Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3138352e3139352e3233382e302f32342d3332203d3e203437323732.roa
File: 3138352e3139352e3233382e302f32342d3332203d3e203437323732.roa (raw, json)
Hash identifier: 1VMnUbrfuLToG+9r8yWZepLDrdJwJWAevVYllwIG5WE=
Subject key identifier: 36:42:ED:C3:52:BD:59:16:47:E2:50:5C:8B:65:BF:4A:2B:67:08:66
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 42410F3799E24D4D995E0D928EB676CD8FBF5BF1
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3138352e3139352e3233382e302f32342d3332203d3e203437323732.roa
Signing time: Fri 28 Jun 2024 21:32:14 +0000
ROA not before: Fri 28 Jun 2024 21:27:14 +0000
ROA not after: Fri 27 Jun 2025 21:32:14 +0000
asID: 47272
IP address blocks: 185.195.238.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 24 Jul 2024 14:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:41:0f:37:99:e2:4d:4d:99:5e:0d:92:8e:b6:76:cd:8f:bf:5b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jun 28 21:27:14 2024 GMT
Not After : Jun 27 21:32:14 2025 GMT
Subject: CN=3642EDC352BD591647E2505C8B65BF4A2B670866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:59:27:99:48:02:48:a2:51:f2:a4:ae:dd:d2:
e6:dd:74:02:50:89:4c:97:40:56:60:89:2b:a9:0b:
bb:3c:d0:f1:b2:36:65:1c:09:e5:52:36:7b:71:10:
20:55:39:82:0a:2a:8a:6a:37:9a:2a:31:a7:41:1c:
ad:13:37:cd:3f:4f:0f:b2:e8:16:2a:ad:62:2d:f3:
1d:64:36:c4:d0:11:bb:82:5a:58:74:80:a9:25:01:
11:bf:2e:71:ec:af:80:4d:ba:80:66:d3:f3:72:1d:
5a:e8:e5:ec:2a:67:83:c3:89:da:68:67:95:ff:d6:
bd:3c:c2:bc:f4:e7:b4:91:2b:d2:5c:b3:51:0b:7c:
8d:35:eb:28:0f:61:ae:94:08:8c:b5:38:17:d1:9e:
b3:b9:6b:2f:7c:90:8f:fa:24:ff:7a:4b:1c:2b:49:
64:85:53:5e:91:b5:47:48:3f:b7:c4:65:f5:eb:a7:
fc:2c:30:c7:bb:6c:b3:1e:63:df:b2:3e:13:3f:aa:
ac:3f:2e:a7:b4:e7:b7:3c:ad:27:6a:71:ad:61:4e:
04:52:ea:b9:1d:a5:24:aa:0c:ad:c6:ed:14:06:05:
a6:f5:45:e3:3f:1e:9f:96:62:17:c0:c7:24:b4:1e:
08:b4:ee:f4:1a:ec:7d:b5:32:50:19:4f:31:87:6d:
b4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:42:ED:C3:52:BD:59:16:47:E2:50:5C:8B:65:BF:4A:2B:67:08:66
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/3138352e3139352e3233382e302f32342d3332203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.238.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2b:b7:84:fa:3d:4f:eb:f3:0e:31:13:e6:c7:e8:83:f9:81:
df:79:79:1a:d5:ee:61:05:d0:3e:53:c5:4d:ea:c2:ac:89:7a:
ca:cf:93:8c:a9:72:ad:fe:10:eb:2b:f1:fd:ab:e5:19:bb:fa:
48:a6:09:74:21:d6:1f:0c:08:15:0b:c4:e2:93:b3:94:55:14:
5b:a5:bb:12:1b:ce:f1:66:5d:6b:02:5e:a2:e4:90:db:ee:f9:
0a:71:f7:c0:89:55:1a:ba:0b:e2:5d:dd:9f:d2:f8:45:82:fc:
13:f6:4a:ce:0c:2e:f4:92:f2:08:43:6f:82:5c:cc:44:28:26:
5e:07:e4:20:54:84:d5:d3:d0:f9:d7:5f:ef:c7:d7:7b:6c:9b:
9d:06:71:41:55:89:0d:0e:18:21:e8:26:f4:99:e3:a0:5f:a5:
fe:96:e7:cf:51:db:fb:3e:08:1b:ef:f3:68:b2:ff:eb:49:e0:
7d:21:c3:b4:0a:79:46:b4:15:9d:fd:0e:6a:81:4f:50:d0:19:
85:66:3c:e0:63:69:76:1c:f4:d1:5d:09:17:bd:4b:72:c0:75:
f5:ed:77:08:83:fc:08:ac:93:88:ca:c4:5f:e3:be:11:0c:fb:
7f:dd:e2:0e:97:45:2e:e4:74:91:da:1f:ae:f2:72:ba:19:e5:
cc:b9:e9:5c
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUQkEPN5niTU2ZXg2SjrZ2zY+/W/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNDA2MjgyMTI3MTRaFw0yNTA2MjcyMTMyMTRaMDMxMTAvBgNV
BAMTKDM2NDJFREMzNTJCRDU5MTY0N0UyNTA1QzhCNjVCRjRBMkI2NzA4NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZWSeZSAJIolHypK7d0ubddAJQ
iUyXQFZgiSupC7s80PGyNmUcCeVSNntxECBVOYIKKopqN5oqMadBHK0TN80/Tw+y
6BYqrWIt8x1kNsTQEbuCWlh0gKklARG/LnHsr4BNuoBm0/NyHVro5ewqZ4PDidpo
Z5X/1r08wrz057SRK9Jcs1ELfI016ygPYa6UCIy1OBfRnrO5ay98kI/6JP96Sxwr
SWSFU16RtUdIP7fEZfXrp/wsMMe7bLMeY9+yPhM/qqw/Lqe057c8rSdqca1hTgRS
6rkdpSSqDK3G7RQGBab1ReM/Hp+WYhfAxyS0Hgi07vQa7H21MlAZTzGHbbS/AgMB
AAGjggJvMIICazAdBgNVHQ4EFgQUNkLtw1K9WRZH4lBci2W/SitnCGYwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzAvMzEzODM1MmUzMTM5MzUyZTMy
MzMzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM0MzczMjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5w+4wDQYJKoZIhvcNAQELBQADggEBAEQrt4T6PU/r8w4xE+bH6IP5gd95eRrV
7mEF0D5TxU3qwqyJesrPk4ypcq3+EOsr8f2r5Rm7+kimCXQh1h8MCBULxOKTs5RV
FFuluxIbzvFmXWsCXqLkkNvu+Qpx98CJVRq6C+Jd3Z/S+EWC/BP2Ss4MLvSS8ghD
b4JczEQoJl4H5CBUhNXT0PnXX+/H13tsm50GcUFViQ0OGCHoJvSZ46Bfpf6W589R
2/s+CBvv82iy/+tJ4H0hw7QKeUa0FZ39DmqBT1DQGYVmPOBjaXYc9NFdCRe9S3LA
dfXtdwiD/Aisk4jKxF/jvhEM+3/d4g6XRS7kdJHaH67ycroZ5cy56Vw=
Generated at Wed Jul 24 18:15:04 2024 by rpki-client on console-fra.rpki-client.org