Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e32302e302f32342d3234203d3e20383334.roa
File: 33312e362e32302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: Xl25u7xTrZCCr51KWcjTx01X8m2fxSoRoog7mH+VAfE=
Subject key identifier: 6E:F1:1D:00:BC:2E:21:4F:FD:01:86:C0:7F:27:67:89:22:3B:CA:EB
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 0C0645F5AED58612BA35A62D80195F8273EF3E59
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e32302e302f32342d3234203d3e20383334.roa
Signing time: Wed 22 Mar 2023 15:29:43 +0000
ROA not before: Wed 22 Mar 2023 15:24:43 +0000
ROA not after: Wed 20 Mar 2024 15:29:43 +0000
asID: 834
IP address blocks: 31.6.20.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:06:45:f5:ae:d5:86:12:ba:35:a6:2d:80:19:5f:82:73:ef:3e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Mar 22 15:24:43 2023 GMT
Not After : Mar 20 15:29:43 2024 GMT
Subject: CN=6EF11D00BC2E214FFD0186C07F276789223BCAEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:94:54:b0:d8:9a:b4:5e:c4:77:06:aa:54:
d9:16:35:9a:0a:5b:c5:0b:5e:7c:8e:ed:35:6d:12:
3b:46:19:38:02:43:ce:cd:bb:1d:ac:bb:ed:f7:04:
c3:f6:a3:e1:f3:d2:98:49:fc:01:bd:70:0a:7a:8d:
28:9d:2e:45:10:f4:3a:ad:d9:af:c8:7d:b8:c5:b1:
68:a6:be:46:5d:5d:ed:c7:67:93:31:92:60:76:23:
ca:75:d7:f3:fc:9e:c3:79:9a:04:6e:63:9e:ab:1f:
0d:9d:ff:02:f0:ce:d5:39:dd:13:94:0e:ef:ac:53:
fa:98:09:e4:cd:73:ec:3a:2c:31:d4:b7:15:7c:72:
70:ef:5c:50:03:34:b9:8b:0b:91:f5:79:fb:c8:e0:
6e:ea:79:7f:9c:3f:bb:35:c9:21:cd:8e:83:d5:02:
c9:96:84:75:43:cb:33:b0:83:c5:75:08:9c:15:e8:
64:15:57:8c:56:74:00:5d:ad:af:bd:3f:69:8b:12:
19:7d:61:ce:ae:e3:a8:38:6b:6b:35:36:df:94:db:
e2:c1:1e:5b:52:d6:31:48:3f:9a:d9:3f:4c:74:d1:
27:3d:30:51:6e:b6:9e:19:fe:2d:c0:96:73:c6:50:
81:42:b3:d6:67:8b:53:2a:1b:54:5c:a9:b0:ac:61:
0f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F1:1D:00:BC:2E:21:4F:FD:01:86:C0:7F:27:67:89:22:3B:CA:EB
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e32302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.20.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:d2:b6:f2:58:3b:18:a6:e0:ce:e9:d9:d1:ee:0f:11:7b:34:
09:52:b8:50:e0:b1:0e:8a:0f:2c:86:fd:8d:8c:91:b0:29:07:
87:8a:c6:ef:3b:8a:5d:05:b3:7d:bc:ad:7b:8f:55:25:ab:5a:
84:03:4e:05:9a:38:56:16:2f:c2:c3:13:b3:80:82:c5:84:43:
f4:f3:e3:00:90:4d:ca:89:13:b7:1b:12:9b:17:c4:1f:b4:9a:
0f:74:e9:04:d8:0c:83:c9:65:5d:d9:d8:3a:ec:fc:ef:bf:78:
71:1b:1a:6d:31:36:c7:fd:16:66:f2:92:73:61:ed:10:a5:20:
14:88:dc:0b:74:de:a6:1c:44:a5:0a:85:55:b0:16:19:ff:a7:
7f:94:8f:9b:3f:53:31:a7:80:b1:53:cd:1a:88:8f:19:85:0a:
25:45:03:75:04:55:b8:7f:3b:65:8f:f8:45:53:26:1b:6c:9c:
fd:13:16:aa:80:df:3a:7e:26:ec:05:00:dc:f2:79:1f:2a:de:
b8:6e:4e:5c:e0:3d:e8:e9:24:61:84:34:fc:b1:51:e2:9b:c6:
49:3b:93:43:fe:63:e2:b8:f3:ef:af:e3:21:d3:e6:e3:24:74:
25:46:15:46:27:8e:87:0c:f6:d0:c3:e0:5b:3f:7b:24:c4:54:
08:ac:8d:69
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUDAZF9a7VhhK6NaYtgBlfgnPvPlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDNaFw0yNDAzMjAxNTI5NDNaMDMxMTAvBgNV
BAMTKDZFRjExRDAwQkMyRTIxNEZGRDAxODZDMDdGMjc2Nzg5MjIzQkNBRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMgJRUsNiatF7EdwaqVNkWNZoK
W8ULXnyO7TVtEjtGGTgCQ87Nux2su+33BMP2o+Hz0phJ/AG9cAp6jSidLkUQ9Dqt
2a/IfbjFsWimvkZdXe3HZ5MxkmB2I8p11/P8nsN5mgRuY56rHw2d/wLwztU53ROU
Du+sU/qYCeTNc+w6LDHUtxV8cnDvXFADNLmLC5H1efvI4G7qeX+cP7s1ySHNjoPV
AsmWhHVDyzOwg8V1CJwV6GQVV4xWdABdra+9P2mLEhl9Yc6u46g4a2s1Nt+U2+LB
HltS1jFIP5rZP0x00Sc9MFFutp4Z/i3AlnPGUIFCs9Zni1MqG1RcqbCsYQ9BAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUbvEdALwuIU/9AYbAfydniSI7yuswHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTMyMzAyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBhQwDQYJKoZI
hvcNAQELBQADggEBAD7StvJYOxim4M7p2dHuDxF7NAlSuFDgsQ6KDyyG/Y2MkbAp
B4eKxu87il0Fs328rXuPVSWrWoQDTgWaOFYWL8LDE7OAgsWEQ/Tz4wCQTcqJE7cb
EpsXxB+0mg906QTYDIPJZV3Z2Drs/O+/eHEbGm0xNsf9FmbyknNh7RClIBSI3At0
3qYcRKUKhVWwFhn/p3+Uj5s/UzGngLFTzRqIjxmFCiVFA3UEVbh/O2WP+EVTJhts
nP0TFqqA3zp+JuwFANzyeR8q3rhuTlzgPejpJGGENPyxUeKbxkk7k0P+Y+K48++v
4yHT5uMkdCVGFUYnjocM9tDD4Fs/eyTEVAisjWk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:48 2023 by rpki-client on console-ams.rpki-client.org