Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203136353039.roa
File: 38352e3230392e3232382e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: YJGA1sewpHn9nxHdDYa6tP+ZodC7SJbpU4GGOmkl8UI=
Subject key identifier: 14:0B:BC:30:E1:CE:0C:F3:24:0F:0D:F4:C4:FB:B7:89:D8:C2:B0:15
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 6CA4F1D7FE69092311AE964B9220364272A3EA13
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203136353039.roa
Signing time: Thu 09 Nov 2023 13:55:52 +0000
ROA not before: Thu 09 Nov 2023 13:50:52 +0000
ROA not after: Thu 07 Nov 2024 13:55:52 +0000
asID: 16509
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:a4:f1:d7:fe:69:09:23:11:ae:96:4b:92:20:36:42:72:a3:ea:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Nov 9 13:50:52 2023 GMT
Not After : Nov 7 13:55:52 2024 GMT
Subject: CN=140BBC30E1CE0CF3240F0DF4C4FBB789D8C2B015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:68:0b:0c:63:05:d2:6f:a2:ac:f5:e5:28:82:
52:12:63:11:88:d6:09:c3:38:6f:56:0d:4d:0c:d0:
9e:e2:0d:9b:75:90:d9:7c:07:a1:6f:f3:04:55:3a:
22:2c:71:b7:f8:55:2c:6b:93:3b:3a:b3:da:59:44:
78:04:98:cf:85:7e:67:d2:07:ae:45:14:26:fc:98:
0a:8e:98:55:88:6b:e3:5a:4d:1a:6e:5a:43:66:9c:
ac:8d:b4:69:09:2f:9d:71:96:24:9f:3d:74:d3:0b:
1c:42:97:72:d7:88:ce:a2:9e:cd:7c:b0:6e:2f:46:
f3:0a:0d:8c:8a:f6:0a:e5:3f:d4:51:34:63:83:7b:
3b:b1:ee:b8:f7:5e:a6:48:df:69:94:3a:9e:92:bb:
6c:96:0d:8a:a4:94:a3:1f:ae:a9:04:19:09:fc:fd:
13:cd:29:b8:b3:1a:f1:e1:f8:a6:51:49:3c:88:60:
72:ca:20:16:f9:6d:91:e2:8b:d7:61:9d:26:7e:e7:
62:a4:33:f7:50:b5:e2:a0:41:bc:54:d9:95:4c:e3:
10:23:9a:2c:03:b5:51:f1:2b:e7:e6:9b:01:db:7d:
7a:2d:d8:36:73:a8:c3:20:50:5d:48:26:ca:25:8b:
d0:42:bc:ed:ce:37:65:87:6e:b9:63:05:ec:15:73:
79:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:0B:BC:30:E1:CE:0C:F3:24:0F:0D:F4:C4:FB:B7:89:D8:C2:B0:15
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
36:5d:bd:40:0d:0d:ba:0a:3f:b1:bd:95:0d:21:e3:e4:e6:f4:
e4:fd:c6:9c:bc:4a:fe:b4:83:21:dd:a6:90:45:55:8b:10:63:
5d:a0:2e:95:96:5f:f4:50:d3:a2:e2:26:62:6f:06:a4:15:1d:
61:0a:36:5c:39:17:93:8e:2b:ac:23:a2:0a:2c:73:10:31:a1:
1b:44:29:37:d0:59:dc:57:27:07:1d:c9:ad:19:56:1e:97:21:
34:39:62:c8:6e:3c:e4:ed:b5:10:47:84:2f:d1:cd:f0:02:ca:
ee:2d:1a:4c:05:87:50:82:21:23:fc:3b:9b:e3:c4:80:b1:2b:
bf:5a:0a:e8:f3:8b:09:28:af:36:99:b6:88:b4:e8:69:b3:3f:
de:5a:fc:eb:94:30:63:a6:74:bf:35:98:b2:9f:ad:3a:d1:8d:
33:1d:58:04:69:be:38:9d:67:26:e3:76:76:91:cc:0c:1e:ef:
0b:aa:2a:52:78:ac:04:e9:1f:83:3d:a8:dc:be:d6:6d:3d:93:
f0:3b:5d:d3:71:df:d0:43:54:77:14:4d:6f:65:42:e0:90:7f:
55:22:97:6e:b3:3a:35:7d:6d:91:e5:62:2c:36:83:16:1d:06:
95:b6:d4:73:09:f6:85:06:1e:b1:86:78:01:22:10:05:89:15:
44:2e:96:8b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbKTx1/5pCSMRrpZLkiA2QnKj6hMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzExMDkxMzUwNTJaFw0yNDExMDcxMzU1NTJaMDMxMTAvBgNV
BAMTKDE0MEJCQzMwRTFDRTBDRjMyNDBGMERGNEM0RkJCNzg5RDhDMkIwMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMaAsMYwXSb6Ks9eUoglISYxGI
1gnDOG9WDU0M0J7iDZt1kNl8B6Fv8wRVOiIscbf4VSxrkzs6s9pZRHgEmM+FfmfS
B65FFCb8mAqOmFWIa+NaTRpuWkNmnKyNtGkJL51xliSfPXTTCxxCl3LXiM6ins18
sG4vRvMKDYyK9grlP9RRNGODezux7rj3XqZI32mUOp6Su2yWDYqklKMfrqkEGQn8
/RPNKbizGvHh+KZRSTyIYHLKIBb5bZHii9dhnSZ+52KkM/dQteKgQbxU2ZVM4xAj
miwDtVHxK+fmmwHbfXot2DZzqMMgUF1IJsoli9BCvO3ON2WHbrljBewVc3lrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFAu8MOHODPMkDw30xPu3idjCsBUwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHkMA0GCSqGSIb3DQEBCwUAA4IBAQA2Xb1ADQ26Cj+xvZUNIePk5vTk/cacvEr+
tIMh3aaQRVWLEGNdoC6Vll/0UNOi4iZibwakFR1hCjZcOReTjiusI6IKLHMQMaEb
RCk30FncVycHHcmtGVYelyE0OWLIbjzk7bUQR4Qv0c3wAsruLRpMBYdQgiEj/Dub
48SAsSu/Wgro84sJKK82mbaItOhpsz/eWvzrlDBjpnS/NZiyn6060Y0zHVgEab44
nWcm43Z2kcwMHu8LqipSeKwE6R+DPajcvtZtPZPwO13Tcd/QQ1R3FE1vZULgkH9V
Ipduszo1fW2R5WIsNoMWHQaVttRzCfaFBh6xhngBIhAFiRVELpaL
-----END CERTIFICATE-----
Generated at Fri Feb 9 03:28:08 2024 by rpki-client on console-ams.rpki-client.org