Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3330303a3a2f34302d313238203d3e20323135353631.roa
File: 326131343a373538313a3330303a3a2f34302d313238203d3e20323135353631.roa (raw, json)
Hash identifier: +P71HcAjSnvWeF59/yrf4AIcB6ty658cVDv0wu+CsNw=
Subject key identifier: 81:4D:B8:F4:08:CD:98:74:D9:86:02:CE:F9:7C:E6:9A:94:53:90:BA
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 7D25C38E00CDAF876487D4D2AB27001F37FB573D
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3330303a3a2f34302d313238203d3e20323135353631.roa
Signing time: Fri 29 Mar 2024 00:50:44 +0000
ROA not before: Fri 29 Mar 2024 00:45:44 +0000
ROA not after: Fri 28 Mar 2025 00:50:44 +0000
asID: 215561
IP address blocks: 2a14:7581:300::/40 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Apr 2024 03:12:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:25:c3:8e:00:cd:af:87:64:87:d4:d2:ab:27:00:1f:37:fb:57:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Mar 29 00:45:44 2024 GMT
Not After : Mar 28 00:50:44 2025 GMT
Subject: CN=814DB8F408CD9874D98602CEF97CE69A945390BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:dd:1e:65:50:cd:f7:f2:2d:fa:37:19:d3:a9:
64:d0:27:20:97:90:26:7e:d0:9d:e2:8c:1c:93:04:
42:bd:48:ab:69:8a:4a:f4:5c:93:0f:43:e9:31:6d:
b4:97:49:62:b7:6e:de:96:d0:6a:b8:ff:08:b5:b7:
46:d3:20:be:8e:53:c2:da:93:ed:6f:d7:cb:c6:78:
a5:2f:b2:ad:81:d6:8e:74:5f:65:1f:0b:06:05:bd:
1f:e9:b0:13:19:84:4d:e7:44:6f:28:45:61:11:7e:
29:77:07:19:3f:18:ce:f8:37:08:99:28:d5:1b:16:
02:59:23:bb:3a:5e:ed:f1:27:09:ac:5d:7c:55:7f:
a3:1f:08:37:01:c6:2e:14:07:e2:62:01:8a:f7:77:
16:61:1a:9f:94:fc:4a:b5:7c:43:d9:01:4b:f3:5d:
ab:66:02:42:c1:54:63:67:be:19:85:c2:e4:3e:93:
ae:4b:c8:9d:9c:7c:aa:05:78:26:ca:49:fd:01:db:
a0:16:c5:ea:bf:de:c7:92:82:a9:66:a6:99:be:5e:
5a:75:fa:87:28:02:bf:51:20:de:d6:54:ee:9b:d0:
b9:6e:ed:bf:25:a6:de:e9:82:be:66:76:9f:d0:17:
db:c0:7f:0f:cd:75:76:2a:78:ad:4d:e4:6e:b8:4e:
aa:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4D:B8:F4:08:CD:98:74:D9:86:02:CE:F9:7C:E6:9A:94:53:90:BA
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3330303a3a2f34302d313238203d3e20323135353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:300::/40
Signature Algorithm: sha256WithRSAEncryption
8b:ed:85:04:78:74:91:b2:f6:53:11:9b:e3:b9:63:af:4f:f8:
4b:7e:b6:33:e6:52:e0:b9:9b:33:02:66:b8:c6:70:30:ce:38:
dc:68:f8:43:bc:84:da:33:e7:e0:b8:44:40:7d:d2:39:84:74:
31:fb:63:de:1c:38:81:5b:38:17:10:ca:17:e1:cd:9e:90:9f:
1a:76:02:83:c4:1e:6f:85:09:73:b4:2e:72:1c:31:ec:12:9a:
80:5d:b1:96:cf:c5:dc:c1:17:f4:f0:3a:c6:1b:0a:d8:72:1e:
cd:d7:f2:05:fa:f1:81:7a:33:f3:c8:1b:cf:b8:e6:d8:2e:4f:
78:1e:a6:d8:cd:7a:09:be:50:12:c5:16:b5:58:6c:f9:34:d0:
67:f7:96:39:d1:6a:59:d1:72:34:10:41:1e:f1:d8:02:28:f5:
45:94:bc:f3:ae:dd:6e:de:ae:cf:94:e8:83:5d:c8:d7:75:3f:
1e:2d:eb:fe:15:10:0d:f8:06:cb:77:c1:47:f2:c3:0a:de:a1:
fa:ee:bb:18:9b:29:b8:9f:1d:42:dc:55:8d:47:38:06:69:6d:
f1:b8:94:c9:c9:13:e7:2d:7f:b4:59:70:af:d6:6b:3b:a0:f1:
37:8d:0b:24:13:32:e8:66:9d:34:c0:60:fb:da:3b:6e:90:30:
d3:c3:3f:1d
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUfSXDjgDNr4dkh9TSqycAHzf7Vz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDAzMjkwMDQ1NDRaFw0yNTAzMjgwMDUwNDRaMDMxMTAvBgNV
BAMTKDgxNERCOEY0MDhDRDk4NzREOTg2MDJDRUY5N0NFNjlBOTQ1MzkwQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC33R5lUM338i36NxnTqWTQJyCX
kCZ+0J3ijByTBEK9SKtpikr0XJMPQ+kxbbSXSWK3bt6W0Gq4/wi1t0bTIL6OU8La
k+1v18vGeKUvsq2B1o50X2UfCwYFvR/psBMZhE3nRG8oRWERfil3Bxk/GM74NwiZ
KNUbFgJZI7s6Xu3xJwmsXXxVf6MfCDcBxi4UB+JiAYr3dxZhGp+U/Eq1fEPZAUvz
XatmAkLBVGNnvhmFwuQ+k65LyJ2cfKoFeCbKSf0B26AWxeq/3seSgqlmppm+Xlp1
+ocoAr9RIN7WVO6b0Llu7b8lpt7pgr5mdp/QF9vAfw/NdXYqeK1N5G64TqrVAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUgU249AjNmHTZhgLO+XzmmpRTkLowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzMzMwMzAzYTNhMmYzNDMwMmQzMTMyMzgyMDNkM2UyMDMyMzEzNTM1MzYzMS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoUdYEDMA0GCSqGSIb3DQEBCwUAA4IBAQCL7YUEeHSRsvZTEZvj
uWOvT/hLfrYz5lLguZszAma4xnAwzjjcaPhDvITaM+fguERAfdI5hHQx+2PeHDiB
WzgXEMoX4c2ekJ8adgKDxB5vhQlztC5yHDHsEpqAXbGWz8XcwRf08DrGGwrYch7N
1/IF+vGBejPzyBvPuObYLk94HqbYzXoJvlASxRa1WGz5NNBn95Y50WpZ0XI0EEEe
8dgCKPVFlLzzrt1u3q7PlOiDXcjXdT8eLev+FRAN+AbLd8FH8sMK3qH67rsYmym4
nx1C3FWNRzgGaW3xuJTJyRPnLX+0WXCv1ms7oPE3jQskEzLoZp00wGD72jtukDDT
wz8d
Generated at Tue Apr 2 04:23:01 2024 by rpki-client on console-fra.rpki-client.org