Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35392e302f32342d3234203d3e20383334.roa
File: 38352e3135382e35392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: oPOXOePe7tD7d70k97T+FhjUpO44U0Cnwdorlmb9lvQ=
Subject key identifier: 4B:3F:34:24:F0:DD:6B:2E:8A:62:F2:34:FC:15:7E:1E:15:6E:5D:A0
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4BD316304E10582CF527823369C0055C9ACC11C0
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35392e302f32342d3234203d3e20383334.roa
Signing time: Wed 29 Nov 2023 00:00:04 +0000
ROA not before: Tue 28 Nov 2023 23:55:04 +0000
ROA not after: Wed 27 Nov 2024 00:00:04 +0000
asID: 834
IP address blocks: 85.158.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 05:59:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d3:16:30:4e:10:58:2c:f5:27:82:33:69:c0:05:5c:9a:cc:11:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 28 23:55:04 2023 GMT
Not After : Nov 27 00:00:04 2024 GMT
Subject: CN=4B3F3424F0DD6B2E8A62F234FC157E1E156E5DA0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:58:22:cb:60:9d:e7:a7:5f:f1:c2:c9:4e:01:
b5:62:d6:4f:08:d7:c7:9c:2b:f0:79:7d:27:9a:8e:
2d:59:19:c2:f9:e3:b2:ec:52:6b:e8:15:9d:72:38:
8e:9e:34:2b:de:95:45:c6:1f:71:8e:1f:64:5b:74:
20:26:99:d4:02:f8:16:87:ca:7b:89:5f:b4:5c:f9:
4e:5b:69:45:2b:6f:e4:ea:30:7e:fa:a7:0b:3f:70:
ec:1e:43:e9:47:d4:1e:82:c4:ce:71:57:56:18:00:
9a:a0:52:2d:5a:3d:ce:c7:6b:30:9f:92:54:c5:3a:
2a:8d:fc:48:88:89:4e:98:61:b9:be:94:0a:6d:09:
b4:b5:1e:15:a3:06:d3:12:d7:31:58:a6:de:f1:9a:
1c:78:8c:09:88:7d:c6:15:e4:1f:11:a4:86:43:1f:
f7:28:c4:69:74:cd:63:49:41:48:71:a5:25:5a:c5:
19:41:96:52:56:f5:12:49:fa:9d:d4:09:d9:85:84:
89:b1:27:ca:4a:69:1a:ce:dc:43:e4:6c:d2:d9:8d:
80:e8:58:2b:49:6a:02:52:78:a7:00:89:47:9a:6b:
19:cd:21:ca:e0:75:18:35:62:39:78:21:00:50:05:
1a:86:32:a7:02:7e:75:4c:10:ed:b1:cc:0d:f7:6a:
b8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3F:34:24:F0:DD:6B:2E:8A:62:F2:34:FC:15:7E:1E:15:6E:5D:A0
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
02:47:e8:d9:dd:97:ed:fa:3e:ee:8c:2b:db:c2:99:a1:0a:9f:
c9:e5:5d:8c:2f:f8:ce:11:42:3f:e0:92:4c:ac:d9:ef:15:74:
d4:c2:a0:0e:a1:35:85:63:2f:02:a2:ab:15:ff:c2:d4:68:8b:
d3:d9:5e:e9:90:ef:84:7b:fb:bc:2a:91:7e:f8:9b:09:f9:24:
38:d5:98:28:8d:6a:0b:f0:4b:b8:d6:b9:48:96:18:90:2c:17:
93:cb:b1:80:b7:94:a4:8e:e3:5f:f8:2a:27:28:f0:d1:01:5f:
bf:e0:57:90:48:97:a2:21:6b:be:6d:82:54:be:89:b5:17:b1:
fa:47:e4:3b:76:74:34:2e:5a:dd:ce:98:c2:39:cb:8f:e7:57:
da:ec:7d:47:98:3d:07:d0:2a:87:1a:5e:29:42:ab:5e:3c:e7:
44:44:14:16:74:c0:a4:f7:5d:fa:34:fa:e4:ad:15:e2:4f:cb:
62:4f:ce:e3:f0:b0:66:ba:a9:8d:4f:d5:e5:54:cc:da:df:57:
5d:20:71:5b:53:2e:f5:65:02:ff:42:c8:fc:3d:b7:b7:de:1f:
83:d1:bd:bd:95:40:e0:4b:b5:4f:d5:b7:01:0e:01:8c:8c:a1:
35:1c:c8:91:ab:8b:31:15:60:39:59:cc:c6:9d:cc:c3:ec:6f:
3b:67:a7:e2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUS9MWME4QWCz1J4IzacAFXJrMEcAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMjgyMzU1MDRaFw0yNDExMjcwMDAwMDRaMDMxMTAvBgNV
BAMTKDRCM0YzNDI0RjBERDZCMkU4QTYyRjIzNEZDMTU3RTFFMTU2RTVEQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQWCLLYJ3np1/xwslOAbVi1k8I
18ecK/B5fSeaji1ZGcL547LsUmvoFZ1yOI6eNCvelUXGH3GOH2RbdCAmmdQC+BaH
ynuJX7Rc+U5baUUrb+TqMH76pws/cOweQ+lH1B6CxM5xV1YYAJqgUi1aPc7HazCf
klTFOiqN/EiIiU6YYbm+lAptCbS1HhWjBtMS1zFYpt7xmhx4jAmIfcYV5B8RpIZD
H/coxGl0zWNJQUhxpSVaxRlBllJW9RJJ+p3UCdmFhImxJ8pKaRrO3EPkbNLZjYDo
WCtJagJSeKcAiUeaaxnNIcrgdRg1Yjl4IQBQBRqGMqcCfnVMEO2xzA33arhjAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUSz80JPDday6KYvI0/BV+HhVuXaAwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ47MA0G
CSqGSIb3DQEBCwUAA4IBAQACR+jZ3Zft+j7ujCvbwpmhCp/J5V2ML/jOEUI/4JJM
rNnvFXTUwqAOoTWFYy8CoqsV/8LUaIvT2V7pkO+Ee/u8KpF++JsJ+SQ41ZgojWoL
8Eu41rlIlhiQLBeTy7GAt5SkjuNf+ConKPDRAV+/4FeQSJeiIWu+bYJUvom1F7H6
R+Q7dnQ0LlrdzpjCOcuP51fa7H1HmD0H0CqHGl4pQqtePOdERBQWdMCk9136NPrk
rRXiT8tiT87j8LBmuqmNT9XlVMza31ddIHFbUy71ZQL/Qsj8Pbe33h+D0b29lUDg
S7VP1bcBDgGMjKE1HMiRq4sxFWA5WczGnczD7G87Z6fi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org