Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232312e302f32342d3234203d3e20383334.roa
File: 38352e3233372e3232312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: nXTbGzFzTa5wRPQVk41YY3g4T5Gdj6CICRP3edPVIPg=
Subject key identifier: 5E:67:AF:E2:78:ED:BD:53:16:F6:96:D8:B7:9C:27:5E:FD:54:BA:F2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1467C7C5F48F56BD2BC7B6C5994DA15B5617B993
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232312e302f32342d3234203d3e20383334.roa
Signing time: Fri 01 Nov 2024 11:08:08 +0000
ROA not before: Fri 01 Nov 2024 11:03:08 +0000
ROA not after: Fri 31 Oct 2025 11:08:08 +0000
asID: 834
IP address blocks: 85.237.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 15:56:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:67:c7:c5:f4:8f:56:bd:2b:c7:b6:c5:99:4d:a1:5b:56:17:b9:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 1 11:03:08 2024 GMT
Not After : Oct 31 11:08:08 2025 GMT
Subject: CN=5E67AFE278EDBD5316F696D8B79C275EFD54BAF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:50:f9:55:d9:51:7c:59:99:d2:18:7a:b6:4a:
cc:a2:8c:3b:26:d7:f9:65:9e:9f:30:f7:12:b2:94:
06:68:a0:f6:88:c0:ba:a7:37:7d:49:4a:4b:25:bb:
c7:7f:84:d1:ac:13:4b:c0:4e:c1:f7:af:92:26:b9:
82:8d:9b:43:8c:33:de:7d:17:5c:f7:b9:8e:2c:fb:
d2:a2:51:4f:0f:f4:fb:5b:ad:69:8b:99:7d:86:e2:
42:c3:a4:65:f0:2a:79:ff:2c:61:9f:bc:9e:e8:54:
f7:9d:7f:29:a4:dc:8b:7a:be:b3:73:63:1d:04:13:
da:3f:eb:79:34:ca:eb:ea:53:ab:d2:cf:25:70:8b:
e9:17:f9:02:fd:d0:e1:80:72:91:ee:ce:7b:0b:61:
fe:eb:02:d4:63:5e:e7:42:c4:41:a5:db:56:10:27:
8d:5a:23:16:81:83:c3:47:d0:7c:56:e7:09:fd:67:
60:65:5f:4a:4e:83:3e:6a:07:07:b1:d9:cf:72:91:
e5:7f:42:6d:28:5e:dd:5b:12:d4:7b:1a:58:85:c8:
2a:e5:af:52:7c:0b:11:89:f2:e5:07:46:b6:9b:a3:
a0:28:49:a4:e5:92:d7:90:cc:34:a1:07:e9:31:b6:
41:64:b8:04:a0:e1:a5:bd:09:fe:66:d3:af:3e:50:
63:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:67:AF:E2:78:ED:BD:53:16:F6:96:D8:B7:9C:27:5E:FD:54:BA:F2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.221.0/24
Signature Algorithm: sha256WithRSAEncryption
13:d6:67:c3:32:a7:bf:4c:62:45:86:b9:f6:64:ea:ec:21:31:
44:76:ac:b8:84:ea:04:84:89:2e:3b:17:95:4e:83:7f:df:63:
27:3e:07:24:5a:5c:b1:95:e8:35:34:36:63:75:c3:c8:8e:58:
b8:1d:d1:94:ba:97:3b:21:08:20:26:be:83:40:c8:6b:ef:0f:
ed:77:44:57:fa:79:d3:bf:5f:5d:3d:22:42:ef:8c:d5:52:1d:
73:b3:7a:6a:31:1f:b4:88:eb:55:b7:b9:22:37:ed:ad:62:74:
34:25:35:62:26:76:11:ed:05:35:1c:5f:94:c9:bf:e1:da:d1:
b6:e0:16:7c:fd:df:a3:d6:f4:f8:ff:b5:ad:2c:1e:16:25:21:
58:f1:55:5a:cf:fb:43:c3:48:d6:b9:aa:58:5e:b5:1c:1f:6e:
fc:88:e5:c0:3f:67:a6:25:be:70:dc:d1:b3:f4:08:bc:8d:5e:
1e:b8:bc:91:f3:f4:f4:3f:c4:99:f7:d7:64:20:f4:8c:fa:5c:
d5:56:5d:3b:48:b3:d1:1f:3a:74:b8:95:7c:93:2d:52:82:7c:
9c:a2:61:70:1b:2a:97:11:f2:78:7f:77:00:06:78:86:53:78:
34:fe:6d:e6:c0:65:7c:62:64:cd:af:ea:1d:ad:6c:db:86:69:
90:34:65:46
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFGfHxfSPVr0rx7bFmU2hW1YXuZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDExMDExMTAzMDhaFw0yNTEwMzExMTA4MDhaMDMxMTAvBgNV
BAMTKDVFNjdBRkUyNzhFREJENTMxNkY2OTZEOEI3OUMyNzVFRkQ1NEJBRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChUPlV2VF8WZnSGHq2SsyijDsm
1/llnp8w9xKylAZooPaIwLqnN31JSkslu8d/hNGsE0vATsH3r5ImuYKNm0OMM959
F1z3uY4s+9KiUU8P9PtbrWmLmX2G4kLDpGXwKnn/LGGfvJ7oVPedfymk3It6vrNz
Yx0EE9o/63k0yuvqU6vSzyVwi+kX+QL90OGAcpHuznsLYf7rAtRjXudCxEGl21YQ
J41aIxaBg8NH0HxW5wn9Z2BlX0pOgz5qBwex2c9ykeV/Qm0oXt1bEtR7GliFyCrl
r1J8CxGJ8uUHRrabo6AoSaTlkteQzDShB+kxtkFkuASg4aW9Cf5m068+UGNfAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUXmev4njtvVMW9pbYt5wnXv1UuvIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7d0w
DQYJKoZIhvcNAQELBQADggEBABPWZ8Myp79MYkWGufZk6uwhMUR2rLiE6gSEiS47
F5VOg3/fYyc+ByRaXLGV6DU0NmN1w8iOWLgd0ZS6lzshCCAmvoNAyGvvD+13RFf6
edO/X109IkLvjNVSHXOzemoxH7SI61W3uSI37a1idDQlNWImdhHtBTUcX5TJv+Ha
0bbgFnz936PW9Pj/ta0sHhYlIVjxVVrP+0PDSNa5qlhetRwfbvyI5cA/Z6YlvnDc
0bP0CLyNXh64vJHz9PQ/xJn312Qg9Iz6XNVWXTtIs9EfOnS4lXyTLVKCfJyiYXAb
KpcR8nh/dwAGeIZTeDT+bebAZXxiZM2v6h2tbNuGaZA0ZUY=
-----END CERTIFICATE-----
Generated at Fri Nov 1 18:17:07 2024 by rpki-client on console-ams.rpki-client.org