9:2c:05:fd:0b:a9:7c:78:36:c2:
6b:ee:e3:8c:ea:64:9d:0c:d9:64:fe:f0:ea:d5:dd:
d5:86:03:b1:50:66:83:8c:fe:88:68:bd:44:fe:ac:
3b:08:57:30:00:f2:58:96:0b:7d:4f:3d:b4:56:8e:
cf:b5:ed:01:46:e9:a5:ed:78:e5:72:85:17:1d:cc:
27:b6:2a:21:b1:97:ff:4c:65:ca:8b:51:21:a1:50:
a3:3e:f2:d5:bd:a9:6f:8d:85:72:2f:ed:c8:8c:6a:
f3:a8:63:54:4a:4e:3a:3b:af:64:a7:46:16:1a:88:
9e:3c:97:a9:0a:82:3f:23:d0:74:df:71:68:d5:bd:
87:69:c2:31:e0:bc:91:03:96:1d:e6:2d:88:38:da:
8b:7e:f4:54:e8:4c:11:7b:a6:4f:9e:7b:f0:41:11:
7c:3e:b0:c6:47:d1:e4:61:9e:67:40:b0:55:c9:bd:
7f:34:13:a1:a9:c9:1b:44:e3:1c:16:0d:8c:cb:d5:
59:04:ae:7d:0a:1c:1c:c4:36:80:fb:e9:34:96:94:
bd:90:c1:2b:8f:e6:16:54:53:9d:83:b2:c8:35:6b:
e1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C2:03:AF:20:F6:3E:64:78:E8:84:E3:0C:3A:70:2D:53:A9:6A:E3
X509v3 Authority Key Identifier:
keyid:A8:45:D8:47:B2:7C:18:D2:A8:C4:3F:47:ED:AA:EE:AB:5C:CC:0B:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.crl
Authority Information Access:
CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a313430303a3a2f34302d3430203d3e20313939353832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:1400::/40
Signature Algorithm: sha256WithRSAEncryption
09:84:7e:19:00:ca:51:7f:ca:11:dc:f7:e9:de:f2:0a:3d:02:
fc:90:cd:e0:3b:32:29:7f:06:fd:76:e6:28:f7:49:4a:f0:8b:
63:cb:4f:8c:29:ed:51:b1:d4:18:5b:e5:88:95:08:8f:d7:ce:
bc:4a:50:d4:82:58:00:ce:db:c5:c1:51:58:8a:65:6d:11:81:
a5:86:dd:13:bb:57:44:8d:61:fd:1c:a4:a7:a0:97:bf:79:88:
fb:1a:68:8f:7d:6f:4c:c7:01:a5:b2:57:4e:42:3b:ce:69:0c:
0e:90:01:da:60:c0:9f:d7:9d:85:c5:a1:0c:24:df:31:f6:a8:
80:df:4b:4d:9b:f0:c6:76:67:5b:8b:2a:41:38:40:d0:68:1f:
b1:4f:69:83:a7:d7:bb:45:43:0f:b0:0a:31:5a:5b:36:e6:ea:
bb:6b:d4:3d:bf:36:a4:49:fb:d3:74:a3:6b:2f:c2:f4:87:a1:
7d:12:71:f6:ad:ee:37:8d:36:a8:2e:44:11:fc:ef:e9:6c:4c:
5d:cf:53:11:14:40:95:ca:27:9e:21:22:17:cd:79:5f:89:ba:
b4:d1:17:b4:7d:75:4c:6c:8a:4c:b8:ea:25:2d:cd:72:80:ee:
31:02:75:5f:88:f1:c4:10:94:3b:88:af:68:40:2b:88:6d:13:
35:1c:a3:86
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUKEpTjs0jopPHrzKXTB0O+2zatSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTg0NUQ4NDdCMjdDMThEMkE4QzQzRjQ3RURBQUVFQUI1
Q0NDMEJFMTAeFw0yNDAxMTkxNzQyMjVaFw0yNTAxMTcxNzQ3MjVaMDMxMTAvBgNV
BAMTKDY5QzIwM0FGMjBGNjNFNjQ3OEU4ODRFMzBDM0E3MDJENTNBOTZBRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4shve6zZxNnkxCTb22U2CF7kv
0EvRhqGxK3bKWFHRtJEw6SwF/QupfHg2wmvu44zqZJ0M2WT+8OrV3dWGA7FQZoOM
/ohovUT+rDsIVzAA8liWC31PPbRWjs+17QFG6aXteOVyhRcdzCe2KiGxl/9MZcqL
USGhUKM+8tW9qW+NhXIv7ciMavOoY1RKTjo7r2SnRhYaiJ48l6kKgj8j0HTfcWjV
vYdpwjHgvJEDlh3mLYg42ot+9FToTBF7pk+ee/BBEXw+sMZH0eRhnmdAsFXJvX80
E6GpyRtE4xwWDYzL1VkErn0KHBzENoD76TSWlL2QwSuP5hZUU52Dssg1a+GvAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQUacIDryD2PmR46ITjDDpwLVOpauMwHwYDVR0j
BBgwFoAUqEXYR7J8GNKoxD9H7aruq1zMC+EwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWQyMGJlNGMtOGRiMy00NWUxLTgxNjktMGYyZTQwODQx
MzJjLzEvQTg0NUQ4NDdCMjdDMThEMkE4QzQzRjQ3RURBQUVFQUI1Q0NDMEJFMS5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0E4NDVEODQ3QjI3QzE4
RDJBOEM0M0Y0N0VEQUFFRUFCNUNDQzBCRTEuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzFkMjBiZTRjLThkYjMtNDVlMS04MTY5LTBmMmU0MDg0MTMy
Yy8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzEzNDMwMzAzYTNhMmYzNDMwMmQzNDMw
MjAzZDNlMjAzMTM5MzkzNTM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqBd/BFDANBgkqhkiG9w0B
AQsFAAOCAQEACYR+GQDKUX/KEdz36d7yCj0C/JDN4DsyKX8G/XbmKPdJSvCLY8tP
jCntUbHUGFvliJUIj9fOvEpQ1IJYAM7bxcFRWIplbRGBpYbdE7tXRI1h/Rykp6CX
v3mI+xpoj31vTMcBpbJXTkI7zmkMDpAB2mDAn9edhcWhDCTfMfaogN9LTZvwxnZn
W4sqQThA0GgfsU9pg6fXu0VDD7AKMVpbNubqu2vUPb82pEn703Sjay/C9IehfRJx
9q3uN402qC5EEfzv6WxMXc9TERRAlconniEiF815X4m6tNEXtH11TGyKTLjqJS3N
coDuMQJ1X4jxxBCUO4ivaEAriG0TNRyjhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org