Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/326130393a353463363a653030333a3a2f34382d3438203d3e203136353039.roa
File: 326130393a353463363a653030333a3a2f34382d3438203d3e203136353039.roa (raw, json)
Hash identifier: Y3w/0YA9v004Fy0WjsKI765IGmHUJCOMZ+ggb2q/S5U=
Subject key identifier: 61:CD:E1:00:11:7C:DD:C6:D3:CE:7F:2E:CC:C3:AA:1D:AA:AD:89:28
Certificate issuer: /CN=1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40
Certificate serial: 428ADBD3B2C6863D212B8A6950A63EE56F661B35
Authority key identifier: 1D:A3:1F:62:E9:7F:E6:A2:A3:8D:8F:39:84:FE:D6:E3:13:D1:BC:40
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/326130393a353463363a653030333a3a2f34382d3438203d3e203136353039.roa
Signing time: Sun 08 Sep 2024 13:24:46 +0000
ROA not before: Sun 08 Sep 2024 13:19:46 +0000
ROA not after: Sun 07 Sep 2025 13:24:46 +0000
asID: 16509
IP address blocks: 2a09:54c6:e003::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 08 Sep 2024 23:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:8a:db:d3:b2:c6:86:3d:21:2b:8a:69:50:a6:3e:e5:6f:66:1b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40
Validity
Not Before: Sep 8 13:19:46 2024 GMT
Not After : Sep 7 13:24:46 2025 GMT
Subject: CN=61CDE100117CDDC6D3CE7F2ECCC3AA1DAAAD8928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6d:39:e7:e3:4b:e4:40:85:c0:15:fd:07:35:
74:55:dd:10:1b:94:d8:67:76:6f:1a:ab:be:27:51:
8a:45:6a:32:3e:b7:f0:37:e9:fa:50:07:63:f0:75:
38:e5:73:a2:54:23:1b:e4:1a:53:8e:f0:10:01:ec:
85:8b:0a:74:df:4d:8b:e4:b7:33:88:10:d4:29:58:
cf:4d:b1:dc:35:7d:e9:80:b7:84:a7:ab:80:a5:17:
bb:4a:66:fe:2e:7e:7a:d5:94:d7:2f:a8:cc:23:3b:
f6:76:c9:ee:9c:f9:65:d3:6c:e4:ff:e1:ef:96:82:
41:b2:0c:2c:44:a6:30:d3:a2:8b:06:11:0b:6e:27:
f8:e9:c5:fd:11:d1:68:85:3c:80:1b:67:cc:38:54:
ae:c4:6f:2d:e5:17:80:0e:85:8c:ce:06:c2:1f:2c:
6d:01:c9:cd:ba:7a:87:d9:fa:d8:85:ee:3f:ad:86:
12:06:81:c6:ea:93:13:4b:60:22:7f:e4:25:10:fb:
43:f8:b5:cf:57:33:f6:7f:99:99:5e:b5:3c:18:67:
06:c7:7f:a0:b4:3a:b2:49:55:06:01:23:68:6d:79:
fe:99:de:1e:f2:67:6f:77:a4:41:81:7b:9e:39:66:
d7:b3:a2:7e:90:f9:51:11:91:43:33:77:59:f4:31:
08:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CD:E1:00:11:7C:DD:C6:D3:CE:7F:2E:CC:C3:AA:1D:AA:AD:89:28
X509v3 Authority Key Identifier:
keyid:1D:A3:1F:62:E9:7F:E6:A2:A3:8D:8F:39:84:FE:D6:E3:13:D1:BC:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/1DA31F62E97FE6A2A38D8F3984FED6E313D1BC40.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9566443b-dff4-4d13-bb81-72c8630d6df6/1/326130393a353463363a653030333a3a2f34382d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:54c6:e003::/48
Signature Algorithm: sha256WithRSAEncryption
