Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3138352e32392e3136362e302f32342d3234203d3e20323131353835.roa
File: 3138352e32392e3136362e302f32342d3234203d3e20323131353835.roa (raw, json)
Hash identifier: Mgqk78KkLlk63uU0XtezaGbFbLfyU11QCHbo3xuMIvk=
Subject key identifier: 74:7A:3F:E3:59:8E:E3:1C:2D:26:ED:5E:1C:F8:AD:57:F9:D3:BE:4B
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 4D693E0E0584FD685438DEFB77B0AC285EAC1638
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3138352e32392e3136362e302f32342d3234203d3e20323131353835.roa
Signing time: Wed 22 Mar 2023 15:29:41 +0000
ROA not before: Wed 22 Mar 2023 15:24:41 +0000
ROA not after: Wed 20 Mar 2024 15:29:41 +0000
asID: 211585
IP address blocks: 185.29.166.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:69:3e:0e:05:84:fd:68:54:38:de:fb:77:b0:ac:28:5e:ac:16:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Mar 22 15:24:41 2023 GMT
Not After : Mar 20 15:29:41 2024 GMT
Subject: CN=747A3FE3598EE31C2D26ED5E1CF8AD57F9D3BE4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:21:37:4b:43:b7:3a:35:8b:95:4c:49:cd:17:
c0:9a:72:2c:5d:6a:20:16:d2:93:20:55:cc:91:28:
c2:11:46:8b:86:c3:95:07:41:a2:d4:7b:05:94:79:
1f:55:8d:88:0f:f3:be:11:c3:0e:54:18:c0:6a:ae:
e1:32:df:31:c1:33:c2:04:65:d1:f7:f1:3a:c4:21:
b3:3f:f4:b0:a8:c7:00:42:88:98:3e:de:9f:c5:8c:
fb:ff:53:d4:d1:c6:1f:3e:44:04:a8:30:6b:01:cb:
a9:e2:5c:26:65:60:ea:ee:9f:81:04:62:ad:20:ea:
fc:1c:e7:74:cb:74:06:e1:f6:2a:6c:f1:9b:d4:df:
81:89:b9:a3:7a:99:e0:e5:c2:c9:fb:7b:6a:81:72:
a8:35:d3:51:e2:b3:83:95:c7:bb:2b:8f:a7:34:cb:
df:18:b4:92:09:e1:13:8f:03:de:fc:cb:4e:c0:2d:
ba:6f:3d:3b:ff:c7:a8:57:f2:ee:79:1e:ab:18:56:
ae:7c:22:a8:33:5a:51:d5:d8:e9:30:d5:8d:15:13:
37:47:d7:36:fa:49:76:91:e4:51:a9:5f:a1:93:e8:
e2:cc:34:b7:7a:a1:45:2d:75:27:b7:ca:1f:35:84:
1f:0b:56:84:49:eb:3e:a2:06:4c:09:0b:03:22:78:
a3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7A:3F:E3:59:8E:E3:1C:2D:26:ED:5E:1C:F8:AD:57:F9:D3:BE:4B
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3138352e32392e3136362e302f32342d3234203d3e20323131353835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.166.0/24
Signature Algorithm: sha256WithRSAEncryption
18:f9:da:ac:c9:50:2c:ae:f6:b8:2f:12:5a:85:d8:e4:4f:8c:
92:63:20:45:96:1e:88:8a:a1:c7:08:4c:71:c3:7b:c1:97:0a:
c1:0f:9a:56:4b:4e:b8:c0:73:03:0f:bc:f5:f9:29:2e:40:c2:
e3:4a:22:29:da:d3:a5:37:81:59:09:b2:bc:d8:bf:26:85:7b:
d0:e1:36:bb:32:3b:71:af:36:c2:c4:52:f7:71:87:ea:b1:db:
9f:67:a2:da:6e:ab:99:39:f6:b6:7d:52:0c:44:6e:f5:f5:19:
2b:15:00:41:fb:d4:2a:89:c2:04:64:e3:85:e0:53:86:97:4c:
fe:95:25:9c:2e:b2:e7:9b:30:d5:eb:d4:af:a1:39:f9:f2:e3:
dc:dc:f8:a5:c3:54:c6:81:a3:b9:6b:62:93:89:3e:c6:31:de:
e5:31:91:34:8f:b2:15:9e:a6:ec:d3:af:5a:39:ea:ed:8e:2a:
ee:26:92:73:91:03:ff:f3:b1:cb:09:d1:97:a6:4e:05:0e:9a:
5d:cd:e9:ef:b5:a2:ad:f5:2a:c8:f7:2c:77:52:ca:47:70:79:
f1:a8:f4:59:fd:e9:79:ae:67:18:b6:95:e7:7c:fa:f1:ec:55:
92:b8:6b:e2:3b:a6:f0:f1:49:18:6d:9f:3f:bd:df:f4:a3:9b:
b0:4b:3f:80
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTWk+DgWE/WhUON77d7CsKF6sFjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDFaFw0yNDAzMjAxNTI5NDFaMDMxMTAvBgNV
BAMTKDc0N0EzRkUzNTk4RUUzMUMyRDI2RUQ1RTFDRjhBRDU3RjlEM0JFNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmITdLQ7c6NYuVTEnNF8Cacixd
aiAW0pMgVcyRKMIRRouGw5UHQaLUewWUeR9VjYgP874Rww5UGMBqruEy3zHBM8IE
ZdH38TrEIbM/9LCoxwBCiJg+3p/FjPv/U9TRxh8+RASoMGsBy6niXCZlYOrun4EE
Yq0g6vwc53TLdAbh9ips8ZvU34GJuaN6meDlwsn7e2qBcqg101His4OVx7srj6c0
y98YtJIJ4ROPA978y07ALbpvPTv/x6hX8u55HqsYVq58IqgzWlHV2Okw1Y0VEzdH
1zb6SXaR5FGpX6GT6OLMNLd6oUUtdSe3yh81hB8LVoRJ6z6iBkwJCwMieKPLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUdHo/41mO4xwtJu1eHPitV/nTvkswHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzEzODM1MmUzMjM5MmUzMTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzNTM4MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5HaYwDQYJKoZIhvcNAQELBQADggEBABj52qzJUCyu9rgvElqF2ORPjJJjIEWW
HoiKoccITHHDe8GXCsEPmlZLTrjAcwMPvPX5KS5AwuNKIina06U3gVkJsrzYvyaF
e9DhNrsyO3GvNsLEUvdxh+qx259notpuq5k59rZ9UgxEbvX1GSsVAEH71CqJwgRk
44XgU4aXTP6VJZwusuebMNXr1K+hOfny49zc+KXDVMaBo7lrYpOJPsYx3uUxkTSP
shWepuzTr1o56u2OKu4mknORA//zscsJ0ZemTgUOml3N6e+1oq31Ksj3LHdSykdw
efGo9Fn96XmuZxi2led8+vHsVZK4a+I7pvDxSRhtnz+93/Sjm7BLP4A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:59 2023 by rpki-client on console-fra.rpki-client.org