Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630383a3a2f34382d3438203d3e20323136333234.roa
File: 326130663a383563313a3630383a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: b9VwhNemjnw9RacugpjsFgH5tThm9N7JBywWtrQVZYU=
Subject key identifier: F9:22:7C:12:87:74:AC:87:85:8C:E9:E6:71:B9:AF:AC:C8:30:07:4F
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 7419BE4748494315CDC3EB0FB39D5799F2561133
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630383a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 07:03:10 +0000
ROA not before: Tue 30 Apr 2024 06:58:10 +0000
ROA not after: Tue 29 Apr 2025 07:03:10 +0000
asID: 216324
IP address blocks: 2a0f:85c1:608::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 05:23:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:19:be:47:48:49:43:15:cd:c3:eb:0f:b3:9d:57:99:f2:56:11:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 06:58:10 2024 GMT
Not After : Apr 29 07:03:10 2025 GMT
Subject: CN=F9227C128774AC87858CE9E671B9AFACC830074F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:be:b8:e3:2d:74:50:27:e4:0f:33:e7:b1:61:
1f:b6:0d:c6:95:55:7a:f9:50:33:ef:84:94:20:f9:
79:f3:cd:f8:81:c4:fd:a1:84:95:22:83:b5:ff:77:
c4:82:02:8a:d2:5d:47:59:57:cd:1a:65:71:2d:0f:
d5:c0:58:92:66:77:ca:1b:82:37:aa:77:82:c1:4c:
61:d0:8d:e1:0e:d1:67:5e:ed:27:c6:a4:74:a6:18:
68:d2:f6:be:12:a8:7b:10:56:ca:cd:24:a5:58:8f:
16:fb:4b:26:d1:99:01:bd:a6:d0:57:e9:9b:ab:95:
7f:f4:1f:d7:61:0a:9e:4f:3f:4c:cc:4f:49:9a:d3:
ab:90:88:c5:ef:52:72:8f:5d:b0:00:25:a8:81:86:
7e:37:3c:c9:f1:fc:1a:01:70:cb:d1:5f:63:7f:99:
f6:a4:11:1d:0a:63:3d:e6:90:6e:6e:45:62:d5:72:
a0:4e:79:59:51:e0:91:3a:29:84:03:01:5c:e2:68:
21:f5:cb:1f:2e:38:4f:cc:de:96:03:7c:90:1d:51:
10:5f:8f:5e:31:e9:05:80:fd:29:26:06:79:17:8a:
97:5f:2f:04:c3:74:e0:79:2d:4b:e4:b6:70:71:9b:
80:ce:8d:31:b4:95:9c:ba:e8:a2:b5:04:34:39:74:
3b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:22:7C:12:87:74:AC:87:85:8C:E9:E6:71:B9:AF:AC:C8:30:07:4F
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630383a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:608::/48
Signature Algorithm: sha256WithRSAEncryption
7d:ea:30:c4:c5:52:fe:d3:78:09:33:a4:26:ea:74:a6:af:97:
aa:68:04:c0:cd:2a:af:23:4d:8d:d3:46:94:59:ab:21:02:15:
84:b0:ab:9d:ff:bd:d9:56:d4:2d:6b:2f:2c:68:d2:58:f8:24:
a4:b1:96:59:86:00:ca:fe:61:3f:f9:64:a3:7a:95:71:81:08:
6f:df:ef:9a:2e:3a:ec:ba:a1:a6:d7:a9:41:55:a7:17:d5:dd:
7a:93:19:b3:56:b1:81:37:fa:15:68:56:0e:85:8e:47:0b:45:
17:7a:94:41:b9:16:73:3e:ff:6f:32:b9:0a:24:8a:2b:9d:3f:
39:77:90:e8:d3:90:a7:ce:71:0f:7f:ef:7e:67:14:1f:b7:53:
e4:1c:f5:6a:ae:8a:77:59:dc:c8:0d:a4:8c:ec:eb:0a:04:af:
37:7d:9d:bf:ae:4b:3b:36:de:f4:ca:fa:f6:6e:44:c3:b3:14:
51:d7:a6:3e:b4:d4:ea:e0:57:ad:38:d6:cd:14:a8:4d:07:50:
1b:f3:5b:51:1a:61:7c:0e:a2:0b:7d:57:29:43:eb:ee:d2:00:
f3:a9:28:e7:d6:93:39:d3:8f:dc:19:3a:f7:7c:84:8e:92:4c:
6c:5a:d7:4b:ee:1a:8a:2b:22:6e:d6:bd:84:cd:0d:83:6a:6b:
8f:ed:7f:eb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUdBm+R0hJQxXNw+sPs51XmfJWETMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNjU4MTBaFw0yNTA0MjkwNzAzMTBaMDMxMTAvBgNV
BAMTKEY5MjI3QzEyODc3NEFDODc4NThDRTlFNjcxQjlBRkFDQzgzMDA3NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4vrjjLXRQJ+QPM+exYR+2DcaV
VXr5UDPvhJQg+XnzzfiBxP2hhJUig7X/d8SCAorSXUdZV80aZXEtD9XAWJJmd8ob
gjeqd4LBTGHQjeEO0Wde7SfGpHSmGGjS9r4SqHsQVsrNJKVYjxb7SybRmQG9ptBX
6ZurlX/0H9dhCp5PP0zMT0ma06uQiMXvUnKPXbAAJaiBhn43PMnx/BoBcMvRX2N/
mfakER0KYz3mkG5uRWLVcqBOeVlR4JE6KYQDAVziaCH1yx8uOE/M3pYDfJAdURBf
j14x6QWA/SkmBnkXipdfLwTDdOB5LUvktnBxm4DOjTG0lZy66KK1BDQ5dDuZAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQU+SJ8Eod0rIeFjOnmcbmvrMgwB08wHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzAzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGCDANBgkqhkiG9w0BAQsFAAOCAQEAfeow
xMVS/tN4CTOkJup0pq+XqmgEwM0qryNNjdNGlFmrIQIVhLCrnf+92VbULWsvLGjS
WPgkpLGWWYYAyv5hP/lko3qVcYEIb9/vmi467LqhptepQVWnF9XdepMZs1axgTf6
FWhWDoWORwtFF3qUQbkWcz7/bzK5CiSKK50/OXeQ6NOQp85xD3/vfmcUH7dT5Bz1
aq6Kd1ncyA2kjOzrCgSvN32dv65LOzbe9Mr69m5Ew7MUUdemPrTU6uBXrTjWzRSo
TQdQG/NbURphfA6iC31XKUPr7tIA86ko59aTOdOP3Bk693yEjpJMbFrXS+4aiisi
bta9hM0Ng2prj+1/6w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:57 2024 by rpki-client on console-ams.rpki-client.org