Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e322e302f32342d3234203d3e203537313532.roa
File: 33312e362e322e302f32342d3234203d3e203537313532.roa (raw, json)
Hash identifier: 6ECwoRCZ9siEdpAyvMgv11EH/zAySPeF43mbybSoz6M=
Subject key identifier: F2:8E:A9:8C:4C:79:65:EC:8E:03:E1:AE:A1:4F:89:AD:B8:CA:19:DA
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 2D4BEA47A2E4E4AFC2945AE61043D07010C9BE25
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e322e302f32342d3234203d3e203537313532.roa
Signing time: Wed 22 Mar 2023 15:29:42 +0000
ROA not before: Wed 22 Mar 2023 15:24:42 +0000
ROA not after: Wed 20 Mar 2024 15:29:42 +0000
asID: 57152
IP address blocks: 31.6.2.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:4b:ea:47:a2:e4:e4:af:c2:94:5a:e6:10:43:d0:70:10:c9:be:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Mar 22 15:24:42 2023 GMT
Not After : Mar 20 15:29:42 2024 GMT
Subject: CN=F28EA98C4C7965EC8E03E1AEA14F89ADB8CA19DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:35:51:26:e4:15:d8:5c:34:8e:0b:69:1f:
66:e7:c4:ea:cc:ec:f5:56:aa:74:bf:e2:c4:f3:ff:
af:63:6f:5c:d6:6b:29:12:cb:1d:60:3b:33:30:36:
5d:ac:b2:f5:b0:cb:50:12:59:9c:12:fc:fc:d1:7b:
a2:48:d4:16:3a:d7:0b:4b:aa:8f:3a:c7:41:f0:8a:
8d:32:0d:de:8f:8e:e2:88:e9:4b:af:54:06:f5:04:
46:64:be:9f:6a:61:2a:7b:92:3d:09:bb:fc:04:a5:
28:99:fa:5f:a4:29:a8:2a:0f:b6:6f:1c:08:1d:65:
04:22:a4:11:a1:5a:dd:31:d8:8a:5d:27:ed:52:a2:
5c:70:74:2e:d5:68:ca:ae:a9:0c:b5:93:ed:67:95:
83:6d:25:9f:f3:01:4f:4e:13:ba:62:99:a9:0f:f3:
e0:40:ea:85:2c:e8:a1:7d:05:ed:9a:bd:99:e6:30:
0b:9a:72:45:99:9d:e8:b3:d0:94:ba:cc:3e:b4:f5:
ac:fb:43:e6:fa:57:d6:e5:9f:d9:b5:f4:75:44:6a:
5b:06:0e:72:47:e4:0d:d5:94:54:02:fc:d9:9b:66:
1e:09:98:83:4b:2a:a6:8e:62:60:97:26:47:ee:24:
86:ab:6d:78:05:6f:4a:04:a3:85:35:c2:86:df:ac:
fb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8E:A9:8C:4C:79:65:EC:8E:03:E1:AE:A1:4F:89:AD:B8:CA:19:DA
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e322e302f32342d3234203d3e203537313532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.2.0/24
Signature Algorithm: sha256WithRSAEncryption
19:aa:ed:9c:11:08:08:81:6a:a5:22:db:94:82:9d:61:8b:05:
02:47:3f:97:00:83:d3:97:15:dc:0f:55:8b:70:9f:82:c6:74:
14:5f:44:af:08:f4:70:54:92:9c:c2:cd:88:1e:c8:15:40:40:
aa:f4:2c:7d:09:da:32:ec:d1:2e:8f:fa:cc:ac:d2:d6:75:2d:
eb:a0:87:b5:52:e4:7d:db:cd:de:db:33:50:b6:d1:b4:14:b1:
c6:8a:21:d2:0f:42:23:b7:a2:ba:d1:33:94:37:39:39:be:84:
ef:8e:d5:27:22:34:8b:f2:dc:8a:c7:56:9b:bc:78:8a:e9:b9:
37:7b:66:9f:63:a6:2e:a7:5b:45:6c:7c:30:af:db:93:5f:05:
55:9e:b1:28:20:4f:97:62:4d:6b:9e:dc:8e:e1:1b:24:ae:ec:
f0:4d:97:15:55:aa:1f:d7:00:d2:c2:b7:38:77:4b:23:5b:b2:
72:48:d5:ce:33:9c:11:cf:fb:f2:b5:69:96:6b:97:d3:0c:88:
a6:2b:72:a2:61:5a:62:5f:ea:e2:39:f2:9c:07:89:cf:2b:77:
b6:ad:d9:37:ec:dc:c1:3f:08:7d:55:df:3a:67:cc:07:aa:41:
5e:4c:6f:7a:4c:07:74:39:70:81:5b:d8:a6:cd:9e:60:d8:cc:
ee:f3:7a:34
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIULUvqR6Lk5K/ClFrmEEPQcBDJviUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDJaFw0yNDAzMjAxNTI5NDJaMDMxMTAvBgNV
BAMTKEYyOEVBOThDNEM3OTY1RUM4RTAzRTFBRUExNEY4OUFEQjhDQTE5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCovzVRJuQV2Fw0jgtpH2bnxOrM
7PVWqnS/4sTz/69jb1zWaykSyx1gOzMwNl2ssvWwy1ASWZwS/PzRe6JI1BY61wtL
qo86x0Hwio0yDd6PjuKI6UuvVAb1BEZkvp9qYSp7kj0Ju/wEpSiZ+l+kKagqD7Zv
HAgdZQQipBGhWt0x2IpdJ+1SolxwdC7VaMquqQy1k+1nlYNtJZ/zAU9OE7pimakP
8+BA6oUs6KF9Be2avZnmMAuackWZneiz0JS6zD609az7Q+b6V9bln9m19HVEalsG
DnJH5A3VlFQC/NmbZh4JmINLKqaOYmCXJkfuJIarbXgFb0oEo4U1wobfrPtdAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU8o6pjEx5ZeyOA+GuoU+JrbjKGdowHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTMyMmUzMDJm
MzIzNDJkMzIzNDIwM2QzZTIwMzUzNzMxMzUzMi5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8GAjANBgkq
hkiG9w0BAQsFAAOCAQEAGartnBEICIFqpSLblIKdYYsFAkc/lwCD05cV3A9Vi3Cf
gsZ0FF9Erwj0cFSSnMLNiB7IFUBAqvQsfQnaMuzRLo/6zKzS1nUt66CHtVLkfdvN
3tszULbRtBSxxooh0g9CI7eiutEzlDc5Ob6E747VJyI0i/LcisdWm7x4ium5N3tm
n2OmLqdbRWx8MK/bk18FVZ6xKCBPl2JNa57cjuEbJK7s8E2XFVWqH9cA0sK3OHdL
I1uyckjVzjOcEc/78rVplmuX0wyIpityomFaYl/q4jnynAeJzyt3tq3ZN+zcwT8I
fVXfOmfMB6pBXkxvekwHdDlwgVvYps2eYNjM7vN6NA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:59 2023 by rpki-client on console-fra.rpki-client.org