Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203136353039.roa
File: 326131343a316563373a633030303a3a2f33362d3438203d3e203136353039.roa (raw, json)
Hash identifier: Q/53kUfp4ZgKg7f/gdc6A45yCW/mx6RW19gyXVU0E2I=
Subject key identifier: 66:E3:6F:83:C0:DD:A1:82:65:8E:31:51:12:79:E2:91:9F:93:E7:4B
Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Certificate serial: 429CA035EC8C2F3F2BBB3B50978BD7A0BD9FE50F
Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203136353039.roa
Signing time: Sat 19 Oct 2024 08:13:55 +0000
ROA not before: Sat 19 Oct 2024 08:08:55 +0000
ROA not after: Sat 18 Oct 2025 08:13:55 +0000
asID: 16509
IP address blocks: 2a14:1ec7:c000::/36 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Oct 2024 18:59:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:9c:a0:35:ec:8c:2f:3f:2b:bb:3b:50:97:8b:d7:a0:bd:9f:e5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Validity
Not Before: Oct 19 08:08:55 2024 GMT
Not After : Oct 18 08:13:55 2025 GMT
Subject: CN=66E36F83C0DDA182658E31511279E2919F93E74B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ce:bd:cc:14:91:df:b0:85:b2:96:58:21:6d:
a8:ee:6c:86:9f:af:a6:ec:31:5c:c8:f6:56:a1:b0:
8f:92:19:d6:96:0b:e9:47:9f:42:c1:55:cd:5b:3d:
ce:bb:f2:0d:4b:06:9f:f3:1d:54:24:e0:07:d9:90:
e8:7d:33:51:8d:ae:9e:df:73:f1:e3:39:ff:52:96:
dc:be:d9:c4:48:49:7f:b0:91:ab:48:4f:0d:d7:c2:
57:f4:37:f9:40:b1:8d:3e:53:97:59:a8:eb:bb:0c:
52:1c:89:d4:cc:ba:54:62:cd:aa:db:25:66:c8:eb:
5d:d0:af:f0:c7:b7:6f:0e:44:b5:01:01:da:27:e7:
50:5a:97:4d:e4:ca:5f:25:2d:8f:eb:ef:9e:e5:2c:
26:c3:a1:7e:67:87:a7:38:74:c5:a5:2b:05:ac:83:
cb:c7:96:5a:2d:ca:60:72:07:3d:9c:95:c6:20:a6:
bf:96:d5:0b:16:13:e0:71:50:f7:d9:c4:89:24:13:
55:37:96:c4:92:6c:00:cd:45:ba:af:8b:4b:7b:c1:
e7:f7:bd:26:e0:a6:7d:aa:b6:f6:88:74:86:dc:c2:
83:61:80:44:0c:9e:12:d6:3f:d2:43:aa:66:eb:80:
95:c4:90:4b:38:da:fe:45:55:8b:d1:ae:47:d2:2d:
6a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E3:6F:83:C0:DD:A1:82:65:8E:31:51:12:79:E2:91:9F:93:E7:4B
X509v3 Authority Key Identifier:
keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:4f:a9:1d:9e:45:e9:fb:35:3b:4f:39:c9:29:ce:d9:ab:7b:
35:de:32:bf:07:54:ff:7e:0e:09:17:22:dc:aa:ac:85:6b:c1:
60:c9:9b:6c:90:be:da:26:34:8e:10:14:1f:b1:33:6e:f5:e3:
1a:20:40:29:41:ea:05:9a:ee:52:ec:e7:02:72:fc:dc:86:db:
ae:85:d8:6d:e0:b9:a7:cc:ce:d9:10:0c:f4:57:7d:08:f4:3d:
4c:17:ca:04:cb:53:f1:06:1e:25:47:69:69:1e:bc:9d:e2:1a:
03:45:e8:89:91:f4:1a:05:f5:38:8d:cc:18:44:46:58:c4:3d:
de:8a:8d:e3:26:05:35:8b:ea:39:cd:69:0e:8a:3b:07:5c:5f:
4c:aa:31:13:89:98:7e:5c:7e:ed:a7:cf:30:74:ce:70:89:74:
2c:4a:cd:18:07:cf:60:6a:03:b0:ac:1f:e7:5d:59:1e:5b:5f:
23:75:a4:8e:15:ac:56:57:d0:70:85:2b:86:32:63:22:57:dd:
34:82:be:2b:5e:b0:21:2b:7b:b6:2a:ba:56:02:db:7c:66:15:
5f:04:61:a8:53:f5:be:fc:c3:d7:31:ee:7e:ee:11:5b:44:15:
4c:3d:ba:06:dc:14:91:cc:ae:47:d3:80:8d:79:68:f4:21:91:
a7:dc:c9:ba
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUQpygNeyMLz8ruztQl4vXoL2f5Q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG
NEFCREVDNjAeFw0yNDEwMTkwODA4NTVaFw0yNTEwMTgwODEzNTVaMDMxMTAvBgNV
BAMTKDY2RTM2RjgzQzBEREExODI2NThFMzE1MTEyNzlFMjkxOUY5M0U3NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHzr3MFJHfsIWyllghbajubIaf
r6bsMVzI9lahsI+SGdaWC+lHn0LBVc1bPc678g1LBp/zHVQk4AfZkOh9M1GNrp7f
c/HjOf9Slty+2cRISX+wkatITw3Xwlf0N/lAsY0+U5dZqOu7DFIcidTMulRizarb
JWbI613Qr/DHt28ORLUBAdon51Bal03kyl8lLY/r757lLCbDoX5nh6c4dMWlKwWs
g8vHllotymByBz2clcYgpr+W1QsWE+BxUPfZxIkkE1U3lsSSbADNRbqvi0t7wef3
vSbgpn2qtvaIdIbcwoNhgEQMnhLWP9JDqmbrgJXEkEs42v5FVYvRrkfSLWoxAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUZuNvg8DdoYJljjFREnnikZ+T50swHwYDVR0j
BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD
QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz
NDNhMzE2NTYzMzczYTYzMzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzEz
NjM1MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGBCoUHsfAMA0GCSqGSIb3DQEBCwUAA4IBAQAPT6kd
nkXp+zU7TznJKc7Zq3s13jK/B1T/fg4JFyLcqqyFa8FgyZtskL7aJjSOEBQfsTNu
9eMaIEApQeoFmu5S7OcCcvzchtuuhdht4LmnzM7ZEAz0V30I9D1MF8oEy1PxBh4l
R2lpHryd4hoDReiJkfQaBfU4jcwYREZYxD3eio3jJgU1i+o5zWkOijsHXF9MqjET
iZh+XH7tp88wdM5wiXQsSs0YB89gagOwrB/nXVkeW18jdaSOFaxWV9BwhSuGMmMi
V900gr4rXrAhK3u2KrpWAtt8ZhVfBGGoU/W+/MPXMe5+7hFbRBVMPboG3BSRzK5H
04CNeWj0IZGn3Mm6
-----END CERTIFICATE-----
Generated at Wed Oct 30 22:19:28 2024 by rpki-client on console-ams.rpki-client.org