Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a336630303a3a2f34302d3430203d3e20323039383036.roa
File: 326130353a646663313a336630303a3a2f34302d3430203d3e20323039383036.roa (raw, json)
Hash identifier: l7COzYAD9XwoajN5r6rv45wg+MhgIqd/lKBtYQ9/SeU=
Subject key identifier: EB:9D:96:B6:C3:C6:06:F3:7E:1B:02:C5:59:53:0F:83:A0:9A:55:CC
Certificate issuer: /CN=A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1
Certificate serial: 011D4707F15F85ED76129E2948054E7C620FA11D
Authority key identifier: A8:45:D8:47:B2:7C:18:D2:A8:C4:3F:47:ED:AA:EE:AB:5C:CC:0B:E1
Authority info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a336630303a3a2f34302d3430203d3e20323039383036.roa
Signing time: Thu 11 Jan 2024 14:38:54 +0000
ROA not before: Thu 11 Jan 2024 14:33:54 +0000
ROA not after: Thu 09 Jan 2025 14:38:54 +0000
asID: 209806
IP address blocks: 2a05:dfc1:3f00::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 12 Jan 2024 22:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:1d:47:07:f1:5f:85:ed:76:12:9e:29:48:05:4e:7c:62:0f:a1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1
Validity
Not Before: Jan 11 14:33:54 2024 GMT
Not After : Jan 9 14:38:54 2025 GMT
Subject: CN=EB9D96B6C3C606F37E1B02C559530F83A09A55CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2c:2e:7f:cf:2f:2a:b9:7d:57:43:4a:2e:21:
9f:2a:3e:40:f4:92:55:cd:8d:e2:e1:c8:11:20:b0:
b0:ed:c6:21:be:7c:f5:b3:d1:ad:26:ff:45:5c:77:
38:76:5d:2a:d0:6c:eb:ac:b2:fb:fd:58:6b:fa:cd:
1e:00:31:99:37:7f:37:89:e2:71:ef:e1:df:57:2a:
dc:57:db:fe:01:51:a1:c7:34:fb:1f:59:29:01:7d:
27:8f:67:c0:ff:80:42:ef:62:d1:c0:b2:a3:84:e9:
f3:9b:a8:21:df:7a:8e:04:2d:1c:0b:58:7d:0e:ad:
b2:a9:78:8c:86:1f:2a:86:42:dd:a5:39:fa:6c:1f:
f7:5e:09:4c:2e:78:90:de:75:4c:5b:5f:a4:e2:72:
94:22:c5:5e:ac:91:9c:61:4e:61:45:7d:65:9b:49:
88:5d:88:f3:ce:d3:71:6c:a1:78:91:33:e5:c5:72:
c4:08:66:47:ed:ec:e1:6f:4a:eb:47:91:a1:b8:33:
cf:98:dc:e5:fa:b7:a1:95:6e:fc:fa:e6:9a:4d:f7:
0a:d9:32:fe:8f:7c:67:3f:fe:28:77:d4:32:a3:cc:
c7:06:bb:93:ee:44:3e:1b:6e:f3:47:22:4c:59:24:
fb:21:f4:80:bc:95:da:3f:e1:9d:5e:8c:fd:d9:99:
91:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9D:96:B6:C3:C6:06:F3:7E:1B:02:C5:59:53:0F:83:A0:9A:55:CC
X509v3 Authority Key Identifier:
keyid:A8:45:D8:47:B2:7C:18:D2:A8:C4:3F:47:ED:AA:EE:AB:5C:CC:0B:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.crl
Authority Information Access:
CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/A845D847B27C18D2A8C43F47EDAAEEAB5CCC0BE1.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1d20be4c-8db3-45e1-8169-0f2e4084132c/1/326130353a646663313a336630303a3a2f34302d3430203d3e20323039383036.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:3f00::/40
