Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231392e302f32342d3234203d3e20313336353537.roa
File: 34352e382e3231392e302f32342d3234203d3e20313336353537.roa (raw, json)
Hash identifier: GF7nE5QCYldeS0nhmdmk7RgGfoIqh8LsKwQnIP6Ictw=
Subject key identifier: BA:1E:24:47:7F:5D:5D:05:87:DC:3E:CB:51:83:B5:D3:C5:A7:94:0B
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 408EB81CCC6BA7EDB53960E6D8C12D0F308FA1F9
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231392e302f32342d3234203d3e20313336353537.roa
Signing time: Fri 20 Jan 2023 07:44:18 +0000
ROA not before: Fri 20 Jan 2023 07:39:18 +0000
ROA not after: Fri 19 Jan 2024 07:44:18 +0000
asID: 136557
IP address blocks: 45.8.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:8e:b8:1c:cc:6b:a7:ed:b5:39:60:e6:d8:c1:2d:0f:30:8f:a1:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 20 07:39:18 2023 GMT
Not After : Jan 19 07:44:18 2024 GMT
Subject: CN=BA1E24477F5D5D0587DC3ECB5183B5D3C5A7940B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:82:fb:56:83:ff:af:be:0f:8b:f9:22:42:b3:
c6:63:96:b0:d8:35:62:cd:70:d7:89:0e:b9:8d:cd:
99:a6:2b:33:76:48:94:db:0e:e2:cd:11:c8:e0:cc:
6d:28:2d:2b:d1:8d:de:15:9d:23:18:15:33:79:79:
13:4f:9a:3f:af:03:3b:fe:10:10:6c:e1:2d:12:c3:
41:5d:14:f1:28:d6:33:f7:b6:27:3e:ed:6e:d5:fc:
ee:cc:fe:6c:1d:41:a9:09:16:d3:a5:60:ff:37:9a:
09:1b:f7:ee:24:15:93:4e:8e:3f:83:cd:25:1b:84:
b0:ae:12:b2:85:c2:de:99:f5:72:d0:17:23:8e:fe:
5b:29:ff:44:2d:f9:fa:fc:9c:11:35:56:a1:3d:fe:
e4:4d:9d:ed:59:05:1d:49:b3:44:6e:1e:aa:a8:ca:
b1:ba:33:06:b9:31:18:67:89:37:03:92:76:0e:6b:
73:02:19:6d:c2:7a:fa:82:d7:6a:c6:2c:15:69:a6:
cb:54:eb:d2:38:66:1a:63:b9:83:c4:27:8a:13:83:
28:83:34:7f:0a:c8:dc:c3:7a:a1:ad:b6:bd:e1:ca:
bc:ab:ea:fd:d3:08:85:d6:d1:78:88:42:2b:4b:f5:
c3:b1:d0:bd:ca:1e:74:46:22:4d:50:67:e1:2a:cd:
37:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1E:24:47:7F:5D:5D:05:87:DC:3E:CB:51:83:B5:D3:C5:A7:94:0B
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231392e302f32342d3234203d3e20313336353537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.219.0/24
Signature Algorithm: sha256WithRSAEncryption
63:28:59:f6:e9:f9:7d:40:ed:ef:f2:e2:aa:4f:69:40:d6:40:
86:59:6f:dc:11:28:23:bd:4d:d7:e8:83:2e:e5:e5:b1:88:76:
64:3e:5b:99:52:62:67:5c:ca:b1:51:ca:87:77:65:13:e9:b9:
3c:69:0e:43:50:b1:5e:ea:fa:e7:c4:50:f9:dc:fc:07:6d:69:
de:7b:37:ee:2a:18:b0:b6:13:32:56:e3:3f:93:a6:e3:a9:4a:
38:fd:50:f3:c5:cb:9a:61:fc:98:6a:1a:06:4f:da:8d:8a:82:
49:07:69:a7:e8:8a:9f:5c:0f:58:ad:8d:09:dc:ea:a6:61:e0:
fe:99:32:4f:bb:20:36:20:44:61:07:04:8e:71:ce:16:95:ff:
10:76:f0:93:94:1b:89:20:f9:e9:58:8c:40:f1:f7:12:b6:24:
70:76:a7:30:d2:f9:14:d3:0c:61:a5:6a:e4:04:1e:94:e9:15:
17:05:3f:19:bd:16:c2:eb:02:ee:d4:9b:f7:c8:2c:ab:15:92:
6d:4b:a1:c2:15:93:3d:f9:2c:a8:0f:02:19:a4:bc:97:b2:3c:
58:b7:b3:cc:f1:e2:37:2c:32:4e:d9:a0:25:96:66:ac:b8:55:
d6:ec:d2:c9:c5:55:06:4f:7c:bc:9e:cf:41:a4:e1:70:89:ee:
1e:a5:68:77
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQI64HMxrp+21OWDm2MEtDzCPofkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjAwNzM5MThaFw0yNDAxMTkwNzQ0MThaMDMxMTAvBgNV
BAMTKEJBMUUyNDQ3N0Y1RDVEMDU4N0RDM0VDQjUxODNCNUQzQzVBNzk0MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDigvtWg/+vvg+L+SJCs8ZjlrDY
NWLNcNeJDrmNzZmmKzN2SJTbDuLNEcjgzG0oLSvRjd4VnSMYFTN5eRNPmj+vAzv+
EBBs4S0Sw0FdFPEo1jP3tic+7W7V/O7M/mwdQakJFtOlYP83mgkb9+4kFZNOjj+D
zSUbhLCuErKFwt6Z9XLQFyOO/lsp/0Qt+fr8nBE1VqE9/uRNne1ZBR1Js0RuHqqo
yrG6Mwa5MRhniTcDknYOa3MCGW3CevqC12rGLBVppstU69I4ZhpjuYPEJ4oTgyiD
NH8KyNzDeqGttr3hyryr6v3TCIXW0XiIQitL9cOx0L3KHnRGIk1QZ+EqzTepAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUuh4kR39dXQWH3D7LUYO108WnlAswHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM1MzUzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2zANBgkqhkiG9w0BAQsFAAOCAQEAYyhZ9un5fUDt7/Liqk9pQNZAhllv3BEoI71N
1+iDLuXlsYh2ZD5bmVJiZ1zKsVHKh3dlE+m5PGkOQ1CxXur658RQ+dz8B21p3ns3
7ioYsLYTMlbjP5Om46lKOP1Q88XLmmH8mGoaBk/ajYqCSQdpp+iKn1wPWK2NCdzq
pmHg/pkyT7sgNiBEYQcEjnHOFpX/EHbwk5QbiSD56ViMQPH3ErYkcHanMNL5FNMM
YaVq5AQelOkVFwU/Gb0WwusC7tSb98gsqxWSbUuhwhWTPfksqA8CGaS8l7I8WLez
zPHiNywyTtmgJZZmrLhV1uzSycVVBk98vJ7PQaThcInuHqVodw==
-----END CERTIFICATE-----
Generated at Thu Oct 5 00:28:23 2023 by rpki-client on console-fra.rpki-client.org