Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/3/323030313a6466343a316463303a3a2f34382d3438203d3e20313533313735.roa
File: 323030313a6466343a316463303a3a2f34382d3438203d3e20313533313735.roa (raw, json)
Hash identifier: TmXYQvHyRZq/qLMjJWQRhRTbAYwd7MOhkOnFwBNgmM0=
Subject key identifier: 70:B5:BE:25:82:42:C2:92:D5:32:26:75:9C:A1:9A:D5:9C:3C:B3:31
Certificate issuer: /CN=A91443440000/serialNumber=94A2F16DF417C32E057AA268C0E52C70D1A406C5
Certificate serial: 661BFDEA743BE7F6D3B71DEA83E94554BC5887D6
Authority key identifier: 94:A2:F1:6D:F4:17:C3:2E:05:7A:A2:68:C0:E5:2C:70:D1:A4:06:C5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKLxbfQXwy4FeqJowOUscNGkBsU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/3/323030313a6466343a316463303a3a2f34382d3438203d3e20313533313735.roa
Signing time: Sat 27 Jul 2024 17:33:00 +0000
ROA not before: Sat 27 Jul 2024 17:28:00 +0000
ROA not after: Sat 26 Jul 2025 17:33:00 +0000
asID: 153175
IP address blocks: 2001:df4:1dc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 Aug 2024 19:14:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:1b:fd:ea:74:3b:e7:f6:d3:b7:1d:ea:83:e9:45:54:bc:58:87:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91443440000/serialNumber=94A2F16DF417C32E057AA268C0E52C70D1A406C5
Validity
Not Before: Jul 27 17:28:00 2024 GMT
Not After : Jul 26 17:33:00 2025 GMT
Subject: CN=70B5BE258242C292D53226759CA19AD59C3CB331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0c:c6:cb:42:57:08:a4:ae:2a:5a:69:aa:7e:
fc:8a:88:90:a5:41:8c:f5:e6:7b:be:60:ff:b4:80:
6b:c2:b1:48:d4:62:63:3f:48:18:5b:97:d3:20:26:
c2:27:26:c5:75:48:db:53:81:91:cb:2d:54:43:7b:
09:f4:39:71:fb:fc:82:16:c7:87:01:57:ff:42:fe:
14:ad:5b:1a:41:c1:99:f6:dd:96:a2:2b:5d:f6:c0:
2e:c0:0d:3c:f0:7f:e5:fc:47:17:6c:fa:d7:b7:27:
12:e9:66:94:e5:d0:b0:f3:33:63:02:02:d8:9e:b0:
9d:2d:54:ba:6e:33:18:62:ec:fb:f1:9a:97:92:9d:
49:87:78:2b:9e:fc:2d:a6:76:f0:1a:04:7b:72:ba:
c7:bd:8e:5e:51:d5:b8:87:b2:d9:7c:b4:eb:8d:5f:
43:6e:4e:61:b8:76:f0:77:57:ae:7f:39:4c:1a:d5:
de:43:54:12:c8:c6:f3:43:9a:5d:4e:b3:3e:d7:4f:
d5:9e:f9:52:46:e9:19:58:4d:cf:aa:4a:c2:11:c8:
9d:42:a3:50:a0:af:23:aa:40:05:84:10:bf:0c:ac:
ee:f1:8a:8e:30:d1:7c:a4:39:40:c5:b0:2b:54:f8:
27:88:ca:bb:88:92:ea:fb:76:fe:e5:80:0b:91:aa:
c2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B5:BE:25:82:42:C2:92:D5:32:26:75:9C:A1:9A:D5:9C:3C:B3:31
X509v3 Authority Key Identifier:
keyid:94:A2:F1:6D:F4:17:C3:2E:05:7A:A2:68:C0:E5:2C:70:D1:A4:06:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/3/94A2F16DF417C32E057AA268C0E52C70D1A406C5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKLxbfQXwy4FeqJowOUscNGkBsU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8d5cd14e-5f63-4f1c-94e3-27050c266480/3/323030313a6466343a316463303a3a2f34382d3438203d3e20313533313735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:1dc0::/48