Signature Algorithm: sha256WithRSAEncryption
4f:04:64:69:40:d1:55:19:bf:a1:78:cf:73:44:6c:e9:de:fa:
b1:1c:f6:5e:99:2e:5b:1f:1a:ea:53:79:34:a8:43:60:82:35:
c4:dd:93:0c:9b:bc:0e:74:39:f2:55:9a:cd:49:a2:02:e1:57:
ee:44:1f:e7:6a:48:ba:b7:fb:cc:ef:63:e8:ac:0c:af:4f:1e:
f7:47:94:60:31:da:f9:42:a1:73:ab:67:ea:81:bd:b4:cd:12:
3a:c7:7a:9f:8a:80:b1:f0:d5:77:21:a9:52:f6:85:2c:ad:60:
76:4e:31:17:87:22:e3:0f:d5:70:03:4e:f7:fa:0a:02:a1:ac:
5c:74:01:60:de:b6:14:4a:4c:44:4b:e9:87:8b:4d:6f:71:93:
a4:75:f7:18:76:01:69:b4:b6:87:48:4c:9c:a9:56:e1:bb:9e:
e5:85:11:e0:72:e8:5d:b8:3a:86:59:66:e6:47:81:fd:20:ff:
b5:ef:36:76:c6:2f:04:05:75:46:23:16:bb:c4:8e:7d:8d:fb:
e2:b6:1a:a1:1d:26:66:67:14:44:5b:a1:c8:cc:42:21:d3:02:
a4:be:00:ee:65:38:10:8d:17:04:6c:92:28:b2:23:df:99:48:
8b:1e:39:e5:8b:94:65:4c:51:e7:e9:a5:3e:d9:67:cf:9d:d2:
71:3b:3c:c8
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIUAR1HB/Ffhe12Ep4pSAVOfGIPoR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTg0NUQ4NDdCMjdDMThEMkE4QzQzRjQ3RURBQUVFQUI1
Q0NDMEJFMTAeFw0yNDAxMTExNDMzNTRaFw0yNTAxMDkxNDM4NTRaMDMxMTAvBgNV
BAMTKEVCOUQ5NkI2QzNDNjA2RjM3RTFCMDJDNTU5NTMwRjgzQTA5QTU1Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpLC5/zy8quX1XQ0ouIZ8qPkD0
klXNjeLhyBEgsLDtxiG+fPWz0a0m/0Vcdzh2XSrQbOussvv9WGv6zR4AMZk3fzeJ
4nHv4d9XKtxX2/4BUaHHNPsfWSkBfSePZ8D/gELvYtHAsqOE6fObqCHfeo4ELRwL
WH0OrbKpeIyGHyqGQt2lOfpsH/deCUwueJDedUxbX6TicpQixV6skZxhTmFFfWWb
SYhdiPPO03FsoXiRM+XFcsQIZkft7OFvSutHkaG4M8+Y3OX6t6GVbvz65ppN9wrZ
Mv6PfGc//ih31DKjzMcGu5PuRD4bbvNHIkxZJPsh9IC8ldo/4Z1ejP3ZmZHXAgMB
AAGjggJfMIICWzAdBgNVHQ4EFgQU652WtsPGBvN+GwLFWVMPg6CaVcwwHwYDVR0j
BBgwFoAUqEXYR7J8GNKoxD9H7aruq1zMC+EwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWQyMGJlNGMtOGRiMy00NWUxLTgxNjktMGYyZTQwODQx
MzJjLzEvQTg0NUQ4NDdCMjdDMThEMkE4QzQzRjQ3RURBQUVFQUI1Q0NDMEJFMS5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0E4NDVEODQ3QjI3QzE4
RDJBOEM0M0Y0N0VEQUFFRUFCNUNDQzBCRTEuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzFkMjBiZTRjLThkYjMtNDVlMS04MTY5LTBmMmU0MDg0MTMy
Yy8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzM2NjMwMzAzYTNhMmYzNDMwMmQzNDMw
MjAzZDNlMjAzMjMwMzkzODMwMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqBd/BPzANBgkqhkiG9w0B
AQsFAAOCAQEATwRkaUDRVRm/oXjPc0Rs6d76sRz2XpkuWx8a6lN5NKhDYII1xN2T
DJu8DnQ58lWazUmiAuFX7kQf52pIurf7zO9j6KwMr08e90eUYDHa+UKhc6tn6oG9
tM0SOsd6n4qAsfDVdyGpUvaFLK1gdk4xF4ci4w/VcANO9/oKAqGsXHQBYN62FEpM
REvph4tNb3GTpHX3GHYBabS2h0hMnKlW4bue5YUR4HLoXbg6hllm5keB/SD/te82
dsYvBAV1RiMWu8SOfY374rYaoR0mZmcURFuhyMxCIdMCpL4A7mU4EI0XBGySKLIj
35lIix455YuUZUxR5+mlPtlnz53ScTs8yA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org