Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/1/326130373a323438373a3a2f33322d3332203d3e20323135383238.roa
File: 326130373a323438373a3a2f33322d3332203d3e20323135383238.roa (raw, json)
Hash identifier: Z49IbYhzjoOp7cP7CAebTT5tzetU+Sdtirxm5WRVqZs=
Subject key identifier: C5:3E:63:D5:6E:34:BF:F9:B1:BB:BD:6B:82:F6:70:BC:F2:E2:48:3B
Certificate issuer: /CN=66D2F438D4B7E19C3D74AB88A9B399F011B22519
Certificate serial: 1095026587E2CAE4DC7CC49965F18557D16D7E9E
Authority key identifier: 66:D2:F4:38:D4:B7:E1:9C:3D:74:AB:88:A9:B3:99:F0:11:B2:25:19
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/a91c8269-451e-4d0d-93e4-d111ec8ddcee/0/66D2F438D4B7E19C3D74AB88A9B399F011B22519.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/1/326130373a323438373a3a2f33322d3332203d3e20323135383238.roa
Signing time: Sun 25 Feb 2024 18:15:50 +0000
ROA not before: Sun 25 Feb 2024 18:10:50 +0000
ROA not after: Sun 23 Feb 2025 18:15:50 +0000
asID: 215828
IP address blocks: 2a07:2487::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Feb 2024 09:40:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:95:02:65:87:e2:ca:e4:dc:7c:c4:99:65:f1:85:57:d1:6d:7e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66D2F438D4B7E19C3D74AB88A9B399F011B22519
Validity
Not Before: Feb 25 18:10:50 2024 GMT
Not After : Feb 23 18:15:50 2025 GMT
Subject: CN=C53E63D56E34BFF9B1BBBD6B82F670BCF2E2483B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e0:3a:01:eb:10:35:c4:dc:40:52:88:e4:da:
68:c2:83:a5:f0:13:ed:35:0c:a6:e9:ab:57:9c:2b:
fa:4a:c4:14:d5:c1:3d:e9:fb:7e:5c:30:f5:79:bc:
5f:4f:64:66:4f:e1:3c:96:60:c2:bb:35:de:fe:60:
32:6c:45:04:9b:38:2a:ee:83:46:95:50:01:b8:c1:
58:57:f3:f2:e1:f7:fb:60:ef:80:a7:c5:7f:8b:f7:
af:49:8c:6c:83:b5:bf:fb:e8:92:a8:72:10:d7:84:
d6:d5:69:9d:45:62:78:89:64:08:43:3e:e3:dc:b9:
d0:2f:6b:4a:5a:43:43:8b:3e:2d:fe:a5:e2:2f:86:
c4:13:f4:b9:c2:c8:14:a9:60:17:a5:bc:3b:ba:e6:
f1:ef:28:be:3e:ee:79:40:ab:17:96:e2:46:16:07:
b8:ab:4e:ed:45:d7:3d:e1:63:60:bb:00:14:5c:6d:
4c:b3:21:e3:5f:8d:78:4d:20:f1:ad:74:05:3a:30:
13:db:0d:cd:96:2d:3d:9e:5a:98:6f:b6:a4:61:ce:
98:d4:1b:3f:5e:c6:2b:7c:74:15:73:c8:5c:b6:cf:
79:04:c8:ff:85:e7:f3:8d:23:d4:85:2e:89:7b:b5:
82:02:4a:ea:d1:03:81:a2:94:d6:62:8a:ee:39:b1:
47:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3E:63:D5:6E:34:BF:F9:B1:BB:BD:6B:82:F6:70:BC:F2:E2:48:3B
X509v3 Authority Key Identifier:
keyid:66:D2:F4:38:D4:B7:E1:9C:3D:74:AB:88:A9:B3:99:F0:11:B2:25:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/1/66D2F438D4B7E19C3D74AB88A9B399F011B22519.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/a91c8269-451e-4d0d-93e4-d111ec8ddcee/0/66D2F438D4B7E19C3D74AB88A9B399F011B22519.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/1/326130373a323438373a3a2f33322d3332203d3e20323135383238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2487::/32
