Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a3a2f33322d3438203d3e203134363138.roa
File: 326130363a313238333a3a2f33322d3438203d3e203134363138.roa (raw, json)
Hash identifier: mxQ11jCATpdZcq822GUevE4feehbzyxFpFu00bt7gIg=
Subject key identifier: 71:B9:97:16:46:6E:FC:9A:75:FD:23:2B:97:D0:6B:18:96:EB:5B:28
Certificate issuer: /CN=20595BDBAD09C7D604202305854D1DF14F190959
Certificate serial: 245A3B55C8E1BA75B4BDC5D73107D38A357FBA6E
Authority key identifier: 20:59:5B:DB:AD:09:C7:D6:04:20:23:05:85:4D:1D:F1:4F:19:09:59
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a3a2f33322d3438203d3e203134363138.roa
Signing time: Sat 19 Oct 2024 08:10:59 +0000
ROA not before: Sat 19 Oct 2024 08:05:59 +0000
ROA not after: Sat 18 Oct 2025 08:10:59 +0000
asID: 14618
IP address blocks: 2a06:1283::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Oct 2024 18:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:5a:3b:55:c8:e1:ba:75:b4:bd:c5:d7:31:07:d3:8a:35:7f:ba:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20595BDBAD09C7D604202305854D1DF14F190959
Validity
Not Before: Oct 19 08:05:59 2024 GMT
Not After : Oct 18 08:10:59 2025 GMT
Subject: CN=71B99716466EFC9A75FD232B97D06B1896EB5B28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:00:6c:97:81:ff:a7:3a:c8:d2:71:fd:2d:bc:
94:c4:87:5d:d6:44:e4:bf:a1:98:50:43:61:b7:d9:
21:25:51:67:08:c0:c4:0a:43:f7:30:09:2c:2f:4d:
a1:11:39:d0:58:47:91:b0:16:bf:9e:07:ca:19:59:
a5:cd:a3:0b:fe:1c:eb:0c:9f:10:ef:f9:a1:11:f1:
46:e7:e8:8e:25:66:6d:62:f9:55:de:7d:3a:2f:b4:
a9:4e:c9:31:d9:a0:ad:76:94:e5:97:f1:8a:f5:5a:
98:ae:c8:2f:be:f2:d8:ea:cd:14:61:06:dd:a5:6d:
b8:3d:40:9e:cd:db:1c:03:15:e9:6c:57:7c:c2:92:
2d:df:cd:d4:0c:13:be:3a:18:0e:87:94:0e:fb:da:
bd:29:d0:bf:ea:8b:ec:e4:a8:14:23:5e:70:8b:e6:
48:f5:ab:5a:46:0f:0d:65:1e:2b:94:83:35:05:36:
6f:88:e1:a3:f5:0a:27:7c:cf:ed:02:e6:7a:32:b6:
b6:b9:8f:17:b0:fc:5a:57:a6:fe:cd:c2:3c:e7:66:
dc:94:82:58:d4:72:40:01:10:5b:a9:70:f0:11:2f:
d6:af:da:44:8d:94:3f:2f:46:e5:c9:9c:89:72:86:
d2:e7:1c:76:8c:a5:33:64:73:78:62:3e:15:c4:a5:
a1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B9:97:16:46:6E:FC:9A:75:FD:23:2B:97:D0:6B:18:96:EB:5B:28
X509v3 Authority Key Identifier:
keyid:20:59:5B:DB:AD:09:C7:D6:04:20:23:05:85:4D:1D:F1:4F:19:09:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/20595BDBAD09C7D604202305854D1DF14F190959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a3a2f33322d3438203d3e203134363138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1283::/32