Signature Algorithm: sha256WithRSAEncryption
19:94:e7:70:65:dd:18:37:29:de:0a:ff:94:0c:e0:7d:05:c9:
09:4c:4e:dd:9a:a0:e0:e8:ed:fd:ce:57:76:6b:15:b3:a7:49:
db:68:1f:b1:bf:fc:0a:a7:4d:6e:7d:c5:30:4d:d0:3a:b9:81:
ca:48:27:71:af:4e:30:6c:85:18:46:b6:32:2f:33:5f:ac:50:
56:05:32:34:94:9e:29:43:f2:a9:75:fa:40:48:d3:d1:27:bd:
aa:0f:3a:04:48:e4:91:bf:a6:83:10:5d:b7:cd:a0:92:8f:d0:
f8:47:8b:2c:7e:50:c8:4d:79:84:56:4a:c7:e1:74:b1:b4:86:
c2:cb:d1:73:36:eb:b4:e1:ad:e6:d7:f4:9c:fd:a1:f4:16:fb:
b8:4c:1d:cb:66:98:2a:5f:ab:bb:73:63:53:d1:71:1d:63:7a:
2e:42:af:9b:7a:6b:91:e1:b7:51:ee:cc:01:67:3d:e9:53:fe:
15:2c:e3:b6:b5:1b:de:66:99:c1:f9:94:62:02:4e:c3:a0:bd:
17:e1:b2:c6:4e:b9:91:f6:90:dd:b9:90:a3:34:0f:4d:1f:5a:
2c:81:99:a6:b2:fa:b0:31:32:80:71:d2:5a:1b:3b:da:41:b0:
30:e3:e3:fa:27:4d:22:8f:c5:11:e2:35:51:32:71:da:87:64:
e0:8d:8a:9f
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUZhv96nQ75/bTtx3qg+lFVLxYh9YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNDQzNDQwMDAwMTEwLwYDVQQFEyg5NEEyRjE2REY0
MTdDMzJFMDU3QUEyNjhDMEU1MkM3MEQxQTQwNkM1MB4XDTI0MDcyNzE3MjgwMFoX
DTI1MDcyNjE3MzMwMFowMzExMC8GA1UEAxMoNzBCNUJFMjU4MjQyQzI5MkQ1MzIy
Njc1OUNBMTlBRDU5QzNDQjMzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0MxstCVwikripaaap+/IqIkKVBjPXme75g/7SAa8KxSNRiYz9IGFuX0yAm
wicmxXVI21OBkcstVEN7CfQ5cfv8ghbHhwFX/0L+FK1bGkHBmfbdlqIrXfbALsAN
PPB/5fxHF2z617cnEulmlOXQsPMzYwIC2J6wnS1Uum4zGGLs+/Gal5KdSYd4K578
LaZ28BoEe3K6x72OXlHVuIey2Xy0641fQ25OYbh28HdXrn85TBrV3kNUEsjG80Oa
XU6zPtdP1Z75UkbpGVhNz6pKwhHInUKjUKCvI6pABYQQvwys7vGKjjDRfKQ5QMWw
K1T4J4jKu4iS6vt2/uWAC5GqwrsCAwEAAaOCAmIwggJeMB0GA1UdDgQWBBRwtb4l
gkLCktUyJnWcoZrVnDyzMTAfBgNVHSMEGDAWgBSUovFt9BfDLgV6omjA5Sxw0aQG
xTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84ZDVjZDE0ZS01
ZjYzLTRmMWMtOTRlMy0yNzA1MGMyNjY0ODAvMy85NEEyRjE2REY0MTdDMzJFMDU3
QUEyNjhDMEU1MkM3MEQxQTQwNkM1LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB
BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sS0x4YmZRWHd5NEZlcUpvd09Vc2NO
R2tCc1UuY2VyMIG1BggrBgEFBQcBCwSBqDCBpTCBogYIKwYBBQUHMAuGgZVyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzhkNWNkMTRl
LTVmNjMtNGYxYy05NGUzLTI3MDUwYzI2NjQ4MC8zLzMyMzAzMDMxM2E2NDY2MzQz
YTMxNjQ2MzMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNTMzMzEzNzM1LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAIAEN9B3AMA0GCSqGSIb3DQEBCwUAA4IBAQAZlOdwZd0YNyneCv+U
DOB9BckJTE7dmqDg6O39zld2axWzp0nbaB+xv/wKp01ufcUwTdA6uYHKSCdxr04w
bIUYRrYyLzNfrFBWBTI0lJ4pQ/KpdfpASNPRJ72qDzoESOSRv6aDEF23zaCSj9D4
R4ssflDITXmEVkrH4XSxtIbCy9FzNuu04a3m1/Sc/aH0Fvu4TB3LZpgqX6u7c2NT
0XEdY3ouQq+bemuR4bdR7swBZz3pU/4VLOO2tRveZpnB+ZRiAk7DoL0X4bLGTrmR
9pDduZCjNA9NH1osgZmmsvqwMTKAcdJaGzvaQbAw4+P6J00ij8UR4jVRMnHah2Tg
jYqf
Generated at Fri Aug 2 21:24:08 2024 by rpki-client on console-ams.rpki-client.org