Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34302d3438203d3e20323038343533.roa
File: 326131343a316563373a663030303a3a2f34302d3438203d3e20323038343533.roa (raw, json)
Hash identifier: Sx3d9ZB61401QuectF0QVa9heO4ndtNCyXVFzhTOhg8=
Subject key identifier: 33:0F:7A:09:85:0D:17:B7:3A:F3:01:3B:11:B6:A5:C7:A7:68:D6:E1
Certificate issuer: /CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71
Certificate serial: 1E7A3F67C0A302B1211ED19224D0D6FD7E925A73
Authority key identifier: 1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34302d3438203d3e20323038343533.roa
Signing time: Thu 28 Mar 2024 18:30:59 +0000
ROA not before: Thu 28 Mar 2024 18:25:59 +0000
ROA not after: Thu 27 Mar 2025 18:30:59 +0000
asID: 208453
IP address blocks: 2a14:1ec7:f000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Apr 2024 17:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:7a:3f:67:c0:a3:02:b1:21:1e:d1:92:24:d0:d6:fd:7e:92:5a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71
Validity
Not Before: Mar 28 18:25:59 2024 GMT
Not After : Mar 27 18:30:59 2025 GMT
Subject: CN=330F7A09850D17B73AF3013B11B6A5C7A768D6E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ea:e1:11:af:06:af:bd:14:51:b5:24:b5:59:
86:0c:8e:9f:68:db:48:f1:8e:90:b4:e8:91:f0:67:
33:a4:11:6f:0d:42:e1:e0:62:9d:bb:26:be:ff:eb:
86:31:90:f0:54:9f:0a:50:cc:f0:24:e9:83:5b:73:
4a:03:4f:e3:99:01:9c:d0:3f:b7:3f:f4:7f:57:4d:
4d:b2:20:60:cb:29:24:b9:95:fd:7f:19:ec:15:46:
30:5b:40:e6:96:57:d6:fb:36:1d:95:2e:d7:0f:3e:
05:9f:17:8c:07:b6:ac:00:86:f9:43:9a:89:00:24:
3f:ac:20:e7:a4:a8:ac:fa:7a:b6:70:9b:d2:04:b5:
51:3f:6f:4d:cc:90:f3:94:b7:c1:4c:f2:1a:d1:c1:
76:5a:62:24:9a:af:db:e5:40:b6:bf:63:43:fa:7b:
83:ca:70:90:e0:e2:27:d6:b6:75:52:fa:1f:14:1f:
33:f5:e9:e2:71:f8:c9:36:bf:51:32:f9:58:65:a3:
1d:e7:59:1c:19:00:fd:d3:91:05:eb:24:7b:75:20:
c4:7f:41:d6:9a:f4:cb:7e:4d:64:ba:7f:d5:71:02:
cb:45:31:92:ca:69:d5:8d:25:1c:fe:43:73:b5:6c:
56:3a:51:fe:cf:03:ec:be:46:3f:a6:50:6a:3f:e3:
99:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0F:7A:09:85:0D:17:B7:3A:F3:01:3B:11:B6:A5:C7:A7:68:D6:E1
X509v3 Authority Key Identifier:
keyid:1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34302d3438203d3e20323038343533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f000::/40
Signature Algorithm: sha256WithRSAEncryption
df:3b:f6:37:c6:6d:dc:b1:c6:64:e2:15:92:7e:3c:87:99:2f:
1e:4a:26:27:9f:0c:ec:b4:8e:11:d2:e8:f4:76:50:54:b0:1b:
