Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630323a3a2f34382d3438203d3e20323136333234.roa
File: 326130663a383563313a3630323a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: i0Bd6x6+UlUflCgI81XWyYvVJqmubi+ZlaR+ffeQ67s=
Subject key identifier: 6D:21:F1:64:ED:8F:17:EB:39:CC:9D:70:E4:FF:99:9D:C7:D1:29:25
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 15F518DD8E558466059DF0EB19CFEED4DC35F230
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630323a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 07:04:39 +0000
ROA not before: Tue 30 Apr 2024 06:59:39 +0000
ROA not after: Tue 29 Apr 2025 07:04:39 +0000
asID: 216324
IP address blocks: 2a0f:85c1:602::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 05:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:f5:18:dd:8e:55:84:66:05:9d:f0:eb:19:cf:ee:d4:dc:35:f2:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 06:59:39 2024 GMT
Not After : Apr 29 07:04:39 2025 GMT
Subject: CN=6D21F164ED8F17EB39CC9D70E4FF999DC7D12925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ab:17:30:35:ea:b6:8e:e8:6f:86:55:35:5c:
e9:99:42:18:a3:57:bd:97:fa:87:77:80:5c:27:e3:
39:89:15:4a:c4:4f:64:2c:37:66:7f:51:5a:4c:0c:
f1:57:87:95:71:3a:4b:48:38:d7:47:91:b0:07:5e:
33:ee:4c:15:f3:e3:e1:3d:5b:80:ea:7e:ce:df:16:
40:17:36:ef:86:e6:ef:7f:cb:1a:e2:53:e0:bc:ac:
8d:49:1d:58:67:ff:78:77:b9:b1:aa:7c:46:0e:84:
3b:40:c7:39:34:43:89:41:4d:29:d9:ea:a4:be:ed:
2f:b3:8a:5c:35:0e:13:1c:3d:4e:98:66:e0:75:bc:
80:0a:22:e9:ed:d8:e0:81:25:88:64:5e:be:c4:b7:
c8:6b:d9:a6:c0:c8:17:60:9b:53:0d:ba:5e:db:92:
f1:65:cf:8f:65:74:73:0e:76:89:6c:e0:7e:0c:fe:
1a:32:f9:3d:08:e7:da:04:bf:62:81:8e:50:31:0a:
59:4f:dc:11:85:b8:f2:57:be:54:ed:9a:50:40:c1:
8d:70:47:dd:94:11:63:46:34:f9:dd:e0:22:a2:a0:
69:82:1d:6e:90:ed:18:53:ab:ec:d2:f0:8a:b2:c7:
12:43:23:7c:c9:32:af:d0:ce:a8:8b:9d:b1:5d:65:
2f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:21:F1:64:ED:8F:17:EB:39:CC:9D:70:E4:FF:99:9D:C7:D1:29:25
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630323a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:602::/48
Signature Algorithm: sha256WithRSAEncryption
5e:2f:9f:6e:a7:16:b4:d7:00:a8:75:f9:6f:9f:55:99:45:cf:
15:e3:1f:22:b4:1d:d4:37:4f:aa:a2:17:dc:fe:28:3f:7d:91:
25:87:d0:eb:9b:59:a7:29:e5:47:4c:37:f1:b1:36:b7:e3:f8:
7e:c3:97:dc:ae:72:e3:98:01:1a:a9:df:22:1b:4b:09:e7:75:
f0:d6:8d:be:a7:3e:f1:e3:15:0e:18:e5:01:3f:7d:70:fd:4a:
3e:9c:00:1a:36:91:8f:20:b1:04:92:dc:0c:d4:f6:c2:db:75:
35:84:fe:f8:87:d1:79:29:e0:2b:52:83:e0:c7:f0:7a:7f:f1:
23:bb:60:d6:e9:f3:ac:80:eb:7f:ec:9c:67:32:b8:4b:6b:82:
eb:98:cf:da:62:1c:56:0f:d7:d2:9e:ed:2b:93:87:ea:0a:34:
05:f8:f0:16:49:df:56:b0:89:53:00:97:0f:b2:0a:1b:6b:59:
2f:f0:77:9e:80:45:03:a5:f3:43:97:65:03:06:22:2c:16:1c:
d6:2e:d5:bc:ad:70:7a:20:fa:af:3c:f4:0f:42:9a:a4:10:02:
b0:55:40:99:e4:b3:5d:54:e2:dc:a5:88:d2:82:d4:1a:69:d9:
79:92:c7:f7:86:ce:0c:b1:b9:71:99:5a:da:54:89:b7:ef:63:
2f:22:a4:fa
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUFfUY3Y5VhGYFnfDrGc/u1Nw18jAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNjU5MzlaFw0yNTA0MjkwNzA0MzlaMDMxMTAvBgNV
BAMTKDZEMjFGMTY0RUQ4RjE3RUIzOUNDOUQ3MEU0RkY5OTlEQzdEMTI5MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3qxcwNeq2juhvhlU1XOmZQhij
V72X+od3gFwn4zmJFUrET2QsN2Z/UVpMDPFXh5VxOktIONdHkbAHXjPuTBXz4+E9
W4Dqfs7fFkAXNu+G5u9/yxriU+C8rI1JHVhn/3h3ubGqfEYOhDtAxzk0Q4lBTSnZ
6qS+7S+zilw1DhMcPU6YZuB1vIAKIunt2OCBJYhkXr7Et8hr2abAyBdgm1MNul7b
kvFlz49ldHMOdols4H4M/hoy+T0I59oEv2KBjlAxCllP3BGFuPJXvlTtmlBAwY1w
R92UEWNGNPnd4CKioGmCHW6Q7RhTq+zS8IqyxxJDI3zJMq/QzqiLnbFdZS8BAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUbSHxZO2PF+s5zJ1w5P+ZncfRKSUwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzAzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGAjANBgkqhkiG9w0BAQsFAAOCAQEAXi+f
bqcWtNcAqHX5b59VmUXPFeMfIrQd1DdPqqIX3P4oP32RJYfQ65tZpynlR0w38bE2
t+P4fsOX3K5y45gBGqnfIhtLCed18NaNvqc+8eMVDhjlAT99cP1KPpwAGjaRjyCx
BJLcDNT2wtt1NYT++IfReSngK1KD4Mfwen/xI7tg1unzrIDrf+ycZzK4S2uC65jP
2mIcVg/X0p7tK5OH6go0BfjwFknfVrCJUwCXD7IKG2tZL/B3noBFA6XzQ5dlAwYi
LBYc1i7VvK1weiD6rzz0D0KapBACsFVAmeSzXVTi3KWI0oLUGmnZeZLH94bODLG5
cZla2lSJt+9jLyKk+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org