Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a386530303a3a2f34302d3430203d3e203530333835.roa
File: 326131343a373538313a386530303a3a2f34302d3430203d3e203530333835.roa (raw, json)
Hash identifier: YdRX1rsfG9s2hcinwyU7o5PoIFIx8slkaDzkTs2U6Jg=
Subject key identifier: D5:2A:4F:3C:B2:89:F9:48:2D:26:36:79:73:90:2A:2E:97:26:AA:72
Certificate issuer: /CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Certificate serial: 691DA34FBA3C50E6E4C715598352438590202406
Authority key identifier: 08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a386530303a3a2f34302d3430203d3e203530333835.roa
Signing time: Fri 17 May 2024 16:15:35 +0000
ROA not before: Fri 17 May 2024 16:10:35 +0000
ROA not after: Fri 16 May 2025 16:15:35 +0000
asID: 50385
IP address blocks: 2a14:7581:8e00::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 18 May 2024 12:28:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:1d:a3:4f:ba:3c:50:e6:e4:c7:15:59:83:52:43:85:90:20:24:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Validity
Not Before: May 17 16:10:35 2024 GMT
Not After : May 16 16:15:35 2025 GMT
Subject: CN=D52A4F3CB289F9482D26367973902A2E9726AA72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:96:a5:9a:a9:91:1f:16:69:30:44:95:b1:
07:53:ec:c9:c5:21:5b:f4:e1:7e:4e:85:9b:9f:d1:
bc:a4:59:37:d1:2a:99:4b:b5:ab:6c:69:1d:4e:0c:
01:ad:c5:21:9f:81:d2:70:02:9d:28:15:c6:44:04:
8e:31:40:4a:f2:ba:09:f7:25:c8:3f:11:69:1a:d9:
c9:61:b3:7c:00:22:92:66:ad:4b:cf:76:0a:19:dc:
b3:17:cb:53:66:25:35:01:a3:ab:d0:f5:30:ed:91:
52:d2:4a:5f:b2:b2:56:9e:ca:07:00:46:aa:85:c4:
ca:df:a2:9a:b8:27:d4:73:fd:b5:d3:f3:c9:e9:37:
33:b9:ef:ea:92:08:e2:a0:e6:f8:68:2c:0e:6a:c0:
0a:12:aa:77:48:3e:ac:99:b9:4e:ff:2e:de:67:e1:
32:68:3c:df:55:8a:83:7d:32:ce:4b:72:d2:0f:9c:
50:29:ff:dc:bb:ed:c4:72:9f:c9:1d:9e:91:36:33:
42:0f:43:79:d8:69:3a:06:9b:97:a2:57:60:f8:67:
96:7c:67:81:ef:58:dc:f0:06:37:d9:3c:e4:8a:2b:
c2:39:28:b3:c0:69:40:65:82:a4:8e:39:1a:11:5f:
57:6c:07:73:43:aa:35:8b:a3:a6:38:b9:cd:d6:25:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2A:4F:3C:B2:89:F9:48:2D:26:36:79:73:90:2A:2E:97:26:AA:72
X509v3 Authority Key Identifier:
keyid:08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a386530303a3a2f34302d3430203d3e203530333835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:8e00::/40
Signature Algorithm: sha256WithRSAEncryption
08:76:ea:31:43:0d:45:cd:65:68:a1:f8:8f:d8:3e:b2:16:bf:
74:06:5d:c6:bb:ea:8f:ab:b1:2e:cb:8e:2b:1c:d2:3e:4e:43:
1f:9e:de:8a:d6:bc:ad:b5:77:f5:7e:d4:6e:d8:c5:09:d7:dc:
c0:a5:f5:fc:2a:0f:70:82:95:28:cc:1e:68:88:af:bd:52:7a:
da:e3:7a:1e:d9:07:86:f3:6b:ac:df:9a:fd:24:8c:6d:ff:e4:
c9:cd:82:3e:4c:b0:90:d4:d9:13:d4:b8:94:38:2e:98:b2:fd:
f7:98:37:c8:35:98:84:e1:88:cc:72:a8:b1:7b:55:e2:79:54:
5e:3b:39:71:83:a7:17:dc:66:23:f3:37:e6:6b:b6:02:66:f0:
01:1d:2e:d0:0b:f8:4e:d5:2d:1b:2d:83:29:80:6a:91:0a:cc:
7e:fc:d4:0d:e9:7f:b5:1f:92:14:64:5c:a6:63:84:48:d4:0e:
93:b7:2d:3d:8f:f6:fc:02:b7:b7:7d:47:42:ae:e5:c0:68:65:
3a:e6:8e:7d:8a:7d:70:ac:5e:77:88:a1:38:08:d9:ff:61:5a:
2a:eb:07:04:63:8e:46:23:6b:34:d3:34:49:a6:b9:a2:05:d8:
9c:d8:a5:7e:fa:fb:14:d4:42:7b:cf:76:11:65:30:dc:02:92:
97:7f:4b:2b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUaR2jT7o8UObkxxVZg1JDhZAgJAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3
OEU5RjM5QjAeFw0yNDA1MTcxNjEwMzVaFw0yNTA1MTYxNjE1MzVaMDMxMTAvBgNV
BAMTKEQ1MkE0RjNDQjI4OUY5NDgyRDI2MzY3OTczOTAyQTJFOTcyNkFBNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC71JalmqmRHxZpMESVsQdT7MnF
IVv04X5OhZuf0bykWTfRKplLtatsaR1ODAGtxSGfgdJwAp0oFcZEBI4xQEryugn3
Jcg/EWka2clhs3wAIpJmrUvPdgoZ3LMXy1NmJTUBo6vQ9TDtkVLSSl+yslaeygcA
RqqFxMrfopq4J9Rz/bXT88npNzO57+qSCOKg5vhoLA5qwAoSqndIPqyZuU7/Lt5n
4TJoPN9VioN9Ms5LctIPnFAp/9y77cRyn8kdnpE2M0IPQ3nYaToGm5eiV2D4Z5Z8
Z4HvWNzwBjfZPOSKK8I5KLPAaUBlgqSOORoRX1dsB3NDqjWLo6Y4uc3WJX3bAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQU1SpPPLKJ+UgtJjZ5c5AqLpcmqnIwHwYDVR0j
BBgwFoAUCHSAEWTclfCrnM1L0wSj73jp85swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzEvMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3OEU5RjM5Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJE
MzA0QTNFRjc4RTlGMzlCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zYzhlNGUxMS0zYWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM4NjUzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzUz
MDMzMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoUdYGOMA0GCSqGSIb3DQEBCwUAA4IBAQAIduox
Qw1FzWVoofiP2D6yFr90Bl3Gu+qPq7Euy44rHNI+TkMfnt6K1ryttXf1ftRu2MUJ
19zApfX8Kg9wgpUozB5oiK+9Unra43oe2QeG82us35r9JIxt/+TJzYI+TLCQ1NkT
1LiUOC6Ysv33mDfINZiE4YjMcqixe1XieVReOzlxg6cX3GYj8zfma7YCZvABHS7Q
C/hO1S0bLYMpgGqRCsx+/NQN6X+1H5IUZFymY4RI1A6Tty09j/b8Are3fUdCruXA
aGU65o59in1wrF53iKE4CNn/YVoq6wcEY45GI2s00zRJprmiBdic2KV++vsU1EJ7
z3YRZTDcApKXf0sr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:12 2024 by rpki-client on console-fra.rpki-client.org