Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35322e302f32322d3234203d3e2033333230.roa
File: 33312e362e35322e302f32322d3234203d3e2033333230.roa (raw, json)
Hash identifier: Xgq0Xb75OsySy/5uzW/SC9osLFNR/3wz4HLZ6D5djPM=
Subject key identifier: DD:25:03:C6:44:15:F9:E4:F0:CF:82:94:22:AC:04:9B:21:BA:15:F0
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 5800A65E470426B0CBF5813A9DE8A38DD68DC617
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35322e302f32322d3234203d3e2033333230.roa
Signing time: Wed 22 Mar 2023 15:29:47 +0000
ROA not before: Wed 22 Mar 2023 15:24:47 +0000
ROA not after: Wed 20 Mar 2024 15:29:47 +0000
asID: 3320
IP address blocks: 31.6.52.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:00:a6:5e:47:04:26:b0:cb:f5:81:3a:9d:e8:a3:8d:d6:8d:c6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Mar 22 15:24:47 2023 GMT
Not After : Mar 20 15:29:47 2024 GMT
Subject: CN=DD2503C64415F9E4F0CF829422AC049B21BA15F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:42:17:35:01:48:dd:99:58:1f:1b:1a:37:aa:
7b:fa:4e:5b:e1:49:1a:7d:45:71:06:d0:32:f4:bd:
e9:12:ad:1a:45:c7:d9:ec:53:e7:89:03:29:53:69:
7a:5a:83:1f:d4:03:0c:29:bc:58:9d:c3:13:eb:36:
2b:72:93:1c:09:7c:3e:60:f4:51:11:9b:3f:9c:03:
a5:15:ed:0d:9c:87:48:c4:06:7e:cf:6d:b1:d9:a8:
16:11:82:17:6e:15:bb:72:f7:fe:9d:db:d5:72:74:
88:93:c9:a0:42:4a:61:97:9a:4d:37:95:0e:94:f3:
d4:bd:1a:2e:de:4c:54:da:ff:2f:92:eb:e3:68:ca:
b0:ef:62:a8:01:bc:4f:9c:64:37:f1:bc:6e:dd:d5:
58:04:25:c6:cb:7d:19:31:98:2a:04:84:17:fd:13:
af:42:3f:cd:be:11:1a:db:73:c0:4e:70:9a:6f:b7:
94:4d:3d:47:b9:15:b2:31:1a:cb:e4:22:cb:72:44:
06:2e:e6:dd:a8:f2:92:28:6b:0d:db:42:ba:ae:b4:
7e:1c:ee:ce:5d:22:e8:01:23:e4:9e:0b:26:09:98:
34:16:0b:9b:00:95:2a:43:ff:9e:eb:df:96:b1:1d:
ee:45:2f:5d:32:8c:c4:9c:10:2a:a8:2d:96:4b:a2:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:25:03:C6:44:15:F9:E4:F0:CF:82:94:22:AC:04:9B:21:BA:15:F0
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35322e302f32322d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.52.0/22
Signature Algorithm: sha256WithRSAEncryption
97:18:b6:6d:df:98:38:29:60:f3:92:10:d4:63:bc:af:69:b3:
3c:44:39:49:72:9d:7f:8f:f3:3c:c0:98:8e:4b:8e:b8:97:84:
a0:26:c3:93:de:dd:f6:d1:af:60:0e:58:0f:d2:cb:57:4a:c9:
73:ef:60:ec:51:62:99:a2:62:63:57:5d:fd:52:a4:2f:e9:4a:
5f:cd:50:24:97:33:08:d5:f3:e1:99:14:e2:09:9d:c1:67:a3:
40:05:df:e2:96:f1:9c:cc:b5:ec:f8:a5:89:c3:3e:b1:2a:2b:
91:e3:da:76:79:b3:4d:d1:8e:51:90:1e:2b:4e:fc:b5:9f:5b:
42:34:97:62:74:75:c0:52:ef:34:16:ed:9e:f6:1c:66:04:71:
88:0c:43:e8:6f:9a:d0:da:64:35:91:dd:fa:4a:d4:e4:d0:39:
7b:2a:92:1b:ba:fe:4b:52:42:e8:a6:44:e5:9a:f5:13:0c:7b:
80:2b:fc:71:29:cf:4d:9e:54:29:84:0c:fc:20:4e:89:a2:1e:
66:8f:eb:a9:64:a4:e2:d2:c6:21:b0:87:d2:ae:22:78:39:66:
99:bd:34:50:22:57:10:c4:c9:19:4b:27:09:e4:20:6a:ef:65:
10:7f:4d:90:e4:c7:7b:2d:8d:7a:42:d5:f7:e9:64:34:3a:56:
af:9f:36:95
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUWACmXkcEJrDL9YE6neijjdaNxhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDdaFw0yNDAzMjAxNTI5NDdaMDMxMTAvBgNV
BAMTKEREMjUwM0M2NDQxNUY5RTRGMENGODI5NDIyQUMwNDlCMjFCQTE1RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmQhc1AUjdmVgfGxo3qnv6Tlvh
SRp9RXEG0DL0vekSrRpFx9nsU+eJAylTaXpagx/UAwwpvFidwxPrNitykxwJfD5g
9FERmz+cA6UV7Q2ch0jEBn7PbbHZqBYRghduFbty9/6d29VydIiTyaBCSmGXmk03
lQ6U89S9Gi7eTFTa/y+S6+NoyrDvYqgBvE+cZDfxvG7d1VgEJcbLfRkxmCoEhBf9
E69CP82+ERrbc8BOcJpvt5RNPUe5FbIxGsvkIstyRAYu5t2o8pIoaw3bQrqutH4c
7s5dIugBI+SeCyYJmDQWC5sAlSpD/57r35axHe5FL10yjMScECqoLZZLonrzAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU3SUDxkQV+eTwz4KUIqwEmyG6FfAwHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTM1MzIyZTMw
MmYzMjMyMmQzMjM0MjAzZDNlMjAzMzMzMzIzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAh8GNDANBgkq
hkiG9w0BAQsFAAOCAQEAlxi2bd+YOClg85IQ1GO8r2mzPEQ5SXKdf4/zPMCYjkuO
uJeEoCbDk97d9tGvYA5YD9LLV0rJc+9g7FFimaJiY1dd/VKkL+lKX81QJJczCNXz
4ZkU4gmdwWejQAXf4pbxnMy17PilicM+sSorkePadnmzTdGOUZAeK078tZ9bQjSX
YnR1wFLvNBbtnvYcZgRxiAxD6G+a0NpkNZHd+krU5NA5eyqSG7r+S1JC6KZE5Zr1
Ewx7gCv8cSnPTZ5UKYQM/CBOiaIeZo/rqWSk4tLGIbCH0q4ieDlmmb00UCJXEMTJ
GUsnCeQgau9lEH9NkOTHey2NekLV9+lkNDpWr582lQ==
Generated at Tue Aug 8 00:29:12 2023 by rpki-client on console-fra.rpki-client.org