Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS2856.roa
File: AS2856.roa (raw, json)
Hash identifier: kbdI5GpZQ91uhnQLLA7DZP6+vz7l18WYh7H4NtPb0u8=
Subject key identifier: 1B:68:82:1A:B5:19:EA:99:9C:A7:19:0D:6F:9F:CC:C8:CE:89:BF:E6
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 496D3D0D54F4D71E42E787BE13421497D729541A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS2856.roa
Signing time: Tue 27 Dec 2022 14:44:40 +0000
ROA not before: Tue 27 Dec 2022 14:39:40 +0000
ROA not after: Tue 26 Dec 2023 14:44:40 +0000
asID: 2856
IP address blocks: 141.11.172.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:6d:3d:0d:54:f4:d7:1e:42:e7:87:be:13:42:14:97:d7:29:54:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Dec 27 14:39:40 2022 GMT
Not After : Dec 26 14:44:40 2023 GMT
Subject: CN=1B68821AB519EA999CA7190D6F9FCCC8CE89BFE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:07:90:39:e6:e3:fc:3c:19:50:44:2f:5f:79:
52:06:f8:aa:29:f8:2a:f8:5b:5e:4a:ac:75:c9:5a:
33:cb:56:1e:0f:73:7c:a2:3a:86:26:2f:d1:6c:ca:
db:d1:82:ed:5d:c0:53:38:cd:9c:7f:4f:61:53:fd:
33:96:d7:71:ca:6b:11:47:ba:0f:bf:7c:bb:8c:37:
fc:2d:bd:66:70:99:34:da:54:ad:df:15:86:62:99:
34:f9:54:76:34:82:72:17:0b:b5:5d:23:46:2c:36:
94:c2:38:7a:4b:f8:83:e2:b4:5c:68:1b:b3:41:51:
21:c7:01:89:3a:4f:03:ea:e4:d7:e6:25:8e:4b:8e:
38:35:6a:82:70:ab:db:02:ca:71:13:b3:20:2f:4e:
b2:9e:61:8e:02:11:11:e0:16:45:10:13:b9:04:52:
66:da:6d:cc:c2:fc:56:a3:ea:e5:0d:c9:92:2c:fa:
04:21:cd:c9:fa:2b:5b:62:17:3a:a9:8c:83:40:81:
a1:bf:6a:c7:6c:e9:e5:6d:9d:9b:4a:8a:d7:fd:64:
b7:86:1d:4e:be:09:21:4d:94:7f:2c:7d:4c:b0:cb:
d3:85:30:1e:d4:47:2e:9b:4c:db:a0:9e:2b:a3:8c:
65:c2:f3:27:59:19:b2:11:8f:7e:4a:24:b8:42:ed:
09:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:68:82:1A:B5:19:EA:99:9C:A7:19:0D:6F:9F:CC:C8:CE:89:BF:E6
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS2856.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:bb:72:73:7b:4b:29:e8:7a:0e:80:29:3c:54:95:ea:ea:a3:
7f:e9:b5:1a:57:a4:85:0b:ff:45:c2:c8:2c:92:56:e3:74:0b:
06:28:0f:41:73:c1:df:c2:8e:9b:51:37:7b:ac:9d:bd:a0:76:
18:13:28:87:27:97:ad:30:87:de:1b:49:45:56:82:9b:bb:fb:
27:57:60:d9:5a:11:bb:a5:c7:8e:86:e1:b0:bb:c8:9d:0a:e8:
17:b9:57:2d:fb:9a:d8:5f:07:71:a4:65:6e:7b:ec:0e:c9:e8:
7b:2e:80:c1:0b:89:2b:bd:13:ff:a7:2f:11:69:97:a5:a2:80:
17:2d:86:7f:05:ba:83:f1:60:f3:1b:9c:53:65:d5:58:54:b6:
23:7d:7a:4d:88:8f:46:22:c5:38:19:84:8c:78:7e:3d:fd:a0:
5c:56:ac:b2:b1:17:10:5d:46:4e:42:30:d9:81:1c:e9:5c:02:
3b:e1:5b:46:45:6b:7f:b4:1b:d1:0c:21:e6:08:bc:ee:27:46:
70:b7:31:80:46:9d:03:52:46:e3:73:a2:82:ac:96:1a:56:8e:
9c:7f:4b:64:8f:bf:ed:1e:3f:58:fd:6c:ed:c7:b7:a7:47:2f:
64:11:0d:55:55:c6:77:30:01:ac:57:71:00:24:e9:4f:ea:be:
93:1c:86:63
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUSW09DVT01x5C54e+E0IUl9cpVBowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMjEyMjcxNDM5NDBaFw0yMzEyMjYxNDQ0NDBaMDMxMTAvBgNV
BAMTKDFCNjg4MjFBQjUxOUVBOTk5Q0E3MTkwRDZGOUZDQ0M4Q0U4OUJGRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhB5A55uP8PBlQRC9feVIG+Kop
+Cr4W15KrHXJWjPLVh4Pc3yiOoYmL9FsytvRgu1dwFM4zZx/T2FT/TOW13HKaxFH
ug+/fLuMN/wtvWZwmTTaVK3fFYZimTT5VHY0gnIXC7VdI0YsNpTCOHpL+IPitFxo
G7NBUSHHAYk6TwPq5NfmJY5Ljjg1aoJwq9sCynETsyAvTrKeYY4CERHgFkUQE7kE
UmbabczC/Faj6uUNyZIs+gQhzcn6K1tiFzqpjINAgaG/asds6eVtnZtKitf9ZLeG
HU6+CSFNlH8sfUywy9OFMB7URy6bTNugniujjGXC8ydZGbIRj35KJLhC7QlPAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUG2iCGrUZ6pmcpxkNb5/MyM6Jv+YwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAo0LrDAN
BgkqhkiG9w0BAQsFAAOCAQEAtLtyc3tLKeh6DoApPFSV6uqjf+m1GlekhQv/RcLI
LJJW43QLBigPQXPB38KOm1E3e6ydvaB2GBMohyeXrTCH3htJRVaCm7v7J1dg2VoR
u6XHjobhsLvInQroF7lXLfua2F8HcaRlbnvsDsnoey6AwQuJK70T/6cvEWmXpaKA
Fy2GfwW6g/Fg8xucU2XVWFS2I316TYiPRiLFOBmEjHh+Pf2gXFassrEXEF1GTkIw
2YEc6VwCO+FbRkVrf7Qb0Qwh5gi87idGcLcxgEadA1JG43OigqyWGlaOnH9LZI+/
7R4/WP1s7ce3p0cvZBENVVXGdzABrFdxACTpT+q+kxyGYw==
-----END CERTIFICATE-----
Generated at Wed Nov 1 17:26:12 2023 by rpki-client on console-fra.rpki-client.org