9d:73:9d:04:96:41:7b:8e:b8:ff:64:66:91:cd:d8:75:a2:8a:
86:98:82:f3:f6:1a:c1:18:fa:c3:a5:01:c2:36:bc:39:84:e6:
e7:9d:d5:68:46:23:28:2e:d1:0a:3d:8a:35:aa:42:62:6b:05:
98:77:74:de:ab:63:d6:f4:8d:d1:91:dd:48:ed:b3:cd:ac:68:
03:7b:24:ea:70:5b:08:05:52:d0:79:13:0c:4b:f0:41:a0:0f:
9b:3c:b7:5b:97:ca:73:88:16:e9:b2:39:d2:a8:4c:f9:cd:0c:
71:98:21:73:27:f7:0d:1a:f2:40:ee:50:47:3e:38:92:27:18:
75:11:2f:94:31:69:92:24:bf:30:75:81:3b:bc:a6:a2:1e:be:
64:33:48:b8:c4:08:29:ed:79:79:c7:3a:c7:7d:87:b0:5e:8f:
dc:c6:55:4d:fa:b4:19:99:a8:6a:f5:f7:5f:47:75:00:28:d3:
6b:55:9a:8e:47:80:04:e7:84:b0:fe:98:04:a9:a8:d8:84:4c:
ed:04:c9:2f:29:87:aa:60:1b:8b:e0:35:a2:f3:18:a0:c5:17:
4c:dc:b4:c1:6d:20:cc:e9:50:11:0b:c1:30:7e:99:1b:df:54:
3d:d7:99:ea:e0:10:ca:94:06:02:fb:89:2a:ae:c1:13:c9:ac:
90:3d:db:4e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUQorb07LGhj0hK4ppUKY+5W9mGzUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMURBMzFGNjJFOTdGRTZBMkEzOEQ4RjM5ODRGRUQ2RTMx
M0QxQkM0MDAeFw0yNDA5MDgxMzE5NDZaFw0yNTA5MDcxMzI0NDZaMDMxMTAvBgNV
BAMTKDYxQ0RFMTAwMTE3Q0REQzZEM0NFN0YyRUNDQzNBQTFEQUFBRDg5MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmbTnn40vkQIXAFf0HNXRV3RAb
lNhndm8aq74nUYpFajI+t/A36fpQB2PwdTjlc6JUIxvkGlOO8BAB7IWLCnTfTYvk
tzOIENQpWM9Nsdw1femAt4Snq4ClF7tKZv4ufnrVlNcvqMwjO/Z2ye6c+WXTbOT/
4e+WgkGyDCxEpjDToosGEQtuJ/jpxf0R0WiFPIAbZ8w4VK7Eby3lF4AOhYzOBsIf
LG0Byc26eofZ+tiF7j+thhIGgcbqkxNLYCJ/5CUQ+0P4tc9XM/Z/mZletTwYZwbH
f6C0OrJJVQYBI2htef6Z3h7yZ293pEGBe545Ztezon6Q+VERkUMzd1n0MQgxAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUYc3hABF83cbTzn8uzMOqHaqtiSgwHwYDVR0j
BBgwFoAUHaMfYul/5qKjjY85hP7W4xPRvEAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTU2NjQ0M2ItZGZmNC00ZDEzLWJiODEtNzJjODYzMGQ2
ZGY2LzEvMURBMzFGNjJFOTdGRTZBMkEzOEQ4RjM5ODRGRUQ2RTMxM0QxQkM0MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC8xREEzMUY2MkU5N0ZFNkEyQTM4RDhGMzk4
NEZFRDZFMzEzRDFCQzQwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85NTY2NDQzYi1kZmY0LTRkMTMtYmI4MS03MmM4NjMwZDZkZjYvMS8zMjYxMzAz
OTNhMzUzNDYzMzYzYTY1MzAzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz
NjM1MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoJVMbgAzANBgkqhkiG9w0BAQsFAAOCAQEAnXOd
BJZBe464/2Rmkc3YdaKKhpiC8/YawRj6w6UBwja8OYTm553VaEYjKC7RCj2KNapC
YmsFmHd03qtj1vSN0ZHdSO2zzaxoA3sk6nBbCAVS0HkTDEvwQaAPmzy3W5fKc4gW
6bI50qhM+c0McZghcyf3DRryQO5QRz44kicYdREvlDFpkiS/MHWBO7ymoh6+ZDNI
uMQIKe15ecc6x32HsF6P3MZVTfq0GZmoavX3X0d1ACjTa1WajkeABOeEsP6YBKmo
2IRM7QTJLymHqmAbi+A1ovMYoMUXTNy0wW0gzOlQEQvBMH6ZG99UPdeZ6uAQypQG
AvuJKq7BE8mskD3bTg==
-----END CERTIFICATE-----
Generated at Mon Sep 9 00:04:22 2024 by rpki-client on console-fra.rpki-client.org