Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20383334.roa
File: 38352e3233372e3232332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: c2LxOPB2+I4Uqq0BMb2qOaRr7YioOAbSZw2EN9jlAmw=
Subject key identifier: A8:16:7E:9F:38:9F:41:5C:36:21:AC:CC:2B:F9:52:8F:1E:3C:72:D2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2EB32ED1903A5828408B44268094031232449B12
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20383334.roa
Signing time: Thu 23 Nov 2023 00:00:06 +0000
ROA not before: Wed 22 Nov 2023 23:55:06 +0000
ROA not after: Thu 21 Nov 2024 00:00:06 +0000
asID: 834
IP address blocks: 85.237.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 09:51:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:b3:2e:d1:90:3a:58:28:40:8b:44:26:80:94:03:12:32:44:9b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 22 23:55:06 2023 GMT
Not After : Nov 21 00:00:06 2024 GMT
Subject: CN=A8167E9F389F415C3621ACCC2BF9528F1E3C72D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:6d:5f:83:c2:20:f8:b2:ca:c7:49:af:8e:ef:
ff:35:5c:2f:bc:6e:e5:e5:b7:7f:b5:24:11:ca:bf:
ca:05:34:c8:fa:a2:de:0b:7f:33:36:93:a0:6b:aa:
ec:d5:23:2c:cb:6d:40:8a:5a:5b:40:67:74:c8:69:
11:a1:e9:f6:81:e6:15:f1:d8:b3:1e:4a:6e:ff:7a:
6d:4a:7a:8f:2c:9f:39:e5:88:39:4c:62:10:70:d0:
ef:d5:d6:00:a3:cd:62:0e:56:66:c6:b8:90:39:8c:
5a:93:fc:94:4d:7d:8e:3d:fd:14:8d:1a:5f:6d:87:
bf:33:c6:0f:c6:5d:b7:86:65:c9:72:ca:fe:5c:93:
ce:17:b0:32:97:18:a0:fe:58:28:67:7b:c3:b0:b3:
c0:67:66:b1:25:0e:c0:d7:16:bc:d8:2b:1c:32:37:
e4:1d:82:87:21:1c:69:05:e7:6d:8c:fe:e5:99:5d:
65:0a:27:6d:d7:9e:99:ea:01:fb:82:47:31:4c:70:
05:d9:2f:c2:1e:ae:f8:52:01:3f:04:7a:ce:e3:26:
2c:41:c3:86:a1:f8:b5:f2:c9:96:f3:c4:5f:6d:62:
1c:44:27:c5:87:1f:a2:14:ea:43:83:77:85:e9:db:
89:ae:32:6e:01:06:d8:3a:db:44:86:21:b9:ce:c3:
6a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:16:7E:9F:38:9F:41:5C:36:21:AC:CC:2B:F9:52:8F:1E:3C:72:D2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.223.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:81:b0:5a:49:89:f0:c4:b0:3c:bf:06:c2:21:22:6d:f9:60:
30:6a:a5:ba:c7:f3:e5:a3:3e:42:e9:ef:61:bb:21:f0:56:8e:
df:e3:d0:8b:d1:4e:e1:08:5f:f9:0c:d3:12:e7:08:2d:d6:a2:
4f:67:24:c7:6e:af:69:14:ca:04:cd:f5:79:91:15:d8:47:e6:
12:36:26:88:92:cc:95:81:39:c9:68:37:d3:c8:51:49:bb:33:
2e:db:ea:36:e5:96:3b:fb:a9:b3:f6:56:f2:0c:b6:22:ae:6c:
ae:b9:ec:78:8f:54:7a:2c:bb:11:f2:af:b6:f6:de:b8:3a:c6:
74:0a:83:70:b4:19:af:9f:4f:9b:aa:ae:f0:23:a1:11:01:9f:
a1:0a:8f:a2:57:9a:75:21:f4:3a:08:e0:df:23:13:c2:c4:95:
36:92:30:78:2a:16:a7:ea:8b:be:d9:20:9f:9c:31:24:c6:1f:
0a:63:d1:e8:74:b3:97:32:d7:f1:2e:3c:2b:fa:f7:17:d8:00:
f6:a3:0f:03:03:2e:3d:77:7f:33:7e:01:94:9d:76:b0:18:c0:
2c:d4:42:f3:77:c5:f4:58:da:a2:e3:12:1c:cd:5a:fd:9f:54:
c5:af:17:37:55:26:1e:53:fd:7e:19:21:81:d5:3f:ea:11:7a:
1f:e2:d8:a1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIULrMu0ZA6WChAi0QmgJQDEjJEmxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMjIyMzU1MDZaFw0yNDExMjEwMDAwMDZaMDMxMTAvBgNV
BAMTKEE4MTY3RTlGMzg5RjQxNUMzNjIxQUNDQzJCRjk1MjhGMUUzQzcyRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDubV+DwiD4ssrHSa+O7/81XC+8
buXlt3+1JBHKv8oFNMj6ot4LfzM2k6BrquzVIyzLbUCKWltAZ3TIaRGh6faB5hXx
2LMeSm7/em1Keo8snznliDlMYhBw0O/V1gCjzWIOVmbGuJA5jFqT/JRNfY49/RSN
Gl9th78zxg/GXbeGZclyyv5ck84XsDKXGKD+WChne8Ows8BnZrElDsDXFrzYKxwy
N+QdgochHGkF522M/uWZXWUKJ23XnpnqAfuCRzFMcAXZL8IervhSAT8Ees7jJixB
w4ah+LXyyZbzxF9tYhxEJ8WHH6IU6kODd4Xp24muMm4BBtg620SGIbnOw2pnAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUqBZ+nzifQVw2IazMK/lSjx48ctIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7d8w
DQYJKoZIhvcNAQELBQADggEBAGqBsFpJifDEsDy/BsIhIm35YDBqpbrH8+WjPkLp
72G7IfBWjt/j0IvRTuEIX/kM0xLnCC3Wok9nJMdur2kUygTN9XmRFdhH5hI2JoiS
zJWBOcloN9PIUUm7My7b6jblljv7qbP2VvIMtiKubK657HiPVHosuxHyr7b23rg6
xnQKg3C0Ga+fT5uqrvAjoREBn6EKj6JXmnUh9DoI4N8jE8LElTaSMHgqFqfqi77Z
IJ+cMSTGHwpj0eh0s5cy1/EuPCv69xfYAPajDwMDLj13fzN+AZSddrAYwCzUQvN3
xfRY2qLjEhzNWv2fVMWvFzdVJh5T/X4ZIYHVP+oReh/i2KE=
Generated at Sat Jan 27 10:58:29 2024 by rpki-client on console-fra.rpki-client.org