Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20313937373839.roa
File: 38352e3230392e3232382e302f32342d3234203d3e20313937373839.roa (raw, json)
Hash identifier: pBkudOqCk/pTA62PA34o4bBvMX3uah5jHQ5I6KAmEsQ=
Subject key identifier: 01:5C:BC:41:F1:C7:51:ED:C8:A4:D3:56:12:C6:E0:10:40:CF:FA:A9
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 358375C0855A7BB427E9DBBD70CA9F1565E7D501
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20313937373839.roa
Signing time: Thu 28 Sep 2023 18:43:38 +0000
ROA not before: Thu 28 Sep 2023 18:38:38 +0000
ROA not after: Thu 26 Sep 2024 18:43:38 +0000
asID: 197789
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Oct 2023 07:30:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:83:75:c0:85:5a:7b:b4:27:e9:db:bd:70:ca:9f:15:65:e7:d5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Sep 28 18:38:38 2023 GMT
Not After : Sep 26 18:43:38 2024 GMT
Subject: CN=015CBC41F1C751EDC8A4D35612C6E01040CFFAA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ca:83:8c:9c:56:88:eb:5d:7b:95:b6:bf:52:
d0:05:46:c2:a3:87:86:9a:27:31:dd:fa:4f:f8:a3:
35:ce:68:df:04:bd:3c:76:f6:01:49:b7:6f:fc:1c:
c4:61:af:ba:d7:35:b7:f3:15:d5:ff:4a:a3:59:d9:
e4:5c:4a:cb:e7:af:8e:e2:f2:e8:0c:5b:7e:d1:75:
23:e6:fd:7d:5e:78:78:f6:9e:da:e9:42:ac:0e:09:
f4:e7:82:98:84:fa:8b:d7:75:6c:d4:82:26:a8:54:
95:4f:2c:a6:30:5b:56:7e:be:fa:74:27:03:2b:e7:
89:2f:e9:db:53:a7:88:13:e0:39:32:21:be:8f:90:
eb:84:58:13:c0:c4:f2:3c:46:e0:59:b9:3c:6d:50:
70:61:45:4e:3c:21:30:e3:37:e6:5d:c3:48:e0:dd:
02:e2:43:9c:89:1f:e0:e4:43:ff:a4:5a:fb:b2:ac:
9e:fc:44:74:83:f7:e7:a1:69:69:95:67:96:4e:b2:
ff:73:77:59:dc:17:fb:59:04:34:a1:86:e7:34:d3:
08:a8:84:ed:58:37:65:e4:b1:c2:a1:2d:e1:56:9b:
3f:b2:2b:fe:64:8d:7a:b9:23:10:e0:9d:30:67:5e:
c6:ef:63:eb:c4:20:9e:70:40:d0:1b:42:29:b0:06:
21:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5C:BC:41:F1:C7:51:ED:C8:A4:D3:56:12:C6:E0:10:40:CF:FA:A9
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20313937373839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c3:96:4f:b0:f6:ce:30:f1:f7:b7:34:74:26:26:55:aa:eb:
95:0a:6b:ea:9e:4c:c8:2f:0f:0c:15:2b:61:ad:a9:7d:5b:30:
cb:fc:a3:a8:d3:4a:76:35:fd:3a:6e:ab:56:a2:ad:fc:aa:e4:
22:d4:f8:cd:29:62:f6:4c:7a:53:b6:45:08:dd:d0:2a:cb:3e:
16:ad:47:97:98:55:65:f8:08:fe:48:4c:1c:de:cc:9f:53:e1:
58:ca:fc:7c:26:4b:59:3a:dd:a4:4b:96:ff:00:fc:06:72:1c:
9f:25:74:05:56:0d:0f:13:52:b1:bf:ff:15:50:aa:8b:28:67:
03:60:47:c5:08:b8:d4:b4:cd:9b:40:18:11:fd:9a:9b:6f:0f:
91:5b:6f:fe:9b:9d:f3:f9:5e:82:ef:69:6f:a7:55:fd:de:90:
a5:12:67:97:1a:37:37:ff:50:df:a2:07:e8:20:73:74:37:49:
2a:e3:85:ef:ba:39:4d:2d:52:5e:48:f5:7a:12:4b:33:71:a4:
30:5d:1e:e0:d1:23:1d:0c:9e:6a:9f:ab:11:57:0e:56:20:2d:
96:77:3d:41:54:13:30:c6:b2:c5:82:b0:7e:f4:11:12:18:fd:
0f:8e:92:09:46:f6:0e:9e:f8:9a:76:15:de:45:10:6e:0b:46:
d6:62:7f:bb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNYN1wIVae7Qn6du9cMqfFWXn1QEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzA5MjgxODM4MzhaFw0yNDA5MjYxODQzMzhaMDMxMTAvBgNV
BAMTKDAxNUNCQzQxRjFDNzUxRURDOEE0RDM1NjEyQzZFMDEwNDBDRkZBQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgyoOMnFaI6117lba/UtAFRsKj
h4aaJzHd+k/4ozXOaN8EvTx29gFJt2/8HMRhr7rXNbfzFdX/SqNZ2eRcSsvnr47i
8ugMW37RdSPm/X1eeHj2ntrpQqwOCfTngpiE+ovXdWzUgiaoVJVPLKYwW1Z+vvp0
JwMr54kv6dtTp4gT4DkyIb6PkOuEWBPAxPI8RuBZuTxtUHBhRU48ITDjN+Zdw0jg
3QLiQ5yJH+DkQ/+kWvuyrJ78RHSD9+ehaWmVZ5ZOsv9zd1ncF/tZBDShhuc00wio
hO1YN2XkscKhLeFWmz+yK/5kjXq5IxDgnTBnXsbvY+vEIJ5wQNAbQimwBiH5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAVy8QfHHUe3IpNNWEsbgEEDP+qkwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzczNzM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eQwDQYJKoZIhvcNAQELBQADggEBAEXDlk+w9s4w8fe3NHQmJlWq65UKa+qe
TMgvDwwVK2GtqX1bMMv8o6jTSnY1/Tpuq1airfyq5CLU+M0pYvZMelO2RQjd0CrL
PhatR5eYVWX4CP5ITBzezJ9T4VjK/HwmS1k63aRLlv8A/AZyHJ8ldAVWDQ8TUrG/
/xVQqosoZwNgR8UIuNS0zZtAGBH9mptvD5Fbb/6bnfP5XoLvaW+nVf3ekKUSZ5ca
Nzf/UN+iB+ggc3Q3SSrjhe+6OU0tUl5I9XoSSzNxpDBdHuDRIx0MnmqfqxFXDlYg
LZZ3PUFUEzDGssWCsH70ERIY/Q+OkglG9g6e+Jp2Fd5FEG4LRtZif7s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org