Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20383334.roa
File: 38352e3230392e3232382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: XwdVifPkjQmsDw71EYTD7ZOczFzfFoYK3sTLNSa2yD8=
Subject key identifier: 14:D4:28:B7:F5:6D:A7:E1:B7:33:8B:66:45:3B:DB:E7:A0:70:44:E1
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 26A5E99EFA0F00735E92BB451F1183BC66263F3B
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20383334.roa
Signing time: Thu 14 Mar 2024 07:36:58 +0000
ROA not before: Thu 14 Mar 2024 07:31:58 +0000
ROA not after: Thu 13 Mar 2025 07:36:58 +0000
asID: 834
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 18:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:a5:e9:9e:fa:0f:00:73:5e:92:bb:45:1f:11:83:bc:66:26:3f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Mar 14 07:31:58 2024 GMT
Not After : Mar 13 07:36:58 2025 GMT
Subject: CN=14D428B7F56DA7E1B7338B66453BDBE7A07044E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:aa:67:d4:fe:b3:c3:64:9d:70:2e:89:b2:83:
48:ce:c0:09:92:11:ee:e7:ec:38:4a:e6:4a:41:5e:
6c:74:5d:95:39:fb:63:9c:73:48:08:08:be:f8:61:
e8:86:69:cc:a6:16:1e:b0:5a:73:ee:05:56:b2:ff:
a9:45:da:8e:f9:3f:01:8e:41:9c:76:7e:25:74:d1:
6e:7f:d2:4f:6b:a4:1d:29:55:81:34:9a:de:99:09:
41:65:d4:84:c6:70:f8:1b:90:b4:9c:28:9d:a4:c1:
c0:f2:9c:1d:96:42:39:0d:1b:9e:f0:a3:3c:b3:1a:
7a:22:5f:09:b4:8c:5f:d1:4d:38:db:62:ec:f3:84:
1d:fa:de:8e:c7:1e:fb:ad:ac:4e:65:0f:25:c0:4f:
53:ba:a6:8b:c7:49:d3:ba:03:c5:6f:32:b8:c4:26:
6c:9e:d7:b0:40:d0:7d:0e:b4:fd:16:86:9d:2d:f4:
66:2e:54:6c:5f:ef:a8:4f:97:1c:af:5d:74:6b:82:
b9:83:c0:b0:97:65:9c:cf:7e:6b:c5:6e:2a:06:b7:
ea:05:e0:1d:9f:d5:76:d0:90:8e:5d:45:66:63:47:
6d:99:73:c9:91:b3:1e:51:7a:a2:75:13:4c:9c:2f:
06:21:ce:1e:31:97:c0:70:e8:86:a6:e3:ad:7f:78:
db:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D4:28:B7:F5:6D:A7:E1:B7:33:8B:66:45:3B:DB:E7:A0:70:44:E1
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:58:65:5f:b8:69:63:17:de:38:a3:be:ad:be:3d:2c:95:89:
22:81:5e:23:0a:91:dc:00:20:a0:f2:0f:fc:34:a5:de:f6:5d:
57:b5:57:4e:d5:5a:2c:b7:fb:85:f5:d5:6e:23:51:1e:71:3f:
13:ed:4d:43:f4:62:69:46:36:0a:4c:01:a5:e4:92:e2:f3:02:
3f:a1:00:2a:4a:81:dc:ad:6e:b4:58:14:b7:89:f2:c9:35:de:
33:19:ab:a5:5c:6c:f6:7a:bf:cf:c5:b8:a8:e9:c7:5c:3d:3a:
0e:21:fd:f7:0b:f9:55:58:68:f7:74:e9:04:70:69:7f:46:df:
41:86:5a:dc:9f:08:bd:42:3a:ac:9d:c6:ed:45:b7:a3:8f:ee:
1e:59:26:91:4d:67:2b:08:7d:c5:32:7e:54:f3:0d:a1:bc:33:
6d:b4:02:22:c0:bf:a6:02:82:9c:17:00:fc:12:d3:82:4f:db:
84:b1:c8:d4:37:f2:a4:80:fc:5d:6a:74:bf:b9:c9:22:68:e1:
93:e8:d1:1f:64:8a:f3:6f:60:f7:24:9b:c3:8f:e6:4d:24:39:
84:93:ae:28:ea:2c:a6:68:09:28:0f:bf:75:e4:64:5b:50:9d:
c6:a2:c8:61:d7:00:f1:c8:73:47:52:99:03:8f:15:19:b6:0c:
17:ea:31:e9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUJqXpnvoPAHNekrtFHxGDvGYmPzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAzMTQwNzMxNThaFw0yNTAzMTMwNzM2NThaMDMxMTAvBgNV
BAMTKDE0RDQyOEI3RjU2REE3RTFCNzMzOEI2NjQ1M0JEQkU3QTA3MDQ0RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6qmfU/rPDZJ1wLomyg0jOwAmS
Ee7n7DhK5kpBXmx0XZU5+2Occ0gICL74YeiGacymFh6wWnPuBVay/6lF2o75PwGO
QZx2fiV00W5/0k9rpB0pVYE0mt6ZCUFl1ITGcPgbkLScKJ2kwcDynB2WQjkNG57w
ozyzGnoiXwm0jF/RTTjbYuzzhB363o7HHvutrE5lDyXAT1O6povHSdO6A8VvMrjE
Jmye17BA0H0OtP0Whp0t9GYuVGxf76hPlxyvXXRrgrmDwLCXZZzPfmvFbioGt+oF
4B2f1XbQkI5dRWZjR22Zc8mRsx5ReqJ1E0ycLwYhzh4xl8Bw6Iam461/eNt7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUFNQot/Vtp+G3M4tmRTvb56BwROEwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0eQw
DQYJKoZIhvcNAQELBQADggEBAKpYZV+4aWMX3jijvq2+PSyViSKBXiMKkdwAIKDy
D/w0pd72XVe1V07VWiy3+4X11W4jUR5xPxPtTUP0YmlGNgpMAaXkkuLzAj+hACpK
gdytbrRYFLeJ8sk13jMZq6VcbPZ6v8/FuKjpx1w9Og4h/fcL+VVYaPd06QRwaX9G
30GGWtyfCL1COqydxu1Ft6OP7h5ZJpFNZysIfcUyflTzDaG8M220AiLAv6YCgpwX
APwS04JP24SxyNQ38qSA/F1qdL+5ySJo4ZPo0R9kivNvYPckm8OP5k0kOYSTrijq
LKZoCSgPv3XkZFtQncaiyGHXAPHIc0dSmQOPFRm2DBfqMek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org