Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/1/326130353a646663313a383530313a3a2f34382d3438203d3e20323136343535.roa
File: 326130353a646663313a383530313a3a2f34382d3438203d3e20323136343535.roa (raw, json)
Hash identifier: 7UpQOa5HKdvnFwQLSIQ5hDPt6Cku5RbJc5IV81KgH98=
Subject key identifier: 46:95:D2:3A:1B:84:47:A1:0D:16:06:5C:35:7C:07:49:0B:86:91:18
Certificate issuer: /CN=1305A50FEEC042C917D8EF2D77D1D2448848C0F9
Certificate serial: 40D77E5B7A4F91CB2AC9074C9C1B19DF7EA016EA
Authority key identifier: 13:05:A5:0F:EE:C0:42:C9:17:D8:EF:2D:77:D1:D2:44:88:48:C0:F9
Authority info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/1305A50FEEC042C917D8EF2D77D1D2448848C0F9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/1/326130353a646663313a383530313a3a2f34382d3438203d3e20323136343535.roa
Signing time: Fri 08 Mar 2024 18:59:53 +0000
ROA not before: Fri 08 Mar 2024 18:54:53 +0000
ROA not after: Fri 07 Mar 2025 18:59:53 +0000
asID: 216455
IP address blocks: 2a05:dfc1:8501::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Mar 2024 01:38:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d7:7e:5b:7a:4f:91:cb:2a:c9:07:4c:9c:1b:19:df:7e:a0:16:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1305A50FEEC042C917D8EF2D77D1D2448848C0F9
Validity
Not Before: Mar 8 18:54:53 2024 GMT
Not After : Mar 7 18:59:53 2025 GMT
Subject: CN=4695D23A1B8447A10D16065C357C07490B869118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4f:03:ca:ba:3f:3c:8f:a0:01:41:d6:db:9f:
cd:e7:1c:9c:bd:66:01:78:79:13:9f:a3:80:a1:f6:
55:8a:23:4f:d1:f7:ed:b3:7c:0f:57:e2:b2:03:69:
58:33:b0:0f:6b:26:4c:3d:13:67:c8:78:c3:99:30:
d4:95:71:1b:09:bb:4c:5a:58:25:b7:c3:96:e3:52:
c7:57:79:58:52:a4:28:3d:ac:cc:fa:df:49:63:b8:
1b:4f:eb:3d:2b:97:fc:30:73:10:0e:97:fa:fd:11:
5e:2a:4a:13:bd:8b:ed:67:dd:32:34:99:ff:68:d3:
cc:31:81:47:32:50:69:10:20:94:58:cf:c7:98:10:
2f:d2:69:f0:50:19:26:23:40:3c:2a:56:f2:4d:af:
bc:6d:f5:3e:b0:44:b4:91:b1:38:cf:42:ae:4c:0a:
37:10:32:95:73:53:c1:a7:48:44:1c:86:d8:20:c3:
77:7f:39:eb:81:5c:a4:75:40:93:c6:db:4a:32:e0:
fc:ca:cf:de:2e:c4:dd:fb:58:b3:5f:d6:c0:db:73:
43:e7:12:cf:e0:4e:01:64:0d:d4:14:86:a1:b3:ec:
67:ab:ad:55:a6:80:8c:16:5e:a6:6f:42:27:f8:60:
fc:e2:27:14:f7:f6:0a:c2:df:a1:09:a8:12:15:d9:
3b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:95:D2:3A:1B:84:47:A1:0D:16:06:5C:35:7C:07:49:0B:86:91:18
X509v3 Authority Key Identifier:
keyid:13:05:A5:0F:EE:C0:42:C9:17:D8:EF:2D:77:D1:D2:44:88:48:C0:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/1/1305A50FEEC042C917D8EF2D77D1D2448848C0F9.crl
Authority Information Access:
CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/1305A50FEEC042C917D8EF2D77D1D2448848C0F9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/5821c47e-e815-42de-bd6b-19a2e1ae564a/1/326130353a646663313a383530313a3a2f34382d3438203d3e20323136343535.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:8501::/48
