Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3631383a3a2f34382d3438203d3e20323136333234.roa
File: 326130663a383563313a3631383a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: HwrsATAjsXMEcR5pG+SDK9qzSKhf3nq2TSWAES0as2s=
Subject key identifier: 9A:CA:1C:36:11:D8:8B:D0:3E:AC:B3:E0:DA:C8:DF:12:6B:9D:46:B7
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 1ABB95EB576A810AF1375CF7A06EC8F9D41CB37F
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3631383a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 07:06:41 +0000
ROA not before: Tue 30 Apr 2024 07:01:41 +0000
ROA not after: Tue 29 Apr 2025 07:06:41 +0000
asID: 216324
IP address blocks: 2a0f:85c1:618::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 05:24:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:bb:95:eb:57:6a:81:0a:f1:37:5c:f7:a0:6e:c8:f9:d4:1c:b3:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 07:01:41 2024 GMT
Not After : Apr 29 07:06:41 2025 GMT
Subject: CN=9ACA1C3611D88BD03EACB3E0DAC8DF126B9D46B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:66:3e:6d:60:46:18:ec:08:ba:3a:af:54:c5:
98:03:64:98:1f:02:e7:53:a8:fe:9f:d3:82:05:cc:
80:0b:16:26:cb:31:bc:3f:90:ff:f1:78:49:cb:34:
53:56:59:99:30:7a:91:6e:9e:fe:5d:e9:fb:7e:a7:
ac:c2:6b:d2:6b:9f:c3:c1:a6:6f:a2:77:73:e4:13:
68:6d:35:bd:32:75:88:55:9b:96:59:e0:ef:64:7e:
09:d6:b9:75:ce:89:a9:a9:c3:27:9d:b8:29:7f:0d:
50:4c:4f:3a:de:77:8c:d1:e4:29:ab:b2:e0:83:5d:
95:54:64:04:8b:b2:4c:6d:ee:c0:60:17:c9:d2:3b:
45:5c:cd:ad:77:ad:d5:16:6e:b8:aa:d3:f7:1f:e9:
cb:7c:b5:b1:5f:f3:b8:d9:82:01:1f:e3:c1:17:83:
6a:52:8d:b0:d7:1c:0b:3f:3b:37:e5:84:3b:17:5c:
b3:c0:cb:bd:cd:3f:6a:33:cc:c1:00:a7:96:7d:6b:
24:14:54:5f:44:d4:75:50:ef:94:17:c9:c7:91:9f:
34:41:41:e1:b6:c3:20:6d:c0:b0:42:bc:29:72:ad:
2d:a8:76:b8:db:76:2f:06:1d:34:41:7e:96:67:86:
a7:7a:2a:60:75:55:fe:79:a8:06:a1:dd:32:33:91:
f9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CA:1C:36:11:D8:8B:D0:3E:AC:B3:E0:DA:C8:DF:12:6B:9D:46:B7
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3631383a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:618::/48
Signature Algorithm: sha256WithRSAEncryption
3a:c6:a4:38:a4:ab:d3:93:bf:50:ed:d8:fb:9c:9f:fe:08:72:
2c:6d:2b:d5:18:e7:8c:fc:89:08:0d:91:5a:02:4d:6b:ec:c3:
56:a0:fa:28:ab:ac:39:41:4d:9f:e2:b3:7f:50:6b:d8:ea:2d:
fc:e9:61:a9:b7:52:e3:3e:0f:20:5a:19:8b:fc:77:2d:e2:40:
b9:e7:ba:47:a3:8b:1d:a9:35:00:1e:f3:bf:89:bc:50:88:63:
ef:33:63:82:46:b0:fd:ca:68:6e:0e:55:67:4d:ee:0e:c5:18:
6f:7d:67:57:96:67:8e:ea:36:c4:86:94:01:01:8f:2d:63:32:
a0:d2:49:35:56:86:7d:ba:42:ac:23:4c:d0:5e:99:cd:91:45:
aa:4d:67:19:ee:ec:ff:24:0b:4c:e3:91:be:eb:d4:67:22:d1:
bf:e4:c9:1b:8e:56:2d:b6:da:99:6e:19:73:81:fa:2a:1b:cb:
00:76:6e:5f:e7:0d:c9:be:da:f2:3b:c9:a2:21:fe:fe:2d:83:
04:b6:88:ae:f8:9b:dc:1f:4e:e5:8d:3e:d5:34:39:23:ba:f3:
e2:2e:45:4d:30:c0:48:45:83:3d:21:4e:dd:4d:07:83:e1:cc:
23:b9:9b:be:82:6b:49:fa:78:1b:0e:b3:6b:27:9d:c7:fc:79:
14:10:cb:31
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUGruV61dqgQrxN1z3oG7I+dQcs38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNzAxNDFaFw0yNTA0MjkwNzA2NDFaMDMxMTAvBgNV
BAMTKDlBQ0ExQzM2MTFEODhCRDAzRUFDQjNFMERBQzhERjEyNkI5RDQ2QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdZj5tYEYY7Ai6Oq9UxZgDZJgf
AudTqP6f04IFzIALFibLMbw/kP/xeEnLNFNWWZkwepFunv5d6ft+p6zCa9Jrn8PB
pm+id3PkE2htNb0ydYhVm5ZZ4O9kfgnWuXXOiampwyeduCl/DVBMTzred4zR5Cmr
suCDXZVUZASLskxt7sBgF8nSO0Vcza13rdUWbriq0/cf6ct8tbFf87jZggEf48EX
g2pSjbDXHAs/OzflhDsXXLPAy73NP2ozzMEAp5Z9ayQUVF9E1HVQ75QXyceRnzRB
QeG2wyBtwLBCvClyrS2odrjbdi8GHTRBfpZnhqd6KmB1Vf55qAah3TIzkfmxAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUmsocNhHYi9A+rLPg2sjfEmudRrcwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzEzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEGGDANBgkqhkiG9w0BAQsFAAOCAQEAOsak
OKSr05O/UO3Y+5yf/ghyLG0r1RjnjPyJCA2RWgJNa+zDVqD6KKusOUFNn+Kzf1Br
2Oot/OlhqbdS4z4PIFoZi/x3LeJAuee6R6OLHak1AB7zv4m8UIhj7zNjgkaw/cpo
bg5VZ03uDsUYb31nV5Znjuo2xIaUAQGPLWMyoNJJNVaGfbpCrCNM0F6ZzZFFqk1n
Ge7s/yQLTOORvuvUZyLRv+TJG45WLbbamW4Zc4H6KhvLAHZuX+cNyb7a8jvJoiH+
/i2DBLaIrvib3B9O5Y0+1TQ5I7rz4i5FTTDASEWDPSFO3U0Hg+HMI7mbvoJrSfp4
Gw6zayedx/x5FBDLMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:57 2024 by rpki-client on console-ams.rpki-client.org