Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e20323035323230.roa
File: 38352e3233372e3230322e302f32342d3234203d3e20323035323230.roa (raw, json)
Hash identifier: wDQNOB2TKP3TFZO20wIqJt+8Dt+lVkkfNkUqv3HfBFU=
Subject key identifier: BC:88:A3:26:D0:5D:3C:41:BF:E0:26:EC:A1:1E:6F:52:26:80:BA:39
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 47D4CCD17734200FAE49095C80E63B61ECD4D3A0
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e20323035323230.roa
Signing time: Tue 28 May 2024 20:30:41 +0000
ROA not before: Tue 28 May 2024 20:25:41 +0000
ROA not after: Tue 27 May 2025 20:30:41 +0000
asID: 205220
IP address blocks: 85.237.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:d4:cc:d1:77:34:20:0f:ae:49:09:5c:80:e6:3b:61:ec:d4:d3:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: May 28 20:25:41 2024 GMT
Not After : May 27 20:30:41 2025 GMT
Subject: CN=BC88A326D05D3C41BFE026ECA11E6F522680BA39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:92:64:9f:18:54:28:49:2b:98:2e:be:3c:ed:
22:19:01:6d:f3:f1:c4:cd:0b:97:e5:ad:bd:11:31:
63:6d:a0:9f:22:99:aa:43:81:66:30:e2:18:13:b9:
97:e1:4b:64:9a:78:dd:80:69:5a:bd:0a:f3:28:aa:
84:3a:c3:8d:9a:dc:66:ef:ab:ff:33:37:75:0b:6f:
e3:88:4e:56:ca:87:fa:e3:e6:65:47:be:90:20:b4:
e3:06:74:f9:0e:1a:3e:23:bc:5c:84:70:e8:c8:e7:
11:6c:de:10:02:28:0a:c9:97:69:6e:ed:d1:8b:db:
15:66:5a:4a:14:e3:03:a9:34:3e:fd:09:fb:20:f4:
b4:2a:20:07:27:3b:4a:88:9c:dc:97:56:42:ba:94:
13:15:fd:e4:19:f1:ea:61:1b:30:7e:fa:3b:0c:48:
54:29:fa:96:be:3e:29:86:00:1c:92:1e:05:27:2b:
af:0e:3f:82:ca:7d:d2:aa:b6:af:f2:20:93:0e:7b:
eb:90:62:85:95:16:7b:c9:98:a6:5e:6d:e4:84:7c:
9e:36:04:3d:15:ec:0d:96:05:78:52:0e:40:56:f3:
28:ab:9d:bb:a1:99:4a:d1:1e:50:fa:ae:bf:1d:f3:
7f:89:c0:8b:ff:58:08:c1:5a:c8:b7:13:f3:2e:95:
f4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:88:A3:26:D0:5D:3C:41:BF:E0:26:EC:A1:1E:6F:52:26:80:BA:39
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e20323035323230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.202.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:8c:86:ba:01:c2:e4:2f:3b:c4:4c:c6:ad:28:bf:ef:15:b7:
fe:93:38:6e:4a:c6:3f:a7:2b:17:9b:7f:ac:c3:8d:5a:89:03:
54:eb:9f:59:eb:21:1e:dc:d1:3e:1e:89:ff:29:c1:21:61:3c:
c3:76:4d:5e:07:41:41:58:b5:b7:82:d0:4c:8e:d4:0d:b0:7b:
9d:23:97:bd:fe:6e:cc:20:60:46:fc:64:0a:2e:0c:2f:96:84:
b1:04:fa:09:b9:81:de:5a:07:f4:39:7b:e3:0c:d3:82:76:36:
e6:be:6f:fa:e0:1a:02:33:1a:74:27:c7:06:2f:06:b7:a3:02:
4b:47:a9:ce:b1:82:9c:67:3d:55:9c:07:9e:53:a4:58:e0:12:
e9:dd:7c:78:e3:7d:0c:ad:87:a1:30:ef:76:f3:61:14:51:55:
22:1b:08:ee:cb:71:46:a6:cd:2f:af:ab:fc:8f:b7:8c:47:05:
8f:a3:6d:04:71:1c:27:61:e2:da:e5:de:ea:16:e7:81:a5:89:
e7:6f:46:f2:98:1e:06:66:a9:1f:88:07:4b:0f:68:07:90:3b:
50:0e:8a:9e:d0:bb:4e:67:78:5d:99:5d:e2:a3:07:29:f7:1f:
52:82:e8:74:5a:6d:39:d0:9e:38:c3:11:e8:64:cd:a6:25:25:
18:9e:fd:c5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUR9TM0Xc0IA+uSQlcgOY7YezU06AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDA1MjgyMDI1NDFaFw0yNTA1MjcyMDMwNDFaMDMxMTAvBgNV
BAMTKEJDODhBMzI2RDA1RDNDNDFCRkUwMjZFQ0ExMUU2RjUyMjY4MEJBMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9kmSfGFQoSSuYLr487SIZAW3z
8cTNC5flrb0RMWNtoJ8imapDgWYw4hgTuZfhS2SaeN2AaVq9CvMoqoQ6w42a3Gbv
q/8zN3ULb+OITlbKh/rj5mVHvpAgtOMGdPkOGj4jvFyEcOjI5xFs3hACKArJl2lu
7dGL2xVmWkoU4wOpND79Cfsg9LQqIAcnO0qInNyXVkK6lBMV/eQZ8ephGzB++jsM
SFQp+pa+PimGABySHgUnK68OP4LKfdKqtq/yIJMOe+uQYoWVFnvJmKZebeSEfJ42
BD0V7A2WBXhSDkBW8yirnbuhmUrRHlD6rr8d83+JwIv/WAjBWsi3E/MulfQJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvIijJtBdPEG/4CbsoR5vUiaAujkwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzUzMjMyMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cowDQYJKoZIhvcNAQELBQADggEBAI+MhroBwuQvO8RMxq0ov+8Vt/6TOG5K
xj+nKxebf6zDjVqJA1Trn1nrIR7c0T4eif8pwSFhPMN2TV4HQUFYtbeC0EyO1A2w
e50jl73+bswgYEb8ZAouDC+WhLEE+gm5gd5aB/Q5e+MM04J2Nua+b/rgGgIzGnQn
xwYvBrejAktHqc6xgpxnPVWcB55TpFjgEundfHjjfQyth6Ew73bzYRRRVSIbCO7L
cUamzS+vq/yPt4xHBY+jbQRxHCdh4trl3uoW54GliedvRvKYHgZmqR+IB0sPaAeQ
O1AOip7Qu05neF2ZXeKjByn3H1KC6HRabTnQnjjDEehkzaYlJRie/cU=
Generated at Mon Oct 28 01:30:50 2024 by rpki-client on console-fra.rpki-client.org