97:18:81:99:e4:a3:72:36:0d:23:ff:aa:71:08:80:ea:2d:4a:
27:59:62:55:8a:57:72:34:6f:50:a1:3e:8a:45:d8:a0:10:81:
fa:bc:1b:5e:28:6d:06:e2:26:c2:d6:67:d2:7e:11:01:b6:d5:
2c:db:58:8b:2a:96:dd:3f:b0:50:c9:c9:90:a4:8b:f9:8e:6c:
52:86:cc:b9:70:35:96:83:99:60:38:80:96:6d:a3:6c:8b:b5:
7f:6c:8e:6b:1e:9b:25:7c:92:d8:9a:e9:3b:4e:4f:fe:30:06:
d3:bb:33:52:9a:3b:39:a1:bf:d0:9c:99:ab:89:a1:74:17:8d:
fd:6e:63:ed:42:8f:62:a2:90:bb:6b:dd:77:e8:05:6c:f4:97:
c1:9f:08:9a:c8:23:9c:2c:fa:38:47:5b:95:74:c9:37:65:fe:
23:35:5b:5c:4f:63:45:f5:8d:f8:20:e9:e4:bf:83:6f:a3:77:
ff:bb:5e:d2:64:21:80:e0:aa:48:84:9d:03:d6:a8:c4:4e:b2:
39:51:4c:27:14:a3:db:89:80:bd:39:86:21:81:80:8c:75:39:
e0:19:06:67
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUHno/Z8CjArEhHtGSJNDW/X6SWnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVG
ODNFMEU3MTAeFw0yNDAzMjgxODI1NTlaFw0yNTAzMjcxODMwNTlaMDMxMTAvBgNV
BAMTKDMzMEY3QTA5ODUwRDE3QjczQUYzMDEzQjExQjZBNUM3QTc2OEQ2RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo6uERrwavvRRRtSS1WYYMjp9o
20jxjpC06JHwZzOkEW8NQuHgYp27Jr7/64YxkPBUnwpQzPAk6YNbc0oDT+OZAZzQ
P7c/9H9XTU2yIGDLKSS5lf1/GewVRjBbQOaWV9b7Nh2VLtcPPgWfF4wHtqwAhvlD
mokAJD+sIOekqKz6erZwm9IEtVE/b03MkPOUt8FM8hrRwXZaYiSar9vlQLa/Y0P6
e4PKcJDg4ifWtnVS+h8UHzP16eJx+Mk2v1Ey+Vhlox3nWRwZAP3TkQXrJHt1IMR/
Qdaa9Mt+TWS6f9VxAstFMZLKadWNJRz+Q3O1bFY6Uf7PA+y+Rj+mUGo/45kRAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUMw96CYUNF7c68wE7Ebalx6do1uEwHwYDVR0j
BBgwFoAUHb0dR/2ORXTIQhdDycxfDvg+DnEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE0NzZkNjItOWNmYS00ODcxLWEyZDktZmFkZjU3ODFj
MTFiLzIvMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVGODNFMEU3MS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8xREJEMUQ0N0ZEOEU0NTc0Qzg0MjE3NDND
OUNDNUYwRUY4M0UwRTcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS83MTQ3NmQ2Mi05Y2ZhLTQ4NzEtYTJkOS1mYWRmNTc4MWMxMWIvMi8zMjYxMzEz
NDNhMzE2NTYzMzczYTY2MzAzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzIz
MDM4MzQzNTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhQex/AwDQYJKoZIhvcNAQELBQADggEBAN87
9jfGbdyxxmTiFZJ+PIeZLx5KJiefDOy0jhHS6PR2UFSwG5cYgZnko3I2DSP/qnEI
gOotSidZYlWKV3I0b1ChPopF2KAQgfq8G14obQbiJsLWZ9J+EQG21SzbWIsqlt0/
sFDJyZCki/mObFKGzLlwNZaDmWA4gJZto2yLtX9sjmsemyV8ktia6TtOT/4wBtO7
M1KaOzmhv9CcmauJoXQXjf1uY+1Cj2KikLtr3XfoBWz0l8GfCJrII5ws+jhHW5V0
yTdl/iM1W1xPY0X1jfgg6eS/g2+jd/+7XtJkIYDgqkiEnQPWqMROsjlRTCcUo9uJ
gL05hiGBgIx1OeAZBmc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org