Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a633a3a2f34382d3438203d3e203538323032.roa
File: 326131343a373538303a633a3a2f34382d3438203d3e203538323032.roa (raw, json)
Hash identifier: suxRvk/+JeRqZyH05nDZAsvNwYQfm5b+g7O+ir+Vnds=
Subject key identifier: 40:93:0B:2D:0E:9A:B6:35:51:D6:D1:53:43:14:C9:C4:AB:40:C6:B5
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3DF839443E5A4331DDD8EC7697CAA17BA364EE45
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a633a3a2f34382d3438203d3e203538323032.roa
Signing time: Tue 23 Jan 2024 09:06:17 +0000
ROA not before: Tue 23 Jan 2024 09:01:17 +0000
ROA not after: Tue 21 Jan 2025 09:06:17 +0000
asID: 58202
IP address blocks: 2a14:7580:c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jan 2024 01:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f8:39:44:3e:5a:43:31:dd:d8:ec:76:97:ca:a1:7b:a3:64:ee:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 23 09:01:17 2024 GMT
Not After : Jan 21 09:06:17 2025 GMT
Subject: CN=40930B2D0E9AB63551D6D1534314C9C4AB40C6B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d0:0d:4d:6d:3a:e7:45:91:b0:e9:2d:07:89:
c9:2b:24:7c:ec:fc:22:22:33:af:26:b3:e0:7a:7e:
d8:82:75:3d:15:1c:63:11:96:4c:aa:83:9a:95:89:
ea:00:9c:ee:99:15:b9:1f:bd:a1:91:83:45:82:aa:
e8:40:3f:9e:b6:f6:46:1d:e0:bf:98:1f:ec:64:99:
5c:f8:1f:71:12:c2:b4:e9:24:83:a5:f0:61:53:72:
f5:4f:69:b8:24:c9:04:dc:2b:6d:dd:51:a4:0a:b9:
8f:83:a6:d7:90:0b:8a:45:1a:d1:b9:bd:7d:37:9e:
df:6a:b6:f3:41:69:8e:f3:1b:02:26:d8:8e:3e:ff:
cd:d3:ce:df:fc:ca:d7:1c:22:e8:9c:4f:f1:f5:d7:
f2:4c:18:b6:43:27:07:67:f3:3c:68:9f:5b:29:8b:
6f:ed:7c:94:03:e0:e3:88:39:94:7e:96:b7:63:e3:
b4:3e:aa:b3:95:a1:0b:27:34:c8:4f:bf:0a:5f:2c:
7f:f7:ac:99:d3:f8:9d:11:ba:b1:d2:d8:c5:63:e4:
99:ed:5e:54:db:a8:69:98:88:93:ee:56:8f:fb:aa:
48:dc:88:7d:79:ee:2b:b3:0e:f8:0f:2f:1b:47:c2:
a1:e6:29:95:51:37:a4:95:20:4b:d7:ff:f7:28:fd:
6c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:93:0B:2D:0E:9A:B6:35:51:D6:D1:53:43:14:C9:C4:AB:40:C6:B5
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538303a633a3a2f34382d3438203d3e203538323032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:c::/48
Signature Algorithm: sha256WithRSAEncryption
44:3b:24:06:59:b9:91:3b:99:74:05:09:3a:a2:e9:1f:a4:99:
24:db:cd:9d:e2:06:5e:92:ed:a2:78:c0:3e:ba:f7:25:3d:4e:
66:de:37:af:ea:14:55:b8:e2:22:f9:b6:10:e0:7f:97:a5:18:
e8:cb:91:d9:1c:39:fe:39:75:34:20:ff:4b:b3:67:74:f8:c1:
65:08:3f:31:5e:20:22:54:8a:34:df:a9:c7:5e:cf:6a:27:c9:
da:55:da:a5:d2:fc:b2:71:f1:aa:da:a6:17:d4:63:cd:36:00:
65:63:f4:63:09:df:1f:e5:0b:8e:a7:3a:60:4b:24:06:94:0a:
51:83:cb:b2:0b:c0:db:b8:6f:ad:45:e8:12:c0:f7:b9:46:5a:
e0:73:34:eb:74:25:d7:0b:c7:db:82:db:d3:e4:27:25:36:77:
c2:5c:a9:e4:05:20:fa:61:cd:5c:a2:3d:97:02:b3:9c:55:09:
52:5d:d6:8c:24:73:f2:45:b3:19:72:45:c1:ad:e1:65:d5:e1:
28:d8:b8:1b:f5:a7:aa:8d:31:f4:a6:71:27:ae:fb:56:96:36:
4d:87:32:8f:ad:81:c0:20:82:03:2a:de:57:ad:5e:8d:fe:4a:
f3:d1:4b:8b:cb:f2:6e:93:ee:7c:63:e1:04:40:81:d9:cb:3e:
7b:64:07:e1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUPfg5RD5aQzHd2Ox2l8qhe6Nk7kUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDAxMjMwOTAxMTdaFw0yNTAxMjEwOTA2MTdaMDMxMTAvBgNV
BAMTKDQwOTMwQjJEMEU5QUI2MzU1MUQ2RDE1MzQzMTRDOUM0QUI0MEM2QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ0A1NbTrnRZGw6S0HickrJHzs
/CIiM68ms+B6ftiCdT0VHGMRlkyqg5qVieoAnO6ZFbkfvaGRg0WCquhAP5629kYd
4L+YH+xkmVz4H3ESwrTpJIOl8GFTcvVPabgkyQTcK23dUaQKuY+DpteQC4pFGtG5
vX03nt9qtvNBaY7zGwIm2I4+/83Tzt/8ytccIuicT/H11/JMGLZDJwdn8zxon1sp
i2/tfJQD4OOIOZR+lrdj47Q+qrOVoQsnNMhPvwpfLH/3rJnT+J0RurHS2MVj5Jnt
XlTbqGmYiJPuVo/7qkjciH157iuzDvgPLxtHwqHmKZVRN6SVIEvX//co/WypAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUQJMLLQ6atjVR1tFTQxTJxKtAxrUwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMw
M2E2MzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM1MzgzMjMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqFHWAAAwwDQYJKoZIhvcNAQELBQADggEBAEQ7JAZZuZE7mXQFCTqi6R+kmSTb
zZ3iBl6S7aJ4wD669yU9TmbeN6/qFFW44iL5thDgf5elGOjLkdkcOf45dTQg/0uz
Z3T4wWUIPzFeICJUijTfqcdez2onydpV2qXS/LJx8araphfUY802AGVj9GMJ3x/l
C46nOmBLJAaUClGDy7ILwNu4b61F6BLA97lGWuBzNOt0JdcLx9uC29PkJyU2d8Jc
qeQFIPphzVyiPZcCs5xVCVJd1owkc/JFsxlyRcGt4WXV4SjYuBv1p6qNMfSmcSeu
+1aWNk2HMo+tgcAgggMq3letXo3+SvPRS4vL8m6T7nxj4QRAgdnLPntkB+E=
Generated at Mon Jan 29 03:23:25 2024 by rpki-client on console-fra.rpki-client.org