Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37362e302f32342d3234203d3e203531323837.roa
File: 3138352e38392e37362e302f32342d3234203d3e203531323837.roa (raw, json)
Hash identifier: bKPCRWQ99QXmmts0jjbdTIl32GeK0EFQ9C5YCr+ok1E=
Subject key identifier: 38:67:FB:36:10:D9:5E:DA:90:88:CB:2C:CC:E4:B2:E0:2D:45:86:39
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 3AB2EE1EA83E0E6524A5EF6801B4D55A58EAA752
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37362e302f32342d3234203d3e203531323837.roa
Signing time: Wed 08 Nov 2023 09:21:27 +0000
ROA not before: Wed 08 Nov 2023 09:16:27 +0000
ROA not after: Wed 06 Nov 2024 09:21:27 +0000
asID: 51287
IP address blocks: 185.89.76.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 00:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b2:ee:1e:a8:3e:0e:65:24:a5:ef:68:01:b4:d5:5a:58:ea:a7:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 8 09:16:27 2023 GMT
Not After : Nov 6 09:21:27 2024 GMT
Subject: CN=3867FB3610D95EDA9088CB2CCCE4B2E02D458639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:b7:61:66:a8:16:59:1b:91:2e:89:62:88:
75:f7:b6:a3:83:23:55:34:c3:2d:5a:55:ea:42:77:
ab:1a:13:14:9f:70:36:fe:a5:4d:75:7a:19:f9:18:
ad:fe:aa:cc:82:1e:cd:f2:bf:a6:45:0e:26:47:85:
b3:f8:d7:b3:66:e3:d9:32:df:cc:15:d6:9e:9d:d3:
63:b7:d0:d7:ef:07:e7:60:d1:d0:77:b9:ab:83:ea:
28:92:09:7a:8a:93:9d:04:58:4e:ff:41:11:07:f3:
6f:8f:13:85:c5:dd:37:c8:33:19:5a:c5:59:c2:d9:
c6:53:a3:f2:f9:c5:71:b0:d5:cd:86:fb:02:59:e9:
eb:5c:26:51:74:41:80:31:e9:44:ed:a5:ae:38:ff:
91:91:cf:38:2b:57:c7:0e:bd:9d:86:b2:81:ee:0d:
3d:eb:3d:df:80:21:a0:47:5a:8b:f4:f1:63:43:a4:
08:6e:f4:57:53:65:16:9f:b8:d1:d1:f3:92:eb:74:
01:99:69:35:d6:cc:ea:78:0e:b0:3a:83:30:0e:36:
35:b9:9e:98:65:fa:c8:c8:ce:f2:30:b1:f3:a1:5e:
22:61:e3:f9:9e:5e:cb:fc:06:39:20:3f:77:fe:c8:
45:9f:3b:70:0a:c2:26:a9:33:ef:cf:92:f8:5b:cf:
c1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:67:FB:36:10:D9:5E:DA:90:88:CB:2C:CC:E4:B2:E0:2D:45:86:39
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37362e302f32342d3234203d3e203531323837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.76.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b2:cf:92:ba:80:74:04:25:b8:c2:49:13:78:2c:65:ed:d6:
fa:71:2a:aa:40:66:1b:c9:35:2b:fc:88:48:bd:ec:d2:24:62:
28:04:a5:f2:77:31:08:43:09:35:2a:c9:2b:02:42:13:18:60:
db:ca:bc:6a:e5:a8:60:16:5b:57:57:e8:c3:87:8e:ac:f7:c1:
ad:8b:09:36:9a:0b:48:55:53:c7:ac:30:f2:09:c3:da:d8:1c:
32:17:d7:fb:39:6f:6f:86:4d:38:7c:d5:9e:4d:29:f6:ac:fc:
50:08:0f:25:7a:78:49:98:3a:8a:5f:d7:0b:36:05:97:b3:f3:
af:e3:57:73:71:66:81:c1:1f:c8:57:e4:da:b9:de:93:d2:31:
ca:92:5f:cc:69:d9:5e:3d:7d:6f:89:ed:bd:3b:42:65:40:57:
bf:a4:8f:96:88:67:7f:3e:16:a9:0b:07:4a:50:c9:32:26:4c:
c1:75:b2:89:e2:65:34:6a:40:c6:d3:c4:74:f3:fb:6f:32:70:
b5:fa:38:b9:cd:2c:ba:d4:7a:06:66:9e:d5:a7:45:69:aa:02:
6a:cf:61:9d:eb:6d:20:c2:3f:62:24:06:86:d4:b8:bd:f8:a3:
b3:f4:4a:ea:48:c5:48:bf:94:09:7e:64:01:a5:a9:49:cf:85:
56:fe:08:0c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOrLuHqg+DmUkpe9oAbTVWljqp1IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMDgwOTE2MjdaFw0yNDExMDYwOTIxMjdaMDMxMTAvBgNV
BAMTKDM4NjdGQjM2MTBEOTVFREE5MDg4Q0IyQ0NDRTRCMkUwMkQ0NTg2MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1DLdhZqgWWRuRLoliiHX3tqOD
I1U0wy1aVepCd6saExSfcDb+pU11ehn5GK3+qsyCHs3yv6ZFDiZHhbP417Nm49ky
38wV1p6d02O30NfvB+dg0dB3uauD6iiSCXqKk50EWE7/QREH82+PE4XF3TfIMxla
xVnC2cZTo/L5xXGw1c2G+wJZ6etcJlF0QYAx6UTtpa44/5GRzzgrV8cOvZ2GsoHu
DT3rPd+AIaBHWov08WNDpAhu9FdTZRafuNHR85LrdAGZaTXWzOp4DrA6gzAONjW5
nphl+sjIzvIwsfOhXiJh4/meXsv8BjkgP3f+yEWfO3AKwiapM+/Pkvhbz8H9AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOGf7NhDZXtqQiMsszOSy4C1FhjkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzODM5MmUzNzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTMyMzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlZ
TDANBgkqhkiG9w0BAQsFAAOCAQEAbLLPkrqAdAQluMJJE3gsZe3W+nEqqkBmG8k1
K/yISL3s0iRiKASl8ncxCEMJNSrJKwJCExhg28q8auWoYBZbV1fow4eOrPfBrYsJ
NpoLSFVTx6ww8gnD2tgcMhfX+zlvb4ZNOHzVnk0p9qz8UAgPJXp4SZg6il/XCzYF
l7Pzr+NXc3FmgcEfyFfk2rnek9IxypJfzGnZXj19b4ntvTtCZUBXv6SPlohnfz4W
qQsHSlDJMiZMwXWyieJlNGpAxtPEdPP7bzJwtfo4uc0sutR6Bmae1adFaaoCas9h
nettIMI/YiQGhtS4vfijs/RK6kjFSL+UCX5kAaWpSc+FVv4IDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:06 2024 by rpki-client on console-ams.rpki-client.org