Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3336203d3e203438373030.roa
File: 326131343a316563373a633030303a3a2f33362d3336203d3e203438373030.roa (raw, json)
Hash identifier: 5bvhGfPTiCosJMAK7OpDyyn5frDaDKuKNZVt3xzUXao=
Subject key identifier: 2B:9D:46:71:4D:7F:78:B9:4B:26:1A:F8:84:5F:6F:E4:50:6C:84:B2
Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Certificate serial: 4714C0AB29288EBC0244B501ECD42CADCFF97BEA
Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3336203d3e203438373030.roa
Signing time: Sun 15 Sep 2024 14:36:33 +0000
ROA not before: Sun 15 Sep 2024 14:31:33 +0000
ROA not after: Sun 14 Sep 2025 14:36:33 +0000
asID: 48700
IP address blocks: 2a14:1ec7:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 19 Oct 2024 08:32:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:14:c0:ab:29:28:8e:bc:02:44:b5:01:ec:d4:2c:ad:cf:f9:7b:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Validity
Not Before: Sep 15 14:31:33 2024 GMT
Not After : Sep 14 14:36:33 2025 GMT
Subject: CN=2B9D46714D7F78B94B261AF8845F6FE4506C84B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:51:a1:61:be:14:fb:67:ef:bf:43:4a:1e:ac:
20:27:29:23:85:2f:a3:df:1c:8e:19:fe:05:4b:80:
5a:4d:dd:1e:82:d6:be:3f:53:1b:f2:89:be:17:97:
43:ca:40:74:6b:d3:a4:7e:05:74:6b:9f:bd:e0:1c:
9e:a6:3c:f2:d5:3a:50:5e:f8:76:27:b4:b0:89:3a:
1a:dd:67:56:bb:f0:ca:2f:74:01:b4:f7:90:d0:3f:
98:67:e5:d1:81:3a:70:ab:fd:24:51:37:fd:5f:8b:
3f:df:2a:d7:31:81:b3:87:18:00:a1:49:20:1a:40:
b4:b2:1b:81:13:ad:a0:1e:e2:8f:44:f4:24:d2:9e:
92:6c:83:bf:3c:9c:83:28:02:8c:77:5d:33:e7:4e:
e1:8b:93:4f:94:cb:86:ec:de:b1:55:32:c5:c6:b3:
05:44:5c:d5:d8:72:20:c5:50:45:58:d7:6d:f2:4b:
d8:15:d1:16:14:13:d2:8d:2c:1a:f6:d0:28:8e:41:
4d:22:cf:d4:a2:3a:bb:cd:ae:6f:0f:70:73:0d:4b:
89:eb:d2:fb:d1:ce:eb:15:de:28:e8:08:bc:91:fa:
21:a6:3c:63:0c:31:56:d7:78:e8:fc:92:00:53:5c:
e1:a1:fb:ce:c9:77:c9:af:0f:00:47:b0:97:ff:9e:
81:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9D:46:71:4D:7F:78:B9:4B:26:1A:F8:84:5F:6F:E4:50:6C:84:B2
X509v3 Authority Key Identifier:
keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3336203d3e203438373030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
3b:6d:5d:f4:9b:ef:69:69:0a:5c:75:58:f2:4e:68:9b:6d:86:
b9:61:3c:30:1b:b6:2b:f1:51:a2:33:91:95:04:62:9d:8d:ea:
da:d7:c0:a5:44:de:74:27:f3:57:98:db:fa:a7:4d:6d:b6:3c:
24:0b:14:5b:fc:59:34:d5:d4:3b:94:a3:4c:60:ec:3c:f5:eb:
77:69:0f:2a:90:4e:48:cc:59:21:1c:e0:c2:49:d0:b5:8d:7a:
23:a9:4e:1d:cf:a5:9a:71:92:e4:3b:f2:52:b9:c6:7d:ba:f8:
24:b3:8b:6d:58:1b:bd:49:0f:02:60:1d:52:db:d6:a4:17:8b:
89:86:56:80:de:ad:c0:26:55:47:46:22:2d:58:5a:dc:27:c5:
57:5d:34:f2:5a:52:e5:df:ac:82:02:21:60:c3:94:c7:0d:cd:
1f:7d:9e:95:6f:1f:32:f7:6c:bd:70:a4:ee:9e:55:b5:e9:fa:
a0:88:97:b4:e5:c2:f7:df:b9:cf:49:8b:c3:f9:62:5a:99:03:
68:ac:03:18:03:e7:5a:f2:82:00:e1:2d:81:93:0f:68:1d:3f:
29:4f:85:79:f5:0c:cc:69:89:e9:2f:b5:99:4b:54:4c:e8:dd:
ac:ec:f9:61:50:48:17:2d:8b:5d:0d:a6:63:b8:41:f5:0a:d5:
ff:1c:f1:50
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIURxTAqykojrwCRLUB7NQsrc/5e+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG
NEFCREVDNjAeFw0yNDA5MTUxNDMxMzNaFw0yNTA5MTQxNDM2MzNaMDMxMTAvBgNV
BAMTKDJCOUQ0NjcxNEQ3Rjc4Qjk0QjI2MUFGODg0NUY2RkU0NTA2Qzg0QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXUaFhvhT7Z++/Q0oerCAnKSOF
L6PfHI4Z/gVLgFpN3R6C1r4/Uxvyib4Xl0PKQHRr06R+BXRrn73gHJ6mPPLVOlBe
+HYntLCJOhrdZ1a78MovdAG095DQP5hn5dGBOnCr/SRRN/1fiz/fKtcxgbOHGACh
SSAaQLSyG4ETraAe4o9E9CTSnpJsg788nIMoAox3XTPnTuGLk0+Uy4bs3rFVMsXG
swVEXNXYciDFUEVY123yS9gV0RYUE9KNLBr20CiOQU0iz9SiOrvNrm8PcHMNS4nr
0vvRzusV3ijoCLyR+iGmPGMMMVbXeOj8kgBTXOGh+87Jd8mvDwBHsJf/noHfAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUK51GcU1/eLlLJhr4hF9v5FBshLIwHwYDVR0j
BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD
QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz
NDNhMzE2NTYzMzczYTYzMzAzMDMwM2EzYTJmMzMzNjJkMzMzNjIwM2QzZTIwMzQz
ODM3MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGBCoUHsfAMA0GCSqGSIb3DQEBCwUAA4IBAQA7bV30
m+9paQpcdVjyTmibbYa5YTwwG7Yr8VGiM5GVBGKdjera18ClRN50J/NXmNv6p01t
tjwkCxRb/Fk01dQ7lKNMYOw89et3aQ8qkE5IzFkhHODCSdC1jXojqU4dz6WacZLk
O/JSucZ9uvgks4ttWBu9SQ8CYB1S29akF4uJhlaA3q3AJlVHRiItWFrcJ8VXXTTy
WlLl36yCAiFgw5THDc0ffZ6Vbx8y92y9cKTunlW16fqgiJe05cL337nPSYvD+WJa
mQNorAMYA+da8oIA4S2Bkw9oHT8pT4V59QzMaYnpL7WZS1RM6N2s7PlhUEgXLYtd
DaZjuEH1CtX/HPFQ
-----END CERTIFICATE-----
Generated at Sat Oct 19 10:00:35 2024 by rpki-client on console-fra.rpki-client.org