Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3232342e302f31392d3139203d3e203432363839.roa
File: 3130392e3230322e3232342e302f31392d3139203d3e203432363839.roa (raw, json)
Hash identifier: qOQV8veScFeqsAws5IuD7BNib/fjfWo/HAeVbFlJs/8=
Subject key identifier: 11:56:20:06:A4:DC:8D:3D:FE:C7:AF:80:BB:1D:19:58:D9:C9:F7:51
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 30568EB59C0174A427B2904EBC154712D856C2A1
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3232342e302f31392d3139203d3e203432363839.roa
Signing time: Tue 19 Mar 2024 10:25:15 +0000
ROA not before: Tue 19 Mar 2024 10:20:15 +0000
ROA not after: Tue 18 Mar 2025 10:25:15 +0000
asID: 42689
IP address blocks: 109.202.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 07 Nov 2024 10:45:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:56:8e:b5:9c:01:74:a4:27:b2:90:4e:bc:15:47:12:d8:56:c2:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Mar 19 10:20:15 2024 GMT
Not After : Mar 18 10:25:15 2025 GMT
Subject: CN=11562006A4DC8D3DFEC7AF80BB1D1958D9C9F751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8c:97:68:c8:aa:ea:0d:6c:e4:77:8f:c3:38:
fd:43:31:0a:5b:1c:30:9c:07:0c:c6:11:75:d2:82:
41:2b:9f:bf:b0:b5:f6:4c:63:0b:dd:23:15:da:95:
31:eb:5c:46:56:ce:0c:fb:2b:61:18:b1:6e:ae:f2:
c4:64:cb:be:44:d9:9e:ff:de:b2:06:af:7a:55:5c:
fe:22:57:37:02:6a:bd:e1:e4:65:f8:51:43:cd:77:
9e:90:45:81:1f:ad:06:15:49:99:3d:b7:8e:cd:dd:
f7:47:d0:2c:e0:df:b5:4d:05:08:13:06:9e:83:d8:
81:97:67:26:60:be:80:0c:ba:77:cd:b7:fc:74:a8:
da:72:85:ae:2b:60:51:20:bd:62:81:81:3d:ef:a4:
31:d9:d6:89:16:9d:8c:3d:67:83:dc:75:e4:f9:c6:
48:f8:df:54:2c:61:be:1c:5e:7b:0c:98:14:58:a4:
ab:50:8d:ba:42:d7:7a:c1:be:90:08:57:1f:c0:7f:
00:dd:b8:75:9b:31:54:79:bf:3d:01:f5:fd:e2:9b:
ba:90:ba:c8:a7:9b:00:3f:aa:42:63:34:be:80:62:
da:31:7c:64:8c:5a:f6:f6:f0:9d:13:52:7e:d5:23:
25:49:eb:e2:21:9b:7a:48:05:c0:ba:48:67:1a:40:
4c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:56:20:06:A4:DC:8D:3D:FE:C7:AF:80:BB:1D:19:58:D9:C9:F7:51
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/3130392e3230322e3232342e302f31392d3139203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.224.0/19
Signature Algorithm: sha256WithRSAEncryption
12:59:aa:58:62:d2:df:8b:69:76:d0:cf:d5:31:94:9a:5e:16:
99:24:f7:cb:8f:bf:e0:5a:43:f8:73:65:c9:9b:13:fd:3a:cf:
10:53:7a:a5:cc:a0:1d:b3:0e:68:a2:4b:52:5d:4b:32:08:60:
e6:25:2c:59:0f:43:79:56:36:cb:2a:df:97:85:70:e0:14:8a:
dc:4f:4a:af:ce:71:2a:c9:4d:06:44:99:12:ef:e4:17:1a:fd:
c4:3c:7f:d6:61:94:28:48:ca:79:fa:12:92:ce:ea:a0:1d:96:
a1:c1:38:66:3f:96:85:05:e1:69:6a:e1:4a:59:bb:bb:75:01:
23:bf:5d:c0:a6:a3:5d:e7:80:8e:23:28:49:5c:ef:95:69:d6:
81:56:9c:62:69:cf:a5:50:a3:3e:19:13:c4:69:43:db:8f:44:
7f:d3:7c:6a:a6:4b:d3:5e:4f:dc:20:18:ac:04:bf:65:d4:86:
37:e8:89:d6:37:54:38:4f:8f:91:b2:3e:4c:3d:4e:92:e4:e0:
a9:85:4a:35:72:48:d7:78:28:37:e6:5e:a5:db:17:ca:9c:35:
eb:aa:ef:14:d4:e0:9e:94:10:09:57:4c:a0:4e:05:6b:a1:00:
1b:c6:c5:ab:7e:55:cd:2e:75:50:ca:16:68:be:dc:a1:d6:93:
b6:03:35:1d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMFaOtZwBdKQnspBOvBVHEthWwqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDAzMTkxMDIwMTVaFw0yNTAzMTgxMDI1MTVaMDMxMTAvBgNV
BAMTKDExNTYyMDA2QTREQzhEM0RGRUM3QUY4MEJCMUQxOTU4RDlDOUY3NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7jJdoyKrqDWzkd4/DOP1DMQpb
HDCcBwzGEXXSgkErn7+wtfZMYwvdIxXalTHrXEZWzgz7K2EYsW6u8sRky75E2Z7/
3rIGr3pVXP4iVzcCar3h5GX4UUPNd56QRYEfrQYVSZk9t47N3fdH0Czg37VNBQgT
Bp6D2IGXZyZgvoAMunfNt/x0qNpyha4rYFEgvWKBgT3vpDHZ1okWnYw9Z4PcdeT5
xkj431QsYb4cXnsMmBRYpKtQjbpC13rBvpAIVx/AfwDduHWbMVR5vz0B9f3im7qQ
usinmwA/qkJjNL6AYtoxfGSMWvb28J0TUn7VIyVJ6+Ihm3pIBcC6SGcaQEw1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEVYgBqTcjT3+x6+Aux0ZWNnJ91EwHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzEzMDM5MmUzMjMwMzIyZTMy
MzIzNDJlMzAyZjMxMzkyZDMxMzkyMDNkM2UyMDM0MzIzNjM4Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAVtyuAwDQYJKoZIhvcNAQELBQADggEBABJZqlhi0t+LaXbQz9UxlJpeFpkk98uP
v+BaQ/hzZcmbE/06zxBTeqXMoB2zDmiiS1JdSzIIYOYlLFkPQ3lWNssq35eFcOAU
itxPSq/OcSrJTQZEmRLv5Bca/cQ8f9ZhlChIynn6EpLO6qAdlqHBOGY/loUF4Wlq
4UpZu7t1ASO/XcCmo13ngI4jKElc75Vp1oFWnGJpz6VQoz4ZE8RpQ9uPRH/TfGqm
S9NeT9wgGKwEv2XUhjfoidY3VDhPj5GyPkw9TpLk4KmFSjVySNd4KDfmXqXbF8qc
Neuq7xTU4J6UEAlXTKBOBWuhABvGxat+Vc0udVDKFmi+3KHWk7YDNR0=
-----END CERTIFICATE-----
Generated at Thu Nov 7 15:01:51 2024 by rpki-client on console-fra.rpki-client.org