Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35382e302f32342d3234203d3e20383334.roa
File: 38352e3135382e35382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: SIbmRaziwbt/HFQbv56hGUbfAdku2mpMOkk9/B6bnFU=
Subject key identifier: 12:36:71:99:5B:A8:6F:AC:8E:8B:C7:BD:50:74:01:6D:B5:58:BA:D4
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 609AEEE42DC287F6BA5BF3787BFE32B7FDBE8717
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35382e302f32342d3234203d3e20383334.roa
Signing time: Tue 30 Apr 2024 00:02:03 +0000
ROA not before: Mon 29 Apr 2024 23:57:03 +0000
ROA not after: Tue 29 Apr 2025 00:02:03 +0000
asID: 834
IP address blocks: 85.158.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 06:53:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:9a:ee:e4:2d:c2:87:f6:ba:5b:f3:78:7b:fe:32:b7:fd:be:87:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Apr 29 23:57:03 2024 GMT
Not After : Apr 29 00:02:03 2025 GMT
Subject: CN=123671995BA86FAC8E8BC7BD5074016DB558BAD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:68:c5:65:d3:e4:41:3a:79:78:4d:ed:82:40:
13:2d:47:cb:16:24:25:bf:c9:f9:cf:38:09:74:12:
72:bb:6d:71:56:37:81:6b:e1:bd:31:b0:65:9c:f6:
d9:69:94:ea:1b:45:2f:cf:47:ec:ef:a5:39:48:8e:
be:0a:69:ef:84:57:c1:ff:05:70:ef:13:7f:a1:a0:
9a:63:87:b6:53:a7:ee:e4:c3:47:b3:27:ef:5b:d1:
c6:b6:42:75:cd:dd:5e:9b:02:d3:1b:b1:70:7c:8f:
32:db:55:34:cc:2e:5a:40:56:01:d7:06:83:5b:96:
a9:14:b7:62:cf:24:7d:f4:14:33:35:e3:34:6c:8c:
d6:c9:1e:7b:86:3e:46:9b:ad:01:2e:f9:0b:77:cd:
ca:75:12:7e:3e:31:46:22:87:e1:fc:6f:3d:ca:11:
26:ac:a3:56:d8:42:32:e9:0a:eb:69:20:3b:80:d7:
57:34:3c:79:0a:00:c5:fe:19:25:65:bc:59:9a:e1:
67:89:84:0a:10:8b:19:3e:ae:9d:20:e6:d0:9c:73:
3b:43:29:b0:8b:b2:81:db:59:0d:05:39:8d:e5:fb:
8b:ee:c9:2f:39:82:a5:69:f4:56:93:57:60:27:2c:
34:97:e7:90:14:0f:06:2f:21:b4:e4:1e:b0:f5:6a:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:36:71:99:5B:A8:6F:AC:8E:8B:C7:BD:50:74:01:6D:B5:58:BA:D4
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ab:5d:90:29:9b:e3:ea:e8:78:aa:b9:7e:e4:f6:63:4e:29:
84:44:d3:79:4a:9c:7e:4f:fe:75:b7:97:f5:f3:91:95:9e:f0:
99:e2:10:7b:79:02:e1:5e:28:97:fd:0f:e4:e2:2e:26:c3:aa:
a3:f9:66:41:da:75:7d:87:81:be:44:59:7c:22:57:2c:bd:30:
76:e9:e8:76:43:2b:85:2f:01:d7:22:20:0d:d3:18:f1:02:fc:
dc:6e:ad:60:53:f8:34:0e:c0:22:f5:54:40:19:65:cc:b8:1b:
f6:f6:8a:48:ac:4d:67:73:e1:21:9f:20:8a:77:9e:26:9e:62:
38:69:87:77:9d:ab:27:8f:12:68:d2:b5:aa:31:5e:41:b5:14:
30:d1:26:21:2a:9b:14:a3:da:40:8f:df:0c:02:9d:81:9a:f9:
d6:d7:10:13:89:e7:dc:63:1a:7a:85:09:ef:be:ff:d9:ed:65:
84:76:a0:24:17:ed:82:8a:fc:0c:72:50:0a:bf:04:1c:3f:5b:
47:b9:b0:f2:c4:be:f4:4b:7b:45:5b:7b:00:a6:35:77:25:85:
d6:35:78:00:fd:81:ba:0f:01:05:8e:fd:76:23:ee:cb:69:14:
e5:98:40:83:24:94:f0:79:f3:86:e8:77:75:06:79:32:61:a4:
b4:94:ac:69
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUYJru5C3Ch/a6W/N4e/4yt/2+hxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA0MjkyMzU3MDNaFw0yNTA0MjkwMDAyMDNaMDMxMTAvBgNV
BAMTKDEyMzY3MTk5NUJBODZGQUM4RThCQzdCRDUwNzQwMTZEQjU1OEJBRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClaMVl0+RBOnl4Te2CQBMtR8sW
JCW/yfnPOAl0EnK7bXFWN4Fr4b0xsGWc9tlplOobRS/PR+zvpTlIjr4Kae+EV8H/
BXDvE3+hoJpjh7ZTp+7kw0ezJ+9b0ca2QnXN3V6bAtMbsXB8jzLbVTTMLlpAVgHX
BoNblqkUt2LPJH30FDM14zRsjNbJHnuGPkabrQEu+Qt3zcp1En4+MUYih+H8bz3K
ESaso1bYQjLpCutpIDuA11c0PHkKAMX+GSVlvFma4WeJhAoQixk+rp0g5tCccztD
KbCLsoHbWQ0FOY3l+4vuyS85gqVp9FaTV2AnLDSX55AUDwYvIbTkHrD1arZVAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUEjZxmVuob6yOi8e9UHQBbbVYutQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ46MA0G
CSqGSIb3DQEBCwUAA4IBAQBsq12QKZvj6uh4qrl+5PZjTimERNN5Spx+T/51t5f1
85GVnvCZ4hB7eQLhXiiX/Q/k4i4mw6qj+WZB2nV9h4G+RFl8IlcsvTB26eh2QyuF
LwHXIiAN0xjxAvzcbq1gU/g0DsAi9VRAGWXMuBv29opIrE1nc+EhnyCKd54mnmI4
aYd3nasnjxJo0rWqMV5BtRQw0SYhKpsUo9pAj98MAp2BmvnW1xATiefcYxp6hQnv
vv/Z7WWEdqAkF+2CivwMclAKvwQcP1tHubDyxL70S3tFW3sApjV3JYXWNXgA/YG6
DwEFjv12I+7LaRTlmECDJJTwefOG6Hd1BnkyYaS0lKxp
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:21:02 2024 by rpki-client on console-ams.rpki-client.org