Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563313a3a2f33322d3438203d3e203134363138.roa
File: 326131343a316563313a3a2f33322d3438203d3e203134363138.roa (raw, json)
Hash identifier: CT2KLvyKhuPc5MYl2+n5PewJFNbpymVAUjV7PdjOY7o=
Subject key identifier: 3D:42:80:03:24:9C:E4:26:92:33:C4:64:59:C3:BA:7C:1E:99:83:8C
Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Certificate serial: 5DF93B3124AFB7F01801C8BFFC162C4AAAB60303
Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563313a3a2f33322d3438203d3e203134363138.roa
Signing time: Sat 19 Oct 2024 08:13:03 +0000
ROA not before: Sat 19 Oct 2024 08:08:03 +0000
ROA not after: Sat 18 Oct 2025 08:13:03 +0000
asID: 14618
IP address blocks: 2a14:1ec1::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Oct 2024 18:59:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:f9:3b:31:24:af:b7:f0:18:01:c8:bf:fc:16:2c:4a:aa:b6:03:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Validity
Not Before: Oct 19 08:08:03 2024 GMT
Not After : Oct 18 08:13:03 2025 GMT
Subject: CN=3D428003249CE4269233C46459C3BA7C1E99838C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:df:7f:43:d3:c5:41:24:7a:fb:18:5d:e5:8e:
f2:a4:56:af:1a:4f:bc:4e:8a:30:f1:de:46:95:7c:
67:8c:e3:91:d7:7f:87:60:43:9f:99:e1:66:92:ab:
14:c9:26:e4:28:88:75:09:02:a9:18:3c:80:8d:66:
7d:32:b3:ef:fd:ac:aa:2d:00:58:b4:39:d8:5e:b8:
9f:d0:f0:0d:e6:41:b0:95:b7:58:51:32:9a:aa:9c:
39:2b:13:b5:85:65:5e:19:46:a2:89:63:d3:ed:c0:
e1:f3:3b:34:e3:42:a0:1a:b9:19:2c:c8:88:db:b0:
45:a0:81:4e:6d:45:e3:61:a2:83:d8:b7:39:6c:38:
c8:d6:69:c7:91:af:4d:1d:b2:b8:37:02:16:b3:d7:
eb:49:5f:e6:c7:05:66:14:ac:6c:3d:e3:15:91:57:
90:49:92:ad:a9:cf:fa:44:de:0e:50:35:30:d4:7d:
55:1c:72:6b:90:49:de:b0:19:5b:82:51:26:60:eb:
6d:be:59:eb:2c:73:b4:75:4a:d4:76:79:f4:60:9a:
db:c3:83:3d:b6:70:17:8e:c7:f4:ad:06:57:23:68:
90:a2:63:e0:e0:1a:3c:da:7a:eb:89:e6:60:fa:3f:
9d:f3:44:d0:d4:d6:f3:40:6f:f6:b5:89:4e:35:ff:
42:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:42:80:03:24:9C:E4:26:92:33:C4:64:59:C3:BA:7C:1E:99:83:8C
X509v3 Authority Key Identifier:
keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563313a3a2f33322d3438203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec1::/32
Signature Algorithm: sha256WithRSAEncryption
6e:cd:0e:c0:a6:61:f2:43:55:f8:5d:b5:2a:cb:b0:be:29:d5:
68:04:4d:b9:9b:6d:df:f0:ae:b3:e5:00:59:a7:4b:54:cc:b7:
a6:11:28:03:b4:f7:16:94:58:d7:a0:c0:d9:cb:16:8d:b1:cc:
8c:d5:dd:26:16:c8:94:26:8f:5d:74:32:62:7d:25:74:04:8d:
26:19:e6:ea:24:81:91:7e:5b:9d:d5:49:af:9b:ad:db:24:0d:
a9:9b:10:77:fd:37:22:29:d1:d8:8e:53:73:2e:03:54:ca:40:
01:82:65:36:18:d0:b2:34:dd:bd:b2:94:41:89:ad:19:ea:4d:
5c:e7:c3:b3:c1:da:10:b7:24:6c:d2:58:aa:b8:1f:27:c9:db:
25:ac:7a:9f:22:12:ca:11:74:89:94:9d:a4:a0:09:4d:13:f5:
6d:a0:6e:b6:61:38:e4:b6:dd:87:b9:64:6b:81:1e:39:af:40:
2b:3a:d1:86:97:96:57:27:9b:3f:d7:80:2b:65:c7:7f:a7:0a:
cf:6e:b9:c6:75:cf:d8:0a:a8:de:8b:7c:7f:4a:e3:83:89:6a:
ee:03:c0:6d:9f:c5:42:b9:67:29:3b:d2:75:60:bc:63:bb:b5:
ad:06:46:2d:5d:cf:0a:16:c0:75:6e:1c:c4:fd:22:bb:c9:a4:
a1:67:ba:b8
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUXfk7MSSvt/AYAci//BYsSqq2AwMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG
NEFCREVDNjAeFw0yNDEwMTkwODA4MDNaFw0yNTEwMTgwODEzMDNaMDMxMTAvBgNV
BAMTKDNENDI4MDAzMjQ5Q0U0MjY5MjMzQzQ2NDU5QzNCQTdDMUU5OTgzOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4339D08VBJHr7GF3ljvKkVq8a
T7xOijDx3kaVfGeM45HXf4dgQ5+Z4WaSqxTJJuQoiHUJAqkYPICNZn0ys+/9rKot
AFi0OdheuJ/Q8A3mQbCVt1hRMpqqnDkrE7WFZV4ZRqKJY9PtwOHzOzTjQqAauRks
yIjbsEWggU5tReNhooPYtzlsOMjWaceRr00dsrg3Ahaz1+tJX+bHBWYUrGw94xWR
V5BJkq2pz/pE3g5QNTDUfVUccmuQSd6wGVuCUSZg622+Wessc7R1StR2efRgmtvD
gz22cBeOx/StBlcjaJCiY+DgGjzaeuuJ5mD6P53zRNDU1vNAb/a1iU41/0IbAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQUPUKAAySc5CaSM8RkWcO6fB6Zg4wwHwYDVR0j
BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD
QkIzOTg3NkY0QUJERUM2LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgGCCsGAQUF
BzALhoGLcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz
NDNhMzE2NTYzMzEzYTNhMmYzMzMyMmQzNDM4MjAzZDNlMjAzMTM0MzYzMTM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAKhQewTANBgkqhkiG9w0BAQsFAAOCAQEAbs0OwKZh8kNV+F21Ksuw
vinVaARNuZtt3/Cus+UAWadLVMy3phEoA7T3FpRY16DA2csWjbHMjNXdJhbIlCaP
XXQyYn0ldASNJhnm6iSBkX5bndVJr5ut2yQNqZsQd/03IinR2I5Tcy4DVMpAAYJl
NhjQsjTdvbKUQYmtGepNXOfDs8HaELckbNJYqrgfJ8nbJax6nyISyhF0iZSdpKAJ
TRP1baButmE45Lbdh7lka4EeOa9AKzrRhpeWVyebP9eAK2XHf6cKz265xnXP2Aqo
3ot8f0rjg4lq7gPAbZ/FQrlnKTvSdWC8Y7u1rQZGLV3PChbAdW4cxP0iu8mkoWe6
uA==
-----END CERTIFICATE-----
Generated at Wed Oct 30 22:19:28 2024 by rpki-client on console-ams.rpki-client.org