Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393030343a3a2f34382d3438203d3e203437323732.roa
File: 326131313a323963303a393030343a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: JNxHo3Fec11gMCTJE/0npIPuFyfTd85Zh8D323nwuSs=
Subject key identifier: DA:A2:D2:C1:49:21:EE:68:24:79:3E:53:A1:5A:F4:97:2A:E3:DF:D8
Certificate issuer: /CN=CDC014669D381152AFB94B76936268BFF73E7D50
Certificate serial: 53070E8021176347560D8171D185D9E0676143DF
Authority key identifier: CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393030343a3a2f34382d3438203d3e203437323732.roa
Signing time: Sun 26 Nov 2023 11:08:44 +0000
ROA not before: Sun 26 Nov 2023 11:03:44 +0000
ROA not after: Sun 24 Nov 2024 11:08:44 +0000
asID: 47272
IP address blocks: 2a11:29c0:9004::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 15:53:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:07:0e:80:21:17:63:47:56:0d:81:71:d1:85:d9:e0:67:61:43:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDC014669D381152AFB94B76936268BFF73E7D50
Validity
Not Before: Nov 26 11:03:44 2023 GMT
Not After : Nov 24 11:08:44 2024 GMT
Subject: CN=DAA2D2C14921EE6824793E53A15AF4972AE3DFD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:fe:7d:a7:51:46:a0:ba:7f:8d:ea:7f:82:7a:
15:c5:30:c1:a1:fd:16:28:a7:73:9b:ac:53:8a:b7:
5c:7c:a0:6f:ce:c7:2f:ac:d3:cc:49:ae:e4:87:82:
5c:70:47:36:da:a9:ea:da:64:e0:cb:00:a4:6b:09:
20:d2:61:d8:fc:df:15:09:52:c3:36:36:56:03:65:
9a:a3:13:1d:3f:f9:32:f6:65:5f:5a:10:83:ad:4d:
5f:6a:cc:22:3b:c0:69:6b:24:92:93:20:c6:c7:53:
52:62:93:41:fd:1c:92:e7:08:06:46:b4:8a:0a:d9:
f1:ee:23:39:61:2f:dd:a6:2a:96:44:fd:dd:55:c7:
1e:21:fe:fd:05:a8:d9:32:73:3e:a6:dd:9f:57:b9:
a2:db:3d:54:3b:01:3e:92:43:ae:b8:b8:dd:05:3c:
a5:a5:27:d1:5a:d1:c3:8f:41:3d:95:21:37:69:8d:
65:db:13:87:aa:0a:5c:f0:00:96:c5:ee:1e:5f:7b:
08:54:38:94:08:87:39:f0:87:77:e1:57:eb:2c:a1:
fe:e5:3a:ec:28:8a:78:6c:d7:4c:32:82:0b:8d:b5:
45:b9:34:72:3f:2c:69:23:fa:9e:bf:76:2a:af:2e:
ab:37:86:2b:4c:49:a8:74:7a:92:cf:bf:96:67:b8:
bc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A2:D2:C1:49:21:EE:68:24:79:3E:53:A1:5A:F4:97:2A:E3:DF:D8
X509v3 Authority Key Identifier:
keyid:CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393030343a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9004::/48
Signature Algorithm: sha256WithRSAEncryption
74:b9:39:e2:7f:a6:ce:3d:d9:99:54:b1:94:5a:b5:65:a3:50:
5b:95:b7:7e:ee:7a:85:35:4d:fc:c6:ca:b2:0f:da:d1:b4:d6:
e8:8f:3f:32:77:34:ce:b1:cb:d2:02:fd:93:aa:f5:d3:a9:4d:
b3:21:f2:e1:51:b2:9d:e0:0f:b9:3e:26:cd:19:d5:1b:a7:aa:
41:4c:34:0e:e4:da:61:55:bf:d5:24:d6:48:89:3e:cb:7a:67:
ff:03:dd:2d:f9:34:76:40:8c:72:59:72:b1:8a:68:91:99:95:
42:2e:52:23:1c:b3:3a:63:98:fe:ad:42:e4:04:91:a0:dd:45:
8f:37:4f:91:85:02:de:d5:cf:68:9d:3c:03:b3:0c:1f:d0:c4:
aa:34:2c:a8:3b:33:9d:1b:61:3e:1a:af:86:d8:5b:0d:56:8c:
79:c6:4c:db:03:6e:3d:5b:b9:f2:74:d4:fc:7d:83:2b:18:62:
dc:5a:22:75:a5:10:45:cb:fe:6a:4d:83:53:86:ff:0b:3c:1f:
66:30:cd:e0:21:9d:12:b9:bd:d2:e8:20:2f:b0:b5:48:d5:cf:
62:42:35:a3:9b:20:14:f2:bd:36:d4:25:cc:3e:2b:ce:03:d3:
7a:65:c9:a0:62:99:28:f4:ed:56:83:f9:c4:62:e4:81:ec:a3:
9d:08:c8:b8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUUwcOgCEXY0dWDYFx0YXZ4GdhQ98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZG
NzNFN0Q1MDAeFw0yMzExMjYxMTAzNDRaFw0yNDExMjQxMTA4NDRaMDMxMTAvBgNV
BAMTKERBQTJEMkMxNDkyMUVFNjgyNDc5M0U1M0ExNUFGNDk3MkFFM0RGRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0/n2nUUagun+N6n+CehXFMMGh
/RYop3ObrFOKt1x8oG/Oxy+s08xJruSHglxwRzbaqeraZODLAKRrCSDSYdj83xUJ
UsM2NlYDZZqjEx0/+TL2ZV9aEIOtTV9qzCI7wGlrJJKTIMbHU1Jik0H9HJLnCAZG
tIoK2fHuIzlhL92mKpZE/d1Vxx4h/v0FqNkycz6m3Z9XuaLbPVQ7AT6SQ664uN0F
PKWlJ9Fa0cOPQT2VITdpjWXbE4eqClzwAJbF7h5fewhUOJQIhznwh3fhV+ssof7l
Ouwoinhs10wygguNtUW5NHI/LGkj+p6/diqvLqs3hitMSah0epLPv5ZnuLynAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQU2qLSwUkh7mgkeT5ToVr0lyrj39gwHwYDVR0j
BBgwFoAUzcAUZp04EVKvuUt2k2Jov/c+fVAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzIvQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZGNzNFN0Q1MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9DREMwMTQ2NjlEMzgxMTUyQUZCOTRCNzY5
MzYyNjhCRkY3M0U3RDUwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMjUzZDk3My1kNWJmLTQ1NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzAzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoRKcCQBDANBgkqhkiG9w0BAQsFAAOCAQEAdLk5
4n+mzj3ZmVSxlFq1ZaNQW5W3fu56hTVN/MbKsg/a0bTW6I8/Mnc0zrHL0gL9k6r1
06lNsyHy4VGyneAPuT4mzRnVG6eqQUw0DuTaYVW/1STWSIk+y3pn/wPdLfk0dkCM
cllysYpokZmVQi5SIxyzOmOY/q1C5ASRoN1FjzdPkYUC3tXPaJ08A7MMH9DEqjQs
qDsznRthPhqvhthbDVaMecZM2wNuPVu58nTU/H2DKxhi3FoidaUQRcv+ak2DU4b/
CzwfZjDN4CGdErm90uggL7C1SNXPYkI1o5sgFPK9NtQlzD4rzgPTemXJoGKZKPTt
VoP5xGLkgeyjnQjIuA==
-----END CERTIFICATE-----
Generated at Tue May 28 19:13:13 2024 by rpki-client on console-fra.rpki-client.org