Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3235332e302f32342d3234203d3e203432363839.roa
File: 33312e3232302e3235332e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: EUh5NJR0E0NGXQoEO4Mf4yT8uIJl0LSlOeYb1Iy1ax4=
Subject key identifier: 26:40:73:0B:EC:43:E2:65:E5:29:DF:A3:63:60:DC:39:5A:43:1C:AD
Certificate issuer: /CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Certificate serial: 374A4E2BB07BA6AF592011E86E488ABE47419002
Authority key identifier: 73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3235332e302f32342d3234203d3e203432363839.roa
Signing time: Thu 08 Aug 2024 10:12:14 +0000
ROA not before: Thu 08 Aug 2024 10:07:14 +0000
ROA not after: Thu 07 Aug 2025 10:12:14 +0000
asID: 42689
IP address blocks: 31.220.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 10:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:4a:4e:2b:b0:7b:a6:af:59:20:11:e8:6e:48:8a:be:47:41:90:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=735d93706cbf4688ce7d60fc0ed693d4cc4a9326
Validity
Not Before: Aug 8 10:07:14 2024 GMT
Not After : Aug 7 10:12:14 2025 GMT
Subject: CN=2640730BEC43E265E529DFA36360DC395A431CAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:dc:24:1a:87:8a:06:89:8f:66:68:7f:69:
71:14:92:ad:fd:2c:9d:03:09:74:fb:5d:ed:62:37:
0b:30:08:8d:73:67:36:99:e6:d0:53:67:0c:eb:04:
0d:6a:30:33:b5:28:16:a0:73:1a:19:7d:b8:c4:3e:
e3:8e:94:b8:4a:96:51:24:44:d5:33:37:78:6d:e7:
ba:c5:49:3d:db:96:b0:a5:3b:48:a3:a8:b1:90:62:
58:63:c0:fc:16:98:21:ec:3e:4e:6a:61:bf:55:35:
1a:97:52:f2:25:47:56:dd:21:93:15:51:06:1e:7d:
04:71:a6:be:dd:ee:d7:e6:2a:d9:5e:f1:0a:87:8a:
e7:fc:9b:eb:d6:e5:83:ae:90:cb:94:03:82:62:9a:
98:60:54:ae:f4:ca:b1:e3:bf:4f:3b:74:30:de:81:
87:d6:91:d7:e9:cd:aa:e8:19:d2:e1:d7:d1:56:fa:
ff:ac:70:4c:06:95:c1:1b:c7:3e:62:7c:ec:2e:b5:
e2:a7:9f:7f:00:a3:43:51:b9:4c:71:1a:2c:5b:a8:
e5:f9:16:d8:dc:5d:ff:a9:ad:32:81:e3:55:5f:50:
f7:29:7c:7d:d8:03:a5:1b:e8:ee:49:29:1b:2e:f8:
5f:81:17:4c:fc:0b:1c:f6:b4:d1:c3:ce:a1:46:17:
b9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:40:73:0B:EC:43:E2:65:E5:29:DF:A3:63:60:DC:39:5A:43:1C:AD
X509v3 Authority Key Identifier:
keyid:73:5D:93:70:6C:BF:46:88:CE:7D:60:FC:0E:D6:93:D4:CC:4A:93:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/735D93706CBF4688CE7D60FC0ED693D4CC4A9326.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c12TcGy_RojOfWD8DtaT1MxKkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2e6da5c7-670a-41b1-96eb-3899388b292c/0/33312e3232302e3235332e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.253.0/24
Signature Algorithm: sha256WithRSAEncryption
