Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3131382e39312e3138342e302f32342d3234203d3e203437323732.roa
File: 3131382e39312e3138342e302f32342d3234203d3e203437323732.roa (raw, json)
Hash identifier: U3J+MDIX4UoAhqC3/4GyMQ7vkVYSoTD+QUViUndk84c=
Subject key identifier: 2D:92:2B:2E:C8:F6:5D:09:D4:6A:56:08:F5:61:80:57:B2:6A:E1:49
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 327603A4E83F0B7AFC0AACE61B6E5F5337EB0137
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3131382e39312e3138342e302f32342d3234203d3e203437323732.roa
Signing time: Wed 28 Aug 2024 14:20:16 +0000
ROA not before: Wed 28 Aug 2024 14:15:16 +0000
ROA not after: Wed 27 Aug 2025 14:20:16 +0000
asID: 47272
IP address blocks: 118.91.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 03:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:76:03:a4:e8:3f:0b:7a:fc:0a:ac:e6:1b:6e:5f:53:37:eb:01:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Aug 28 14:15:16 2024 GMT
Not After : Aug 27 14:20:16 2025 GMT
Subject: CN=2D922B2EC8F65D09D46A5608F5618057B26AE149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:9b:57:79:af:6d:e6:76:58:c7:91:03:ce:
ef:3a:11:b9:1e:3e:48:ee:ba:cb:4c:cc:ab:ab:90:
63:d0:20:49:81:46:b6:cc:11:56:97:ce:7c:5f:1f:
15:fc:64:ff:2a:b7:9e:b8:bf:e6:68:51:cc:3b:50:
38:c6:32:83:d4:c0:2c:a6:3d:c6:e7:7b:4c:e9:6a:
26:fb:68:19:6a:70:1b:77:db:a5:9a:1a:9d:7f:84:
21:58:db:e8:01:e8:26:37:5c:2b:21:70:b1:a5:a6:
c7:69:57:e1:f2:7b:18:cd:8b:3d:d0:b8:0e:1a:1d:
53:04:7c:28:64:b4:c7:fc:6e:08:08:87:ff:d6:15:
c2:ea:9d:83:2c:e1:b0:eb:16:c6:19:16:af:e1:ff:
97:8f:7a:e6:b1:cc:02:59:80:b9:ef:48:7a:55:1d:
89:e7:3f:72:f7:1b:83:83:79:d7:c8:00:95:dc:6c:
a0:f7:f0:43:65:32:33:ef:82:12:6f:5e:01:2d:98:
1b:ea:68:f6:ff:c2:c2:c0:89:12:75:e8:b0:79:1c:
e1:91:fa:e9:ad:36:bb:20:09:24:fe:62:ad:3f:c5:
fd:f6:8f:cb:25:f8:59:a3:c9:50:55:09:34:12:5e:
24:35:e5:6d:df:ce:a0:84:17:c8:db:8a:cd:29:ba:
13:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:92:2B:2E:C8:F6:5D:09:D4:6A:56:08:F5:61:80:57:B2:6A:E1:49
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3131382e39312e3138342e302f32342d3234203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
118.91.184.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:a3:96:01:3e:58:74:7b:9a:6d:84:c6:03:41:a4:f7:a7:0d:
00:56:71:a6:61:e1:8a:21:6e:34:b6:9c:8a:50:86:dc:a6:d2:
16:ea:f3:c3:6f:69:0a:8a:6c:c9:12:90:3c:07:49:07:b5:65:
9e:40:d2:3d:51:cc:f4:2e:a2:ac:df:1d:97:fd:b1:c3:dc:ce:
4a:d2:3e:43:12:b7:75:c8:d2:5c:3e:0e:15:0c:54:30:28:d9:
0b:76:62:b3:3b:aa:d9:9e:73:ff:26:71:12:85:6b:a3:9f:bf:
53:1c:55:2f:6e:47:7f:ef:e0:53:a2:7b:39:b2:ae:9b:da:bf:
96:42:13:ee:3b:10:84:52:1d:c6:f4:29:df:f8:8d:88:41:43:
f4:2f:8b:15:29:a9:8a:2e:46:2a:c2:b1:fb:0e:55:43:b7:f8:
eb:1c:bf:0a:0a:68:c7:1f:97:39:12:9a:9e:10:ac:d0:60:bd:
6b:4d:ee:b8:72:3c:e1:d3:56:37:d4:1e:aa:bd:38:c0:b7:96:
7c:b3:9f:20:41:df:eb:1e:54:cd:fe:08:e2:50:4e:78:46:25:
be:23:df:b6:08:69:e1:9d:8e:a0:79:3a:bb:70:71:97:92:48:
ca:af:f5:1c:c6:ec:19:eb:40:da:28:0e:6a:8a:66:bb:aa:18:
7f:b6:df:58
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIUMnYDpOg/C3r8CqzmG25fUzfrATcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA4MjgxNDE1MTZaFw0yNTA4MjcxNDIwMTZaMDMxMTAvBgNV
BAMTKDJEOTIyQjJFQzhGNjVEMDlENDZBNTYwOEY1NjE4MDU3QjI2QUUxNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVR5tXea9t5nZYx5EDzu86Ebke
PkjuustMzKurkGPQIEmBRrbMEVaXznxfHxX8ZP8qt564v+ZoUcw7UDjGMoPUwCym
Pcbne0zpaib7aBlqcBt326WaGp1/hCFY2+gB6CY3XCshcLGlpsdpV+HyexjNiz3Q
uA4aHVMEfChktMf8bggIh//WFcLqnYMs4bDrFsYZFq/h/5ePeuaxzAJZgLnvSHpV
HYnnP3L3G4ODedfIAJXcbKD38ENlMjPvghJvXgEtmBvqaPb/wsLAiRJ16LB5HOGR
+umtNrsgCST+Yq0/xf32j8sl+FmjyVBVCTQSXiQ15W3fzqCEF8jbis0puhPZAgMB
AAGjggJtMIICaTAdBgNVHQ4EFgQULZIrLsj2XQnUalYI9WGAV7Jq4UkwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzEzMTM4MmUzOTMxMmUzMTM4
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
dlu4MA0GCSqGSIb3DQEBCwUAA4IBAQAfo5YBPlh0e5pthMYDQaT3pw0AVnGmYeGK
IW40tpyKUIbcptIW6vPDb2kKimzJEpA8B0kHtWWeQNI9Ucz0LqKs3x2X/bHD3M5K
0j5DErd1yNJcPg4VDFQwKNkLdmKzO6rZnnP/JnEShWujn79THFUvbkd/7+BTons5
sq6b2r+WQhPuOxCEUh3G9Cnf+I2IQUP0L4sVKamKLkYqwrH7DlVDt/jrHL8KCmjH
H5c5EpqeEKzQYL1rTe64cjzh01Y31B6qvTjAt5Z8s58gQd/rHlTN/gjiUE54RiW+
I9+2CGnhnY6geTq7cHGXkkjKr/UcxuwZ60DaKA5qima7qhh/tt9Y
-----END CERTIFICATE-----
Generated at Thu Aug 29 06:12:37 2024 by rpki-client on console-ams.rpki-client.org