Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630313a3a2f34382d3438203d3e20323136333234.roa
File: 326130663a383563313a3630313a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: 4KF6M06yzMem3hB7y4yXpVwR9n4HSPnqO8savL2i6Ww=
Subject key identifier: 84:14:9F:E8:91:75:17:EB:D4:4E:7C:09:00:C5:7D:E3:53:E1:9E:63
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 267D5EAFF90CE89AE8887C930BB491B59760F9E7
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630313a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 07:01:55 +0000
ROA not before: Tue 30 Apr 2024 06:56:55 +0000
ROA not after: Tue 29 Apr 2025 07:01:55 +0000
asID: 216324
IP address blocks: 2a0f:85c1:601::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 05:23:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:7d:5e:af:f9:0c:e8:9a:e8:88:7c:93:0b:b4:91:b5:97:60:f9:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 06:56:55 2024 GMT
Not After : Apr 29 07:01:55 2025 GMT
Subject: CN=84149FE8917517EBD44E7C0900C57DE353E19E63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:32:72:8a:22:3d:d0:c4:05:ab:80:12:2d:
a6:bd:91:52:c8:4f:ab:68:d8:00:dc:a5:77:4a:56:
7d:24:a7:67:10:9d:b0:60:df:37:72:d8:ed:22:c4:
d8:2d:a2:ce:7c:e6:48:d8:4c:d5:e7:38:d2:5f:f0:
66:77:d7:61:62:f0:e1:af:99:a2:01:3b:a6:d5:22:
4a:6e:34:a8:3c:d3:2e:cf:a2:89:4d:17:1b:a4:1b:
24:cf:da:50:78:31:c0:72:e2:9d:14:b4:04:f7:d3:
cd:da:94:06:dd:60:24:1a:1f:dc:1a:a1:05:01:c5:
03:be:e1:79:2d:c2:9e:b4:45:e9:73:62:56:c0:9e:
94:d2:aa:5a:b7:5e:0c:59:94:cd:3c:44:cb:e2:c2:
7d:a7:ce:d8:a4:00:81:41:36:82:7c:d5:0c:fd:78:
64:51:d8:7e:80:c2:0a:65:8b:34:c4:d9:b8:19:b9:
1a:6f:7a:89:16:2c:9b:df:51:a4:b9:fc:ce:fd:c3:
86:57:90:7e:82:35:5b:a9:44:ee:66:91:02:ee:29:
3b:0c:a1:f8:dc:be:f8:d5:cb:d3:6f:9d:1d:b3:5e:
90:6d:dc:55:43:f1:40:ec:5f:73:89:f4:5f:69:b2:
b0:87:7f:ea:28:c0:50:34:36:14:9c:3e:d1:33:6b:
a8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:14:9F:E8:91:75:17:EB:D4:4E:7C:09:00:C5:7D:E3:53:E1:9E:63
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630313a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:601::/48
Signature Algorithm: sha256WithRSAEncryption
6a:8c:6d:4c:3b:66:72:34:fd:a4:ef:80:86:0e:aa:0c:71:e7:
3d:21:e1:9e:3b:e8:15:e6:49:81:3e:10:77:da:10:09:10:70:
df:a7:b8:29:76:02:ae:0a:98:81:b8:8a:2c:01:4e:aa:35:cb:
91:29:83:44:55:a1:6c:ec:57:ec:a6:c3:26:6e:ed:05:81:ff:
64:05:86:0f:ed:d8:3a:0d:1c:b0:f2:2f:e1:c2:7d:df:79:23:
7d:85:15:89:ba:c7:e1:c4:5d:e0:34:76:d4:fa:d2:43:f2:49:
2b:29:c9:31:3e:ad:54:64:ab:00:d3:40:37:b0:8f:2b:ee:c1:
b0:4d:6c:77:a3:59:0e:6a:00:1b:f5:a3:4b:32:32:ca:f5:b0:
a8:29:ff:26:96:bf:e5:9f:d6:36:a4:d4:1f:78:26:50:19:cc:
bc:41:90:ab:dd:f3:b9:d4:a0:28:7e:53:e0:db:80:7b:ce:09:
ae:46:fa:72:d3:b2:aa:0d:eb:f7:40:44:3c:09:99:2b:bc:f4:
a8:50:19:e6:6a:e6:e1:9f:19:87:34:f1:cc:12:d7:17:59:9a:
d2:39:07:42:70:a3:35:11:9f:e1:bb:f0:7e:fd:86:ca:4a:2f:
52:e5:66:0f:ae:15:d2:01:6e:87:c8:49:9b:7d:40:06:c5:79:
e9:7e:84:fb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUJn1er/kM6JroiHyTC7SRtZdg+ecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNjU2NTVaFw0yNTA0MjkwNzAxNTVaMDMxMTAvBgNV
BAMTKDg0MTQ5RkU4OTE3NTE3RUJENDRFN0MwOTAwQzU3REUzNTNFMTlFNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0XTJyiiI90MQFq4ASLaa9kVLI
T6to2ADcpXdKVn0kp2cQnbBg3zdy2O0ixNgtos585kjYTNXnONJf8GZ312Fi8OGv
maIBO6bVIkpuNKg80y7PoolNFxukGyTP2lB4McBy4p0UtAT3083alAbdYCQaH9wa
oQUBxQO+4Xktwp60RelzYlbAnpTSqlq3XgxZlM08RMviwn2nztikAIFBNoJ81Qz9
eGRR2H6AwgplizTE2bgZuRpveokWLJvfUaS5/M79w4ZXkH6CNVupRO5mkQLuKTsM
ofjcvvjVy9NvnR2zXpBt3FVD8UDsX3OJ9F9psrCHf+oowFA0NhScPtEza6hBAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUhBSf6JF1F+vUTnwJAMV941PhnmMwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGATANBgkqhkiG9w0BAQsFAAOCAQEAaoxt
TDtmcjT9pO+Ahg6qDHHnPSHhnjvoFeZJgT4Qd9oQCRBw36e4KXYCrgqYgbiKLAFO
qjXLkSmDRFWhbOxX7KbDJm7tBYH/ZAWGD+3YOg0csPIv4cJ933kjfYUVibrH4cRd
4DR21PrSQ/JJKynJMT6tVGSrANNAN7CPK+7BsE1sd6NZDmoAG/WjSzIyyvWwqCn/
Jpa/5Z/WNqTUH3gmUBnMvEGQq93zudSgKH5T4NuAe84Jrkb6ctOyqg3r90BEPAmZ
K7z0qFAZ5mrm4Z8ZhzTxzBLXF1ma0jkHQnCjNRGf4bvwfv2GykovUuVmD64V0gFu
h8hJm31ABsV56X6E+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:57 2024 by rpki-client on console-ams.rpki-client.org