36:e1:20:22:77:71:1d:bf:f9:f0:f0:6e:f1:8f:49:4c:ac:fb:
43:65:ae:ac:62:4c:c6:c8:ac:27:4a:ff:1d:8b:2c:d8:ca:03:
14:76:2e:ff:5e:8f:72:1e:1b:d4:ad:b7:76:7d:4c:31:a1:fb:
ce:db:66:fb:74:ac:ef:c8:90:52:cf:b0:fb:0c:cb:61:46:31:
79:29:0a:1d:ea:dd:8b:e1:c1:17:1a:cf:24:75:0f:47:8f:a4:
78:2d:71:6b:49:5f:e6:b1:a5:86:6d:b3:16:12:9c:19:66:20:
aa:75:5c:46:e6:25:eb:aa:c6:c0:dd:0a:9e:f9:81:1a:ff:9d:
e3:89:e2:95:c5:c2:7f:46:12:9b:e4:94:93:73:4c:ed:7c:2e:
dd:09:a0:5a:e5:0d:45:58:22:8d:1e:31:97:c3:32:c7:b4:fd:
11:64:17:47:4e:8d:ae:00:bc:1b:18:01:d0:41:e4:b8:2e:7f:
98:25:ce:6b:82:64:9e:69:9f:00:c6:de:b2:23:1a:1a:31:09:
e0:b1:f0:f9:1a:1d:c5:8a:5f:b4:a5:c2:39:64:ec:92:5e:e9:
97:43:f2:3d:4c:56:90:36:4b:c4:1e:bf:90:63:de:00:c7:74:
ea:5a:8e:6c:c3:7b:cd:f8:6c:5b:3a:3c:b3:36:1e:c7:c6:b2:
4f:cb:c1:b0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUN0pOK7B7pq9ZIBHobkiKvkdBkAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzM1ZDkzNzA2Y2JmNDY4OGNlN2Q2MGZjMGVkNjkzZDRj
YzRhOTMyNjAeFw0yNDA4MDgxMDA3MTRaFw0yNTA4MDcxMDEyMTRaMDMxMTAvBgNV
BAMTKDI2NDA3MzBCRUM0M0UyNjVFNTI5REZBMzYzNjBEQzM5NUE0MzFDQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0pdwkGoeKBomPZmh/aXEUkq39
LJ0DCXT7Xe1iNwswCI1zZzaZ5tBTZwzrBA1qMDO1KBagcxoZfbjEPuOOlLhKllEk
RNUzN3ht57rFST3blrClO0ijqLGQYlhjwPwWmCHsPk5qYb9VNRqXUvIlR1bdIZMV
UQYefQRxpr7d7tfmKtle8QqHiuf8m+vW5YOukMuUA4JimphgVK70yrHjv087dDDe
gYfWkdfpzaroGdLh19FW+v+scEwGlcEbxz5ifOwuteKnn38Ao0NRuUxxGixbqOX5
FtjcXf+prTKB41VfUPcpfH3YA6Ub6O5JKRsu+F+BF0z8Cxz2tNHDzqFGF7kjAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJkBzC+xD4mXlKd+jY2DcOVpDHK0wHwYDVR0j
BBgwFoAUc12TcGy/RojOfWD8DtaT1MxKkyYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmU2ZGE1YzctNjcwYS00MWIxLTk2ZWItMzg5OTM4OGIy
OTJjLzAvNzM1RDkzNzA2Q0JGNDY4OENFN0Q2MEZDMEVENjkzRDRDQzRBOTMyNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2MxMlRjR3lfUm9qT2ZXRDhEdGFUMU14
S2t5WS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmU2ZGE1Yzct
NjcwYS00MWIxLTk2ZWItMzg5OTM4OGIyOTJjLzAvMzMzMTJlMzIzMjMwMmUzMjM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzYzODM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9z9MA0GCSqGSIb3DQEBCwUAA4IBAQA24SAid3Edv/nw8G7xj0lMrPtDZa6sYkzG
yKwnSv8diyzYygMUdi7/Xo9yHhvUrbd2fUwxofvO22b7dKzvyJBSz7D7DMthRjF5
KQod6t2L4cEXGs8kdQ9Hj6R4LXFrSV/msaWGbbMWEpwZZiCqdVxG5iXrqsbA3Qqe
+YEa/53jieKVxcJ/RhKb5JSTc0ztfC7dCaBa5Q1FWCKNHjGXwzLHtP0RZBdHTo2u
ALwbGAHQQeS4Ln+YJc5rgmSeaZ8Axt6yIxoaMQngsfD5Gh3Fil+0pcI5ZOySXumX
Q/I9TFaQNkvEHr+QY94Ax3TqWo5sw3vN+GxbOjyzNh7HxrJPy8Gw
-----END CERTIFICATE-----
Generated at Wed Sep 11 13:24:06 2024 by rpki-client on console-ams.rpki-client.org