Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630393a3a2f34382d3438203d3e20323136333234.roa
File: 326130663a383563313a3630393a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: +/LqlvMR1gPXSBD7f+CdLAM02jiVLM43XOwHMCOiwWU=
Subject key identifier: C2:11:BB:FD:66:7F:BF:15:F8:FC:AD:48:08:B3:85:8A:29:FA:AB:36
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 61B23569B6614CE6EFBF9480356F81DCE7DF198C
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630393a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 07:05:02 +0000
ROA not before: Tue 30 Apr 2024 07:00:02 +0000
ROA not after: Tue 29 Apr 2025 07:05:02 +0000
asID: 216324
IP address blocks: 2a0f:85c1:609::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 05:23:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:b2:35:69:b6:61:4c:e6:ef:bf:94:80:35:6f:81:dc:e7:df:19:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 07:00:02 2024 GMT
Not After : Apr 29 07:05:02 2025 GMT
Subject: CN=C211BBFD667FBF15F8FCAD4808B3858A29FAAB36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:1f:8e:b7:06:84:65:c8:24:36:17:c4:7f:
c3:4a:b6:00:21:37:2f:ca:a1:69:8a:30:d5:7f:9e:
d8:e5:bc:70:ea:89:5b:35:16:1a:42:2f:a7:5a:c2:
57:7a:2e:b8:5e:0e:60:06:dc:a9:2e:91:a3:ef:63:
c3:3f:89:00:4b:bd:56:b2:03:25:af:3d:86:a8:5b:
b8:eb:89:2c:8f:93:18:02:bf:a2:a8:04:da:16:15:
c6:d6:ac:d1:b6:b1:40:65:ec:7a:a4:3b:36:b3:12:
2c:66:cd:ec:18:cf:d3:61:af:de:77:b9:c1:e6:1e:
ca:01:a5:21:c5:43:d4:99:d0:12:c6:08:b6:4c:e8:
0e:3d:34:be:e8:71:47:db:ba:b0:11:8a:3b:25:ff:
5a:53:22:a0:f9:f8:3f:4d:87:29:7c:5b:16:8e:2c:
4c:11:b0:76:73:4e:40:03:f3:3a:74:26:57:58:ab:
03:60:13:3a:78:d4:c5:32:d3:f0:a1:47:86:cf:4e:
66:d8:10:b2:75:46:9b:16:2e:7a:1f:36:39:87:30:
99:7e:c9:0d:6d:63:c8:55:88:d9:91:ea:4d:da:66:
47:ec:9c:89:0c:b0:20:d6:c9:56:07:11:7f:95:ff:
56:0f:43:60:bb:32:f9:75:35:8a:ae:a2:d2:56:a7:
46:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:11:BB:FD:66:7F:BF:15:F8:FC:AD:48:08:B3:85:8A:29:FA:AB:36
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630393a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:609::/48
Signature Algorithm: sha256WithRSAEncryption
3c:9b:a4:21:c8:8b:56:fc:67:13:19:ed:3d:f4:62:ca:d8:cd:
3f:0d:c6:ea:c4:7e:ee:51:3a:b7:0a:b2:a8:dd:4b:ad:86:3a:
81:33:2d:d0:e0:d8:97:f7:c7:2b:1e:d0:67:d7:4d:23:9c:d6:
66:92:38:28:ef:b9:cf:c0:bb:b7:61:ae:ca:6f:3e:9d:b0:45:
05:a0:cd:58:21:98:c0:b9:18:ed:9b:44:72:1b:55:7e:b9:3f:
a6:a5:4a:ba:63:3d:fa:d2:2e:ec:7a:ff:dc:a0:0a:73:ca:e9:
ef:e1:9c:ae:67:ef:25:83:d8:10:86:d2:f5:ca:b4:47:6b:fb:
f0:c2:3e:c2:3f:01:67:c5:b7:01:0a:a5:fc:0c:44:cc:fa:2d:
54:0d:72:c3:4d:3c:68:30:ac:16:5d:d1:40:6f:e3:18:67:f8:
8a:d4:04:59:3b:d5:b1:21:68:df:9d:86:5e:58:f0:31:b5:2c:
ab:8c:42:53:5a:cb:f5:0f:52:68:b3:94:d6:e2:a7:77:fb:40:
82:57:61:1a:fb:24:d0:38:e4:9a:d1:06:e1:b9:4a:8f:db:2c:
a1:47:20:ba:87:34:74:09:7f:dd:f0:ee:d8:66:0a:a1:cb:c7:
97:21:a7:5b:a1:19:d0:2f:26:b0:57:9f:4d:af:4b:28:a9:9c:
b2:93:18:76
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUYbI1abZhTObvv5SANW+B3OffGYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNzAwMDJaFw0yNTA0MjkwNzA1MDJaMDMxMTAvBgNV
BAMTKEMyMTFCQkZENjY3RkJGMTVGOEZDQUQ0ODA4QjM4NThBMjlGQUFCMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0tB+OtwaEZcgkNhfEf8NKtgAh
Ny/KoWmKMNV/ntjlvHDqiVs1FhpCL6dawld6LrheDmAG3KkukaPvY8M/iQBLvVay
AyWvPYaoW7jriSyPkxgCv6KoBNoWFcbWrNG2sUBl7HqkOzazEixmzewYz9Nhr953
ucHmHsoBpSHFQ9SZ0BLGCLZM6A49NL7ocUfburARijsl/1pTIqD5+D9Nhyl8WxaO
LEwRsHZzTkAD8zp0JldYqwNgEzp41MUy0/ChR4bPTmbYELJ1RpsWLnofNjmHMJl+
yQ1tY8hViNmR6k3aZkfsnIkMsCDWyVYHEX+V/1YPQ2C7Mvl1NYquotJWp0ZrAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUwhG7/WZ/vxX4/K1ICLOFiin6qzYwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzAzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGCTANBgkqhkiG9w0BAQsFAAOCAQEAPJuk
IciLVvxnExntPfRiytjNPw3G6sR+7lE6twqyqN1LrYY6gTMt0ODYl/fHKx7QZ9dN
I5zWZpI4KO+5z8C7t2Guym8+nbBFBaDNWCGYwLkY7ZtEchtVfrk/pqVKumM9+tIu
7Hr/3KAKc8rp7+GcrmfvJYPYEIbS9cq0R2v78MI+wj8BZ8W3AQql/AxEzPotVA1y
w008aDCsFl3RQG/jGGf4itQEWTvVsSFo352GXljwMbUsq4xCU1rL9Q9SaLOU1uKn
d/tAgldhGvsk0DjkmtEG4blKj9ssoUcguoc0dAl/3fDu2GYKocvHlyGnW6EZ0C8m
sFefTa9LKKmcspMYdg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org