Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35392e302f32342d3234203d3e203631313338.roa
File: 33312e362e35392e302f32342d3234203d3e203631313338.roa (raw, json)
Hash identifier: yeQbHGo5cworBVcYles3pTo+OvsP0w8pFWeptqC0kXo=
Subject key identifier: 4D:36:FF:F3:13:F6:FD:22:EA:9F:14:FB:00:60:70:47:E1:1A:50:0D
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 6165CE2EDB7CD8DD542A5F9849BE05861D5E4A0F
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35392e302f32342d3234203d3e203631313338.roa
Signing time: Wed 22 Mar 2023 15:29:48 +0000
ROA not before: Wed 22 Mar 2023 15:24:48 +0000
ROA not after: Wed 20 Mar 2024 15:29:48 +0000
asID: 61138
IP address blocks: 31.6.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:65:ce:2e:db:7c:d8:dd:54:2a:5f:98:49:be:05:86:1d:5e:4a:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Mar 22 15:24:48 2023 GMT
Not After : Mar 20 15:29:48 2024 GMT
Subject: CN=4D36FFF313F6FD22EA9F14FB00607047E11A500D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9c:31:1d:58:e9:ee:85:2c:76:98:6b:92:0e:
c6:12:20:05:50:20:6c:3c:96:d1:41:c8:13:74:e5:
e2:9b:5a:e7:75:4c:77:1a:48:15:cd:4e:a3:07:90:
c7:30:cc:25:1a:ba:88:c2:a3:dc:5b:8a:f4:48:c5:
4c:f2:7a:66:e1:d6:c1:f4:7d:2c:9e:a6:2c:fe:68:
a8:34:8d:ca:53:5a:50:57:34:0e:03:77:19:58:26:
f6:0a:60:15:0b:2f:0e:b8:18:3e:a6:5f:0a:47:b1:
e6:37:5b:bc:5e:f3:91:2a:76:65:e1:e2:88:82:46:
86:9a:9a:1d:fd:5b:6a:36:49:35:bb:2d:31:a4:86:
10:4b:75:0f:92:81:95:c8:44:10:64:5b:03:5f:52:
5e:3b:16:cf:57:0f:28:65:37:10:13:20:f8:26:b6:
0c:1a:e3:48:06:54:9c:06:ec:c1:90:04:23:07:f5:
86:0d:87:c8:c8:6a:af:a3:e4:d3:ed:cd:f7:b1:b6:
86:fe:34:8d:cd:df:05:e9:56:b9:09:bf:86:7c:2e:
36:4e:99:1a:aa:b1:71:ab:28:62:35:e1:fa:07:6e:
d4:32:95:2b:f5:76:e1:6c:fc:ed:04:d2:1b:ff:4e:
51:f2:66:a3:63:9d:06:0b:95:cb:ac:23:74:b3:42:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:36:FF:F3:13:F6:FD:22:EA:9F:14:FB:00:60:70:47:E1:1A:50:0D
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35392e302f32342d3234203d3e203631313338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.59.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d0:8c:51:08:3a:28:d2:49:4e:e4:07:d3:4f:83:d6:33:9d:
67:cf:f8:eb:7b:2f:a5:46:08:0f:32:8e:dd:06:35:6c:96:dc:
c3:ce:6e:02:59:8d:c8:85:76:31:2b:3c:24:8d:a3:4d:6c:22:
cb:21:bf:b7:a6:62:70:5e:4e:4c:a4:18:61:b4:0b:d3:98:bb:
04:fe:a1:af:02:7c:16:2e:8f:d6:28:a3:ee:77:86:df:4c:fe:
2b:94:b8:8c:d1:3e:9d:a5:24:26:c3:7b:43:7d:8b:07:ac:28:
3e:49:c1:16:4e:73:6c:7b:53:a5:86:8a:e3:9d:92:77:8a:de:
48:ce:f6:91:c3:46:39:6c:85:25:45:fd:cf:4a:b0:76:ff:3f:
a0:80:97:95:a3:4f:04:68:80:b8:62:09:33:84:e7:fa:be:ef:
e7:d7:ba:4e:d5:98:0b:2b:a2:a7:3e:e6:83:14:92:76:26:46:
f2:fb:f4:f3:c4:7e:43:fc:af:66:d3:98:0f:f9:80:58:7e:1d:
7c:3f:26:b3:05:0d:28:ed:07:4c:c7:1f:e8:e4:79:3f:ac:ba:
44:0d:f8:02:59:32:13:7a:59:1d:aa:66:4d:58:10:1c:61:2c:
02:f3:b2:55:27:66:a9:52:7e:c6:d0:43:c4:78:e2:ac:41:4d:
7d:b1:32:2c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUYWXOLtt82N1UKl+YSb4Fhh1eSg8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDhaFw0yNDAzMjAxNTI5NDhaMDMxMTAvBgNV
BAMTKDREMzZGRkYzMTNGNkZEMjJFQTlGMTRGQjAwNjA3MDQ3RTExQTUwMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9nDEdWOnuhSx2mGuSDsYSIAVQ
IGw8ltFByBN05eKbWud1THcaSBXNTqMHkMcwzCUauojCo9xbivRIxUzyembh1sH0
fSyepiz+aKg0jcpTWlBXNA4DdxlYJvYKYBULLw64GD6mXwpHseY3W7xe85EqdmXh
4oiCRoaamh39W2o2STW7LTGkhhBLdQ+SgZXIRBBkWwNfUl47Fs9XDyhlNxATIPgm
tgwa40gGVJwG7MGQBCMH9YYNh8jIaq+j5NPtzfextob+NI3N3wXpVrkJv4Z8LjZO
mRqqsXGrKGI14foHbtQylSv1duFs/O0E0hv/TlHyZqNjnQYLlcusI3SzQgBtAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUTTb/8xP2/SLqnxT7AGBwR+EaUA0wHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTM1MzkyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzEzMzM4LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHwY7MA0G
CSqGSIb3DQEBCwUAA4IBAQAd0IxRCDoo0klO5AfTT4PWM51nz/jrey+lRggPMo7d
BjVsltzDzm4CWY3IhXYxKzwkjaNNbCLLIb+3pmJwXk5MpBhhtAvTmLsE/qGvAnwW
Lo/WKKPud4bfTP4rlLiM0T6dpSQmw3tDfYsHrCg+ScEWTnNse1OlhorjnZJ3it5I
zvaRw0Y5bIUlRf3PSrB2/z+ggJeVo08EaIC4YgkzhOf6vu/n17pO1ZgLK6KnPuaD
FJJ2Jkby+/TzxH5D/K9m05gP+YBYfh18PyazBQ0o7QdMxx/o5Hk/rLpEDfgCWTIT
elkdqmZNWBAcYSwC87JVJ2apUn7G0EPEeOKsQU19sTIs
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:48 2023 by rpki-client on console-ams.rpki-client.org