Signature Algorithm: sha256WithRSAEncryption
1e:ad:8f:0b:29:bd:f2:b9:0b:b4:2b:13:7c:0f:83:f3:57:d4:
27:d9:90:86:94:5e:d6:64:ca:73:65:de:f8:e7:a1:d8:6b:60:
c8:bd:bd:09:29:ec:a4:66:ae:e6:97:67:fc:59:9b:b6:82:b4:
2c:c8:82:0f:b8:bd:a4:65:a4:27:6d:23:85:31:26:b8:18:ee:
36:40:45:6b:ab:21:f9:17:10:da:9f:f6:26:63:7b:bc:b6:2b:
0e:f2:32:0c:5e:2a:8b:05:78:12:7d:d3:dd:d5:34:d4:0e:81:
48:05:59:0c:6f:1a:96:8d:35:6d:f2:be:cc:07:29:b5:81:8d:
74:d1:8a:a3:ad:06:7b:6d:3c:08:4b:e7:42:ce:4b:50:56:f7:
7b:25:6d:e8:c1:55:09:28:7f:36:ce:d6:7c:d6:71:01:1a:8a:
16:97:3c:a6:58:19:fb:3a:a9:df:da:28:09:c1:6c:c9:74:36:
a1:ec:23:a4:f4:11:ed:dc:d4:e3:9b:a9:74:fa:83:37:58:c6:
24:49:a1:c0:90:2d:37:92:9b:53:91:17:59:87:22:6c:9b:56:
2e:be:4b:fa:8c:db:ff:6a:b0:3a:ff:8a:91:12:0f:3e:fd:0e:
2e:ce:56:7e:6e:d4:61:d0:be:1f:8b:91:b3:f4:8f:9c:83:d9:
45:c3:1f:01
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUEJUCZYfiyuTcfMSZZfGFV9Ftfp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjZEMkY0MzhENEI3RTE5QzNENzRBQjg4QTlCMzk5RjAx
MUIyMjUxOTAeFw0yNDAyMjUxODEwNTBaFw0yNTAyMjMxODE1NTBaMDMxMTAvBgNV
BAMTKEM1M0U2M0Q1NkUzNEJGRjlCMUJCQkQ2QjgyRjY3MEJDRjJFMjQ4M0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC54DoB6xA1xNxAUojk2mjCg6Xw
E+01DKbpq1ecK/pKxBTVwT3p+35cMPV5vF9PZGZP4TyWYMK7Nd7+YDJsRQSbOCru
g0aVUAG4wVhX8/Lh9/tg74CnxX+L969JjGyDtb/76JKochDXhNbVaZ1FYniJZAhD
PuPcudAva0paQ0OLPi3+peIvhsQT9LnCyBSpYBelvDu65vHvKL4+7nlAqxeW4kYW
B7irTu1F1z3hY2C7ABRcbUyzIeNfjXhNIPGtdAU6MBPbDc2WLT2eWphvtqRhzpjU
Gz9exit8dBVzyFy2z3kEyP+F5/ONI9SFLol7tYICSurRA4GilNZiiu45sUcFAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUxT5j1W40v/mxu71rgvZwvPLiSDswHwYDVR0j
BBgwFoAUZtL0ONS34Zw9dKuIqbOZ8BGyJRkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWMwZWQwNDYtZmE5NS00NWMzLTkxNDYtOTcxZGI4YTll
OGJiLzEvNjZEMkY0MzhENEI3RTE5QzNENzRBQjg4QTlCMzk5RjAxMUIyMjUxOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hOTFjODI2OS00NTFlLTRk
MGQtOTNlNC1kMTExZWM4ZGRjZWUvMC82NkQyRjQzOEQ0QjdFMTlDM0Q3NEFCODhB
OUIzOTlGMDExQjIyNTE5LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUF
BzALhoGNcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85YzBlZDA0Ni1mYTk1LTQ1YzMtOTE0Ni05NzFkYjhhOWU4YmIvMS8zMjYxMzAz
NzNhMzIzNDM4MzczYTNhMmYzMzMyMmQzMzMyMjAzZDNlMjAzMjMxMzUzODMyMzgu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAqBySHMA0GCSqGSIb3DQEBCwUAA4IBAQAerY8LKb3yuQu0KxN8
D4PzV9Qn2ZCGlF7WZMpzZd7456HYa2DIvb0JKeykZq7ml2f8WZu2grQsyIIPuL2k
ZaQnbSOFMSa4GO42QEVrqyH5FxDan/YmY3u8tisO8jIMXiqLBXgSfdPd1TTUDoFI
BVkMbxqWjTVt8r7MBym1gY100YqjrQZ7bTwIS+dCzktQVvd7JW3owVUJKH82ztZ8
1nEBGooWlzymWBn7Oqnf2igJwWzJdDah7COk9BHt3NTjm6l0+oM3WMYkSaHAkC03
kptTkRdZhyJsm1Yuvkv6jNv/arA6/4qREg8+/Q4uzlZ+btRh0L4fi5Gz9I+cg9lF
wx8B
-----END CERTIFICATE-----
Generated at Wed Feb 28 14:19:40 2024 by rpki-client on console-ams.rpki-client.org