Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f34302d3430203d3e203530333835.roa
File: 326131343a373538313a383030303a3a2f34302d3430203d3e203530333835.roa (raw, json)
Hash identifier: PYKvVem4fZPsbZpJJ5RD7HZMDVQTIuwi2ywBLLt3F4Q=
Subject key identifier: 5A:6B:E0:A9:99:5E:15:7C:D5:2B:F3:6E:3B:1F:C6:43:45:81:27:32
Certificate issuer: /CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Certificate serial: 4FBCF1525946BFE6519568F7D4F5A34860302F21
Authority key identifier: 08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f34302d3430203d3e203530333835.roa
Signing time: Fri 17 May 2024 16:07:09 +0000
ROA not before: Fri 17 May 2024 16:02:09 +0000
ROA not after: Fri 16 May 2025 16:07:09 +0000
asID: 50385
IP address blocks: 2a14:7581:8000::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 18 May 2024 12:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:bc:f1:52:59:46:bf:e6:51:95:68:f7:d4:f5:a3:48:60:30:2f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Validity
Not Before: May 17 16:02:09 2024 GMT
Not After : May 16 16:07:09 2025 GMT
Subject: CN=5A6BE0A9995E157CD52BF36E3B1FC64345812732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:b7:f5:7a:96:ce:9d:79:8c:8b:98:fe:22:
a9:08:90:eb:1a:86:f6:1a:61:12:2e:00:57:c1:f3:
da:91:b5:7e:93:02:ea:e3:f5:26:89:b0:d8:e5:f3:
b8:70:ad:33:f3:25:9b:09:92:b4:33:28:4b:15:34:
ea:11:f1:bc:42:8f:29:41:0c:31:0d:8a:04:5f:7c:
3e:01:1c:96:74:0b:9f:32:b5:01:19:9b:80:62:af:
94:66:f3:8c:df:54:d7:1c:4e:0b:ee:af:b1:7b:8b:
4c:14:61:d8:0e:92:f3:7b:d0:4d:42:dc:4f:7a:ca:
30:e3:8d:81:fa:0d:04:19:b7:aa:0b:f2:5b:58:f8:
85:61:0c:92:72:d8:96:d4:df:f7:c0:6d:34:19:2a:
ec:d7:20:fb:63:27:de:b1:8d:b3:64:f7:56:78:f9:
19:c2:88:09:c1:e9:5f:93:d3:ee:e0:69:90:06:c6:
9d:1d:92:4b:bb:9b:db:98:a9:26:64:8d:52:39:19:
cb:05:14:7c:01:96:8f:e9:17:3b:6e:12:4e:a6:2d:
5b:ab:a6:dc:43:34:0b:2a:2e:81:d3:a6:35:c7:a0:
95:88:5a:07:e2:a0:cb:19:c4:5b:97:65:86:b5:1a:
ba:bf:21:4f:d0:27:04:f1:09:d4:18:86:59:d7:a3:
a3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6B:E0:A9:99:5E:15:7C:D5:2B:F3:6E:3B:1F:C6:43:45:81:27:32
X509v3 Authority Key Identifier:
keyid:08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f34302d3430203d3e203530333835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:8000::/40
Signature Algorithm: sha256WithRSAEncryption
e4:ff:c0:c5:e7:ac:80:0d:f8:ea:9b:de:5f:3b:dc:10:45:86:
c6:c3:0f:f4:02:1d:c9:5b:bd:d0:98:87:f3:af:6c:6d:81:89:
4a:db:a0:43:ba:e3:a4:9d:9b:28:f5:ee:aa:64:f7:47:c2:f3:
56:6d:7a:77:ef:30:5b:72:f0:6f:ae:92:d2:7d:86:6f:dc:3c:
ce:93:ed:4c:4f:95:9f:93:58:36:bb:fc:a9:e3:4b:4e:39:36:
58:d4:20:13:a0:00:01:40:db:ba:cd:5b:03:f5:b6:b8:ac:23:
3c:54:cd:3c:20:37:3a:50:d0:86:bd:6c:0a:9d:18:38:7c:12:
4b:57:25:2e:31:26:5d:d3:66:f9:53:7d:79:f0:14:ed:8d:c3:
fe:32:3f:c3:bc:bc:dd:f8:c7:f8:e0:0f:76:f7:aa:2c:80:f7:
fb:37:9f:bb:2b:ac:fe:4c:45:66:0b:75:76:6e:28:aa:7c:29:
7e:d0:4a:7c:82:ad:c0:e2:98:dc:4e:95:86:c7:f1:6b:fc:d5:
e9:94:5e:61:db:ef:81:f7:ed:6f:f6:7f:ba:da:4a:42:e2:24:
5b:05:e0:6e:d6:fc:9f:ba:29:10:8d:fd:2f:e9:96:ed:b9:39:
12:35:92:5a:92:26:47:41:7c:39:46:9b:d2:0f:fe:37:a0:05:
a7:9e:a9:4e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUT7zxUllGv+ZRlWj31PWjSGAwLyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3
OEU5RjM5QjAeFw0yNDA1MTcxNjAyMDlaFw0yNTA1MTYxNjA3MDlaMDMxMTAvBgNV
BAMTKDVBNkJFMEE5OTk1RTE1N0NENTJCRjM2RTNCMUZDNjQzNDU4MTI3MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC35rf1epbOnXmMi5j+IqkIkOsa
hvYaYRIuAFfB89qRtX6TAurj9SaJsNjl87hwrTPzJZsJkrQzKEsVNOoR8bxCjylB
DDENigRffD4BHJZ0C58ytQEZm4Bir5Rm84zfVNccTgvur7F7i0wUYdgOkvN70E1C
3E96yjDjjYH6DQQZt6oL8ltY+IVhDJJy2JbU3/fAbTQZKuzXIPtjJ96xjbNk91Z4
+RnCiAnB6V+T0+7gaZAGxp0dkku7m9uYqSZkjVI5GcsFFHwBlo/pFztuEk6mLVur
ptxDNAsqLoHTpjXHoJWIWgfioMsZxFuXZYa1Grq/IU/QJwTxCdQYhlnXo6OpAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUWmvgqZleFXzVK/NuOx/GQ0WBJzIwHwYDVR0j
BBgwFoAUCHSAEWTclfCrnM1L0wSj73jp85swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzEvMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3OEU5RjM5Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJE
MzA0QTNFRjc4RTlGMzlCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zYzhlNGUxMS0zYWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM4MzAzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzUz
MDMzMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoUdYGAMA0GCSqGSIb3DQEBCwUAA4IBAQDk/8DF
56yADfjqm95fO9wQRYbGww/0Ah3JW73QmIfzr2xtgYlK26BDuuOknZso9e6qZPdH
wvNWbXp37zBbcvBvrpLSfYZv3DzOk+1MT5Wfk1g2u/yp40tOOTZY1CAToAABQNu6
zVsD9ba4rCM8VM08IDc6UNCGvWwKnRg4fBJLVyUuMSZd02b5U3158BTtjcP+Mj/D
vLzd+Mf44A9296osgPf7N5+7K6z+TEVmC3V2biiqfCl+0Ep8gq3A4pjcTpWGx/Fr
/NXplF5h2++B9+1v9n+62kpC4iRbBeBu1vyfuikQjf0v6ZbtuTkSNZJakiZHQXw5
RpvSD/43oAWnnqlO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:12 2024 by rpki-client on console-fra.rpki-client.org