Signature Algorithm: sha256WithRSAEncryption
42:24:80:b2:a5:22:ff:c4:2e:d2:49:b3:f7:3e:e0:42:79:84:
dc:ce:05:b2:c7:96:fb:0a:82:8a:b3:26:61:e4:f2:d8:80:16:
ca:dd:70:fa:ec:5f:23:b9:c3:95:f9:4b:55:81:a9:95:c2:52:
e0:e5:5c:35:c9:da:c3:6b:e3:43:34:94:ab:bc:75:42:8d:33:
99:89:70:a1:1f:4e:07:7c:2f:9b:02:d3:a5:23:79:ed:99:15:
4b:eb:05:dc:7c:9e:ea:0f:54:ab:77:7f:df:e8:bb:70:5d:62:
65:ef:54:95:a7:da:02:25:aa:79:6f:e3:e7:24:62:aa:43:8e:
02:52:ed:cb:6b:bf:38:92:d1:ab:2b:7f:7a:9b:88:1b:65:af:
7b:dd:68:40:1c:ca:db:cd:db:85:9b:0a:ce:1c:10:f2:0e:08:
61:6d:99:0c:19:38:e0:c5:b3:13:69:6f:f9:22:ff:d3:e3:53:
9b:95:dd:59:93:65:23:9e:31:47:b5:61:50:ab:34:9e:38:d1:
5c:f3:14:a5:4c:ef:7f:ec:1b:13:73:e8:45:46:60:f3:14:ec:
cb:d0:f9:5d:3b:6d:f6:12:3e:47:2c:f6:5e:09:ff:c5:14:48:
d9:bc:b2:68:19:b1:10:60:3d:14:f2:c2:81:19:98:e3:2c:8b:
2d:c5:44:9a
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUQNd+W3pPkcsqyQdMnBsZ336gFuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTMwNUE1MEZFRUMwNDJDOTE3RDhFRjJENzdEMUQyNDQ4
ODQ4QzBGOTAeFw0yNDAzMDgxODU0NTNaFw0yNTAzMDcxODU5NTNaMDMxMTAvBgNV
BAMTKDQ2OTVEMjNBMUI4NDQ3QTEwRDE2MDY1QzM1N0MwNzQ5MEI4NjkxMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuTwPKuj88j6ABQdbbn83nHJy9
ZgF4eROfo4Ch9lWKI0/R9+2zfA9X4rIDaVgzsA9rJkw9E2fIeMOZMNSVcRsJu0xa
WCW3w5bjUsdXeVhSpCg9rMz630ljuBtP6z0rl/wwcxAOl/r9EV4qShO9i+1n3TI0
mf9o08wxgUcyUGkQIJRYz8eYEC/SafBQGSYjQDwqVvJNr7xt9T6wRLSRsTjPQq5M
CjcQMpVzU8GnSEQchtggw3d/OeuBXKR1QJPG20oy4PzKz94uxN37WLNf1sDbc0Pn
Es/gTgFkDdQUhqGz7GerrVWmgIwWXqZvQif4YPziJxT39grC36EJqBIV2TsdAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQURpXSOhuER6ENFgZcNXwHSQuGkRgwHwYDVR0j
BBgwFoAUEwWlD+7AQskX2O8td9HSRIhIwPkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTgyMWM0N2UtZTgxNS00MmRlLWJkNmItMTlhMmUxYWU1
NjRhLzEvMTMwNUE1MEZFRUMwNDJDOTE3RDhFRjJENzdEMUQyNDQ4ODQ4QzBGOS5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wLzEzMDVBNTBGRUVDMDQy
QzkxN0Q4RUYyRDc3RDFEMjQ0ODg0OEMwRjkuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzU4MjFjNDdlLWU4MTUtNDJkZS1iZDZiLTE5YTJlMWFlNTY0
YS8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzgzNTMwMzEzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMjMxMzYzNDM1MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBd/BhQEwDQYJKoZIhvcN
AQELBQADggEBAEIkgLKlIv/ELtJJs/c+4EJ5hNzOBbLHlvsKgoqzJmHk8tiAFsrd
cPrsXyO5w5X5S1WBqZXCUuDlXDXJ2sNr40M0lKu8dUKNM5mJcKEfTgd8L5sC06Uj
ee2ZFUvrBdx8nuoPVKt3f9/ou3BdYmXvVJWn2gIlqnlv4+ckYqpDjgJS7ctrvziS
0asrf3qbiBtlr3vdaEAcytvN24WbCs4cEPIOCGFtmQwZOODFsxNpb/ki/9PjU5uV
3VmTZSOeMUe1YVCrNJ440VzzFKVM73/sGxNz6EVGYPMU7MvQ+V07bfYSPkcs9l4J
/8UUSNm8smgZsRBgPRTywoEZmOMsiy3FRJo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org