Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e203231383539.roa
File: 33312e3231372e3235302e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: 6WoGpRETPRXnbtGg4n7eCGrBpc8W+IywsQr9d1I9VF0=
Subject key identifier: B2:44:3D:AA:9D:3F:7D:05:CF:71:6C:B4:E3:F4:1C:32:60:A7:7B:09
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 60B2ECA76A0279EBD3F9ED0A52B19A93E8CFF20B
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e203231383539.roa
Signing time: Tue 02 Jan 2024 08:51:16 +0000
ROA not before: Tue 02 Jan 2024 08:46:16 +0000
ROA not after: Tue 31 Dec 2024 08:51:16 +0000
asID: 21859
IP address blocks: 31.217.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:b2:ec:a7:6a:02:79:eb:d3:f9:ed:0a:52:b1:9a:93:e8:cf:f2:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jan 2 08:46:16 2024 GMT
Not After : Dec 31 08:51:16 2024 GMT
Subject: CN=B2443DAA9D3F7D05CF716CB4E3F41C3260A77B09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:c6:45:8b:38:27:68:b5:8e:50:4f:0a:8b:
fb:e7:88:45:99:bd:13:20:95:58:88:ca:b9:73:ec:
ff:98:17:df:b5:59:64:e7:71:e2:ef:e3:e1:dd:b6:
4e:5f:57:9b:3f:5c:8a:66:64:3c:2b:b1:b3:52:a2:
cc:65:f3:94:69:65:c0:63:e7:bc:50:7d:67:15:4b:
b3:a4:da:b0:a8:6f:90:6d:80:75:7a:59:d0:04:e7:
f0:7d:17:90:6d:cf:33:89:d5:65:75:53:95:2a:97:
fe:4d:ea:29:e0:9a:1b:fa:46:e7:4f:71:3b:ff:91:
5b:b1:0f:89:74:1b:bd:a9:6e:ea:2b:fc:a0:5a:2d:
d3:b8:d2:88:a7:8f:6e:1b:4f:11:4a:0f:a9:ea:a6:
ca:5b:96:57:ae:de:c0:46:0b:e5:95:61:54:6f:69:
35:54:21:de:1f:b5:5b:bf:ca:b3:68:6e:a2:49:b8:
ea:79:9a:45:c1:17:20:13:9e:e1:57:e2:bc:89:b3:
fe:cd:60:97:2f:a1:8d:af:3f:42:e9:85:c3:02:81:
f1:05:9e:7d:b5:4d:b2:c6:47:77:3f:7a:95:4f:9e:
49:44:ca:b5:dc:fa:fe:c7:ce:af:ff:f9:c7:5e:cd:
32:f8:62:39:ba:7c:c1:ca:df:36:1b:09:64:44:9a:
cd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:44:3D:AA:9D:3F:7D:05:CF:71:6C:B4:E3:F4:1C:32:60:A7:7B:09
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.250.0/24
Signature Algorithm: sha256WithRSAEncryption
64:1c:c5:8a:d2:63:13:a6:c9:19:4a:66:a7:5b:68:b1:de:b4:
fd:0c:9c:31:e6:52:48:4f:2a:18:3b:5b:b9:1a:e2:58:3e:04:
89:0d:3f:43:3f:70:d0:b0:58:6f:6b:8c:ec:df:04:5b:32:df:
96:31:01:4f:75:79:4d:a8:a5:6f:0f:1e:d9:8b:ff:6c:09:37:
22:75:00:9c:66:9c:31:c4:0f:38:aa:7f:13:6e:7e:29:f4:2c:
ff:bb:b2:c6:45:c7:29:d1:e3:95:cb:24:11:01:28:25:79:cf:
74:57:59:b2:ac:f7:58:61:42:41:43:cf:03:57:6e:0e:db:35:
e9:b9:ec:b9:0c:03:ef:c6:c2:77:05:ff:fa:af:65:d4:cb:78:
57:64:d0:a7:a3:2c:b7:98:c5:8d:6f:e4:83:46:fe:c5:69:5e:
d2:18:06:10:fb:dd:89:bf:ca:8f:86:a2:3f:17:a9:d3:47:54:
d4:39:13:4f:c6:da:c0:38:0b:f2:e8:62:af:a0:d3:eb:5a:a4:
fa:9d:e1:ad:46:c7:a3:af:ee:1f:f4:47:2a:30:d8:f3:cd:a1:
9d:34:15:37:b9:49:19:d8:8a:c5:d7:d6:c7:87:88:dc:b1:a7:
46:5f:32:eb:13:31:16:e1:43:39:8b:0b:b9:c0:85:40:ba:55:
7b:84:64:0e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYLLsp2oCeevT+e0KUrGak+jP8gswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDAxMDIwODQ2MTZaFw0yNDEyMzEwODUxMTZaMDMxMTAvBgNV
BAMTKEIyNDQzREFBOUQzRjdEMDVDRjcxNkNCNEUzRjQxQzMyNjBBNzdCMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7sMZFizgnaLWOUE8Ki/vniEWZ
vRMglViIyrlz7P+YF9+1WWTnceLv4+Hdtk5fV5s/XIpmZDwrsbNSosxl85RpZcBj
57xQfWcVS7Ok2rCob5BtgHV6WdAE5/B9F5BtzzOJ1WV1U5Uql/5N6ingmhv6RudP
cTv/kVuxD4l0G72pbuor/KBaLdO40oinj24bTxFKD6nqpspblleu3sBGC+WVYVRv
aTVUId4ftVu/yrNobqJJuOp5mkXBFyATnuFX4ryJs/7NYJcvoY2vP0LphcMCgfEF
nn21TbLGR3c/epVPnklEyrXc+v7Hzq//+cdezTL4Yjm6fMHK3zYbCWREms0XAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUskQ9qp0/fQXPcWy04/QcMmCnewkwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzMzMTJlMzIzMTM3MmUzMjM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9n6MA0GCSqGSIb3DQEBCwUAA4IBAQBkHMWK0mMTpskZSmanW2ix3rT9DJwx5lJI
TyoYO1u5GuJYPgSJDT9DP3DQsFhva4zs3wRbMt+WMQFPdXlNqKVvDx7Zi/9sCTci
dQCcZpwxxA84qn8Tbn4p9Cz/u7LGRccp0eOVyyQRASglec90V1myrPdYYUJBQ88D
V24O2zXpuey5DAPvxsJ3Bf/6r2XUy3hXZNCnoyy3mMWNb+SDRv7FaV7SGAYQ+92J
v8qPhqI/F6nTR1TUORNPxtrAOAvy6GKvoNPrWqT6neGtRsejr+4f9EcqMNjzzaGd
NBU3uUkZ2IrF19bHh4jcsadGXzLrEzEW4UM5iwu5wIVAulV7hGQO
-----END CERTIFICATE-----
Generated at Fri Feb 2 01:59:36 2024 by rpki-client on console-ams.rpki-client.org