Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS1.roa
File: AS1.roa (raw, json)
Hash identifier: 2AQVDtG9ISGq288k23IhdI6M56KHIQIVqAW8mIFm/Vs=
Subject key identifier: D1:71:F0:AC:BE:A5:3B:7C:D2:FF:C3:A8:1F:B5:42:4A:A0:59:6F:A2
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 6F26B8C29164A9CCB4FCC70A7DE7D083841C430C
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS1.roa
Signing time: Fri 14 Jul 2023 17:22:37 +0000
ROA not before: Fri 14 Jul 2023 17:17:37 +0000
ROA not after: Fri 12 Jul 2024 17:22:37 +0000
asID: 1
IP address blocks: 192.166.82.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:26:b8:c2:91:64:a9:cc:b4:fc:c7:0a:7d:e7:d0:83:84:1c:43:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jul 14 17:17:37 2023 GMT
Not After : Jul 12 17:22:37 2024 GMT
Subject: CN=D171F0ACBEA53B7CD2FFC3A81FB5424AA0596FA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:93:31:bf:af:eb:be:b4:7c:b4:ea:06:4d:b6:
cc:b9:4f:75:3b:d6:99:bc:1a:0b:95:e4:e7:e0:dd:
d1:0e:e6:5a:13:f5:1c:87:8d:d0:e9:fa:b2:79:99:
b2:73:8c:52:52:63:0f:c6:8b:78:7a:b2:01:da:37:
0f:2e:cb:9d:05:55:24:58:55:c6:4f:ee:f7:43:2a:
d6:91:73:89:14:82:f9:c0:b2:c9:99:a4:79:5b:18:
7a:a1:c3:e3:39:5c:4f:a9:61:7f:36:bc:05:9e:c9:
ee:3c:72:d9:16:55:84:64:36:e2:db:33:dc:93:b6:
ae:47:c2:91:7a:1a:45:41:15:a7:55:8b:f0:8b:34:
e8:bb:0b:5c:57:60:54:cf:4a:9d:6d:f3:5f:ea:f7:
4e:59:51:f5:cf:c2:d7:c5:6f:ec:b3:b7:c0:87:5c:
ed:ea:97:d0:73:d5:0f:3c:1b:54:fa:05:9a:88:09:
c2:51:2c:91:31:66:3f:ce:6b:35:7c:af:1b:c9:74:
ae:ff:44:a3:b4:05:6d:ed:2a:79:db:b5:b0:b1:5f:
de:74:26:de:c9:dd:f9:de:5f:dd:68:5e:30:27:8a:
7c:84:35:a3:d3:0c:58:31:de:fa:05:aa:0f:ba:96:
09:30:61:58:e2:4a:6e:a2:60:ae:84:65:f2:db:0a:
21:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:71:F0:AC:BE:A5:3B:7C:D2:FF:C3:A8:1F:B5:42:4A:A0:59:6F:A2
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS1.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.82.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:51:5a:24:75:35:13:2b:07:c9:07:88:b4:47:a2:55:8d:61:
5a:ac:55:ed:b6:d3:39:9e:f6:69:04:72:10:b9:0f:93:01:c3:
da:8b:55:d7:59:d5:dd:23:07:70:2d:78:bb:60:19:90:28:41:
d2:fd:b8:18:6b:36:eb:ea:2e:1e:fa:a9:c2:cc:11:1b:31:0b:
b7:38:8b:a9:f0:80:56:cc:26:ef:91:b7:a4:dd:22:40:7c:1c:
ed:d0:d5:91:8d:f1:bf:04:4e:5b:c5:38:ac:80:7d:86:29:47:
ae:d8:6f:5f:9c:82:c2:f4:a7:a2:28:e8:f7:12:4e:7f:6c:25:
9b:8b:5f:de:39:32:57:23:d1:5a:c3:92:1d:3f:fe:6c:f8:43:
52:f3:9a:f6:38:d4:ce:4c:a3:b3:5b:fd:4e:18:e8:d5:1a:79:
f8:e2:a3:82:00:c1:28:7b:e1:b0:95:cd:f7:a6:e1:d8:bb:7d:
2e:a8:45:4a:2a:56:fc:64:e7:f6:b6:6b:d0:5d:05:8d:2b:2f:
b0:6c:44:65:70:90:69:ba:e5:02:17:67:cd:a0:94:27:17:e3:
e3:78:13:ca:75:b2:cf:b1:7b:ec:8a:9b:c7:30:31:c7:1c:b1:
09:02:e7:35:3a:63:77:1d:2a:8e:ea:58:b2:7d:0a:d4:3f:20:
f1:f5:e6:7c
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIUbya4wpFkqcy0/McKfefQg4QcQwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzA3MTQxNzE3MzdaFw0yNDA3MTIxNzIyMzdaMDMxMTAvBgNV
BAMTKEQxNzFGMEFDQkVBNTNCN0NEMkZGQzNBODFGQjU0MjRBQTA1OTZGQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmkzG/r+u+tHy06gZNtsy5T3U7
1pm8GguV5Ofg3dEO5loT9RyHjdDp+rJ5mbJzjFJSYw/Gi3h6sgHaNw8uy50FVSRY
VcZP7vdDKtaRc4kUgvnAssmZpHlbGHqhw+M5XE+pYX82vAWeye48ctkWVYRkNuLb
M9yTtq5HwpF6GkVBFadVi/CLNOi7C1xXYFTPSp1t81/q905ZUfXPwtfFb+yzt8CH
XO3ql9Bz1Q88G1T6BZqICcJRLJExZj/OazV8rxvJdK7/RKO0BW3tKnnbtbCxX950
Jt7J3fneX91oXjAninyENaPTDFgx3voFqg+6lgkwYVjiSm6iYK6EZfLbCiFvAgMB
AAGjggIFMIICATAdBgNVHQ4EFgQU0XHwrL6lO3zS/8OoH7VCSqBZb6IwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMCmUjANBgkq
hkiG9w0BAQsFAAOCAQEAy1FaJHU1EysHyQeItEeiVY1hWqxV7bbTOZ72aQRyELkP
kwHD2otV11nV3SMHcC14u2AZkChB0v24GGs26+ouHvqpwswRGzELtziLqfCAVswm
75G3pN0iQHwc7dDVkY3xvwROW8U4rIB9hilHrthvX5yCwvSnoijo9xJOf2wlm4tf
3jkyVyPRWsOSHT/+bPhDUvOa9jjUzkyjs1v9Thjo1Rp5+OKjggDBKHvhsJXN96bh
2Lt9LqhFSipW/GTn9rZr0F0FjSsvsGxEZXCQabrlAhdnzaCUJxfj43gTynWyz7F7
7IqbxzAxxxyxCQLnNTpjdx0qjupYsn0K1D8g8fXmfA==
-----END CERTIFICATE-----
Generated at Wed Nov 15 11:39:34 2023 by rpki-client on console-fra.rpki-client.org