Signature Algorithm: sha256WithRSAEncryption
5e:92:93:83:d0:f3:a7:2f:11:82:6f:01:1d:25:54:0f:45:d1:
ba:8e:89:d3:7b:4c:df:fb:9d:d9:b5:c6:d3:dd:f1:14:aa:98:
ec:01:3e:45:a1:0d:70:a8:b8:97:fb:03:30:16:ae:a7:ec:6a:
88:49:14:7e:72:bb:ff:2f:e9:d7:2b:06:b7:70:e7:86:ee:7e:
5d:08:cc:a4:de:be:91:ea:3a:0d:63:1d:13:3a:3f:05:f8:cd:
d0:11:27:6e:e7:aa:86:76:f8:e1:eb:b4:2f:3a:45:88:6c:04:
22:92:98:56:d8:06:b1:5c:dc:ad:18:74:f9:79:24:97:3c:bf:
85:35:3f:07:e0:cb:72:5a:88:91:2e:03:f5:e7:69:04:c5:c4:
5d:de:fd:2f:04:22:2f:da:9e:cb:12:d6:5c:40:62:28:d0:e0:
c0:c5:07:96:5b:7a:1b:95:77:be:a4:59:77:22:d5:c1:cc:07:
e7:e7:01:ea:63:f5:33:42:35:a5:23:93:3e:a2:03:41:e3:af:
8d:15:88:e2:4b:8e:64:4a:34:e7:f4:5d:1a:95:96:5d:f5:e9:
0f:37:2d:5a:b2:55:09:c8:4c:b9:e2:56:cf:a9:36:51:c6:cd:
5b:a1:ea:14:4d:2c:27:19:c5:ce:59:11:0a:ad:b3:dc:15:f8:
ee:de:1c:51
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIUJFo7VcjhunW0vcXXMQfTijV/um4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0
RjE5MDk1OTAeFw0yNDEwMTkwODA1NTlaFw0yNTEwMTgwODEwNTlaMDMxMTAvBgNV
BAMTKDcxQjk5NzE2NDY2RUZDOUE3NUZEMjMyQjk3RDA2QjE4OTZFQjVCMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgAGyXgf+nOsjScf0tvJTEh13W
ROS/oZhQQ2G32SElUWcIwMQKQ/cwCSwvTaEROdBYR5GwFr+eB8oZWaXNowv+HOsM
nxDv+aER8Ubn6I4lZm1i+VXefTovtKlOyTHZoK12lOWX8Yr1WpiuyC++8tjqzRRh
Bt2lbbg9QJ7N2xwDFelsV3zCki3fzdQME746GA6HlA772r0p0L/qi+zkqBQjXnCL
5kj1q1pGDw1lHiuUgzUFNm+I4aP1Cid8z+0C5noytra5jxew/FpXpv7NwjznZtyU
gljUckABEFupcPARL9av2kSNlD8vRuXJnIlyhtLnHHaMpTNkc3hiPhXEpaHVAgMB
AAGjggJsMIICaDAdBgNVHQ4EFgQUcbmXFkZu/Jp1/SMrl9BrGJbrWygwHwYDVR0j
BBgwFoAUIFlb260Jx9YEICMFhU0d8U8ZCVkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzEvMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0RjE5MDk1OS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0RjE5
MDk1OS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMt
MjA1OC00M2JiLTlhYzYtNWFiNDJkZmJmNDA5LzEvMzI2MTMwMzYzYTMxMzIzODMz
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzEzNDM2MzEzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoG
EoMwDQYJKoZIhvcNAQELBQADggEBAF6Sk4PQ86cvEYJvAR0lVA9F0bqOidN7TN/7
ndm1xtPd8RSqmOwBPkWhDXCouJf7AzAWrqfsaohJFH5yu/8v6dcrBrdw54bufl0I
zKTevpHqOg1jHRM6PwX4zdARJ27nqoZ2+OHrtC86RYhsBCKSmFbYBrFc3K0YdPl5
JJc8v4U1Pwfgy3JaiJEuA/XnaQTFxF3e/S8EIi/anssS1lxAYijQ4MDFB5ZbehuV
d76kWXci1cHMB+fnAepj9TNCNaUjkz6iA0Hjr40ViOJLjmRKNOf0XRqVll316Q83
LVqyVQnITLniVs+pNlHGzVuh6hRNLCcZxc5ZEQqts9wV+O7eHFE=
-----END CERTIFICATE-----
Generated at Wed Oct 30 21:37:28 2024 by rpki-client on console-fra.rpki-client.org