Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3631323a3a2f34382d3438203d3e20323136333234.roa
File: 326130663a383563313a3631323a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: C7tgoYdy9kUOH8b6mS2h7oeBBrYrcTeYxiRoLk5zNDE=
Subject key identifier: 58:68:61:66:7D:2F:A8:57:7F:17:9E:FD:24:68:BE:CD:3B:DB:FA:04
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 67BA853E1E6AE89C8529A08ABC8D896B068A046D
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3631323a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 07:03:55 +0000
ROA not before: Tue 30 Apr 2024 06:58:55 +0000
ROA not after: Tue 29 Apr 2025 07:03:55 +0000
asID: 216324
IP address blocks: 2a0f:85c1:612::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 05:23:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:ba:85:3e:1e:6a:e8:9c:85:29:a0:8a:bc:8d:89:6b:06:8a:04:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 06:58:55 2024 GMT
Not After : Apr 29 07:03:55 2025 GMT
Subject: CN=586861667D2FA8577F179EFD2468BECD3BDBFA04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f4:27:c0:06:e9:90:b6:a0:8f:ad:74:39:79:
7a:81:02:66:ee:84:d0:e7:49:87:86:78:4b:b2:fc:
bd:39:93:04:fb:96:14:47:97:8d:e9:f4:99:b7:a8:
ff:51:39:77:13:d7:d6:1e:6e:bd:0c:85:01:28:72:
33:5e:61:16:e2:39:37:81:ae:f4:b4:b5:35:53:4b:
fa:c6:e2:ea:af:55:10:b3:23:4e:8e:21:62:e2:3b:
ea:cc:9b:34:45:23:26:12:10:1b:44:9c:a9:5f:1e:
b0:14:84:95:30:f0:81:12:e8:f4:74:d9:6f:aa:3a:
02:91:44:99:26:0e:8d:50:ca:b8:47:9f:41:97:5d:
71:ec:27:85:74:43:47:6b:59:c2:25:be:0c:bd:59:
91:e3:ea:d1:31:1f:45:bb:d8:a7:29:22:bd:1d:b9:
6f:cd:88:bf:7b:01:e9:ef:4c:74:1d:0e:9b:2c:1e:
fb:ec:32:64:90:2f:1f:86:bd:9e:c9:e9:b7:8e:fb:
7f:99:69:53:d1:40:b3:f6:8a:4c:96:33:66:72:cc:
95:92:20:9f:33:89:e3:55:6d:5b:78:7e:1c:90:d6:
39:e1:5c:1d:25:ed:a2:1b:57:29:64:f7:aa:c0:73:
18:bf:7a:ac:be:68:1f:78:e2:15:b9:9f:f0:40:32:
43:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:68:61:66:7D:2F:A8:57:7F:17:9E:FD:24:68:BE:CD:3B:DB:FA:04
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3631323a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:612::/48
Signature Algorithm: sha256WithRSAEncryption
4c:b8:38:3e:f5:e0:07:ba:20:06:64:68:ce:3e:b3:9e:8b:3b:
5d:3f:a9:94:d5:75:72:c4:16:5f:9b:fb:3c:a1:93:38:4c:53:
dc:56:b9:24:c4:82:40:16:17:9e:e7:94:e3:fd:e8:7d:85:bf:
14:28:51:35:58:b6:e9:3f:33:4b:d5:a1:86:6e:89:df:3e:31:
b1:17:a0:b2:41:5d:74:e7:85:96:79:82:51:0c:25:ad:89:94:
ce:c0:89:1d:10:a6:84:a1:ce:6e:41:36:69:32:8c:32:7f:b6:
48:92:7d:28:6c:29:df:a5:63:cc:be:28:85:2a:9d:98:7f:f1:
7a:5a:3f:03:57:16:ec:fd:0e:16:af:c4:db:50:08:d7:44:45:
69:4c:57:cf:e9:4f:71:01:77:d0:ed:c0:3d:14:44:b4:97:db:
0e:aa:56:52:c1:6d:e4:ef:a0:5c:ab:13:c4:74:78:62:18:f3:
45:e3:e4:82:81:b7:6a:5c:cd:42:13:d7:49:5a:6e:41:8f:f3:
a7:af:e3:20:ff:f6:04:80:26:77:bd:82:b5:46:40:f6:d0:76:
c3:58:bf:59:75:87:0d:6f:24:24:ec:f7:1b:bf:3d:dc:03:ab:
13:f5:42:c7:56:11:a4:0a:88:81:ed:31:f9:04:e9:9f:bc:38:
df:82:fd:c5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUZ7qFPh5q6JyFKaCKvI2JawaKBG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNjU4NTVaFw0yNTA0MjkwNzAzNTVaMDMxMTAvBgNV
BAMTKDU4Njg2MTY2N0QyRkE4NTc3RjE3OUVGRDI0NjhCRUNEM0JEQkZBMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG9CfABumQtqCPrXQ5eXqBAmbu
hNDnSYeGeEuy/L05kwT7lhRHl43p9Jm3qP9ROXcT19Yebr0MhQEocjNeYRbiOTeB
rvS0tTVTS/rG4uqvVRCzI06OIWLiO+rMmzRFIyYSEBtEnKlfHrAUhJUw8IES6PR0
2W+qOgKRRJkmDo1QyrhHn0GXXXHsJ4V0Q0drWcIlvgy9WZHj6tExH0W72KcpIr0d
uW/NiL97AenvTHQdDpssHvvsMmSQLx+GvZ7J6beO+3+ZaVPRQLP2ikyWM2ZyzJWS
IJ8zieNVbVt4fhyQ1jnhXB0l7aIbVylk96rAcxi/eqy+aB944hW5n/BAMkOrAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUWGhhZn0vqFd/F579JGi+zTvb+gQwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzEzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGEjANBgkqhkiG9w0BAQsFAAOCAQEATLg4
PvXgB7ogBmRozj6znos7XT+plNV1csQWX5v7PKGTOExT3Fa5JMSCQBYXnueU4/3o
fYW/FChRNVi26T8zS9Whhm6J3z4xsRegskFddOeFlnmCUQwlrYmUzsCJHRCmhKHO
bkE2aTKMMn+2SJJ9KGwp36VjzL4ohSqdmH/xelo/A1cW7P0OFq/E21AI10RFaUxX
z+lPcQF30O3APRREtJfbDqpWUsFt5O+gXKsTxHR4YhjzRePkgoG3alzNQhPXSVpu
QY/zp6/jIP/2BIAmd72CtUZA9tB2w1i/WXWHDW8kJOz3G7893AOrE/VCx1YRpAqI
ge0x+QTpn7w434L9xQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org