Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20383334.roa
File: 38352e3230392e3233302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: YF7i9TBQrw2E6kCfjNNTuLDlTkKnSjbDmedPdlpBbOA=
Subject key identifier: 49:CB:1B:3D:C1:E4:E5:C4:AE:99:2B:FF:6A:BE:27:BD:E4:E8:25:9C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 72D9F2D8987721919B86CBFBCE7E465115685D8E
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20383334.roa
Signing time: Thu 19 Oct 2023 08:30:05 +0000
ROA not before: Thu 19 Oct 2023 08:25:05 +0000
ROA not after: Thu 17 Oct 2024 08:30:05 +0000
asID: 834
IP address blocks: 85.209.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Dec 2023 20:41:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:d9:f2:d8:98:77:21:91:9b:86:cb:fb:ce:7e:46:51:15:68:5d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Oct 19 08:25:05 2023 GMT
Not After : Oct 17 08:30:05 2024 GMT
Subject: CN=49CB1B3DC1E4E5C4AE992BFF6ABE27BDE4E8259C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0e:0d:3f:c2:68:20:82:e5:22:90:3b:4e:f4:
5b:12:6d:61:26:ad:76:50:f2:dd:be:75:c2:47:05:
fb:90:23:22:2a:1e:44:af:12:0c:52:74:af:74:12:
6a:7b:ff:f2:a1:f0:6b:ed:53:b0:de:e8:06:3a:88:
aa:32:96:e1:f4:4f:67:c2:62:49:99:fd:5a:3e:0d:
34:91:fd:5e:c3:72:83:2e:e1:89:5e:5a:80:18:6e:
a3:51:0f:b0:2f:9a:dd:10:e1:5b:09:8d:f8:d4:8b:
7e:50:af:d4:92:40:14:a4:ed:20:9c:6d:77:af:87:
5a:e3:15:89:27:8d:87:ce:c0:f7:02:f0:bb:67:59:
b1:1c:8c:d2:67:ad:b0:c2:b0:0b:92:19:22:0e:71:
57:23:ea:66:7e:54:70:e0:82:84:5c:41:87:d4:23:
58:04:64:50:c3:d5:02:a3:69:b9:2d:66:a5:5f:34:
a8:d8:1d:b7:2b:b9:7f:70:a0:30:b9:89:12:f2:1e:
f1:da:bc:e6:ac:6f:c4:fc:a4:18:cc:b9:0c:d4:13:
79:ef:b0:4b:49:19:f3:57:88:c3:9d:dd:97:c0:aa:
b5:eb:4c:5d:34:dc:9a:ea:18:1f:5c:c9:02:7b:ed:
65:90:3d:cf:82:6d:2f:69:2f:d2:ed:5e:b6:24:dd:
ce:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:CB:1B:3D:C1:E4:E5:C4:AE:99:2B:FF:6A:BE:27:BD:E4:E8:25:9C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3233302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:29:29:7c:2e:77:a8:ad:33:90:d8:67:9b:f1:e0:79:5e:fe:
57:1f:bc:c8:4f:7f:c9:3b:45:fc:b7:a3:aa:77:1f:af:41:2f:
6b:75:34:aa:4b:39:8e:40:e8:c0:9b:72:cf:cd:42:7f:3c:04:
f5:a6:5a:b1:c8:0f:49:44:a1:27:b5:30:05:55:8a:56:45:c0:
03:7d:63:db:8b:c8:be:5e:88:55:44:6e:8b:8c:a7:11:c1:bb:
25:87:ef:73:20:ab:aa:05:0f:d4:36:2d:f2:6b:09:95:26:e4:
06:64:e5:72:82:d7:20:14:f3:12:4a:a8:61:ef:3a:85:d3:da:
a4:69:b2:91:52:86:78:d3:8a:6a:93:32:be:bf:ca:e4:a3:dd:
c4:d1:81:7f:d4:0a:35:0a:c3:66:f7:66:2c:cb:1d:81:75:f9:
d2:c0:10:99:3c:c9:96:25:9f:c5:f7:e5:e9:a7:fd:e2:df:6d:
5c:6c:6d:20:7e:ab:73:ed:08:55:82:a3:a7:b0:57:ce:a2:e7:
95:14:eb:40:1b:f8:16:3b:9d:ca:8f:ea:5c:ea:1b:ee:44:13:
d6:b3:c1:0d:22:b5:f6:1d:e0:92:8f:42:73:d3:32:74:5e:21:
2a:bb:f9:67:5f:f0:13:2a:d2:0b:55:66:f8:c8:36:48:d2:b7:
fc:10:da:97
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUctny2Jh3IZGbhsv7zn5GURVoXY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEwMTkwODI1MDVaFw0yNDEwMTcwODMwMDVaMDMxMTAvBgNV
BAMTKDQ5Q0IxQjNEQzFFNEU1QzRBRTk5MkJGRjZBQkUyN0JERTRFODI1OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkDg0/wmggguUikDtO9FsSbWEm
rXZQ8t2+dcJHBfuQIyIqHkSvEgxSdK90Emp7//Kh8GvtU7De6AY6iKoyluH0T2fC
YkmZ/Vo+DTSR/V7DcoMu4YleWoAYbqNRD7Avmt0Q4VsJjfjUi35Qr9SSQBSk7SCc
bXevh1rjFYknjYfOwPcC8LtnWbEcjNJnrbDCsAuSGSIOcVcj6mZ+VHDggoRcQYfU
I1gEZFDD1QKjabktZqVfNKjYHbcruX9woDC5iRLyHvHavOasb8T8pBjMuQzUE3nv
sEtJGfNXiMOd3ZfAqrXrTF003JrqGB9cyQJ77WWQPc+CbS9pL9LtXrYk3c4TAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUScsbPcHk5cSumSv/ar4nveToJZwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0eYw
DQYJKoZIhvcNAQELBQADggEBAKkpKXwud6itM5DYZ5vx4Hle/lcfvMhPf8k7Rfy3
o6p3H69BL2t1NKpLOY5A6MCbcs/NQn88BPWmWrHID0lEoSe1MAVVilZFwAN9Y9uL
yL5eiFVEbouMpxHBuyWH73Mgq6oFD9Q2LfJrCZUm5AZk5XKC1yAU8xJKqGHvOoXT
2qRpspFShnjTimqTMr6/yuSj3cTRgX/UCjUKw2b3ZizLHYF1+dLAEJk8yZYln8X3
5emn/eLfbVxsbSB+q3PtCFWCo6ewV86i55UU60Ab+BY7ncqP6lzqG+5EE9azwQ0i
tfYd4JKPQnPTMnReISq7+Wdf8BMq0gtVZvjINkjSt/wQ2pc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org