Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS3320.roa
File: AS3320.roa (raw, json)
Hash identifier: onfAC8waYGXWCo/uQmzjXrJlhFZvDNUBi9JaxXMrLqM=
Subject key identifier: D2:3D:D3:93:91:08:D8:86:0F:6F:50:4E:20:0D:91:0E:C6:7C:E0:2D
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 31CE5E819F1A6434A5FCFBB09F550E36E858B876
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS3320.roa
Signing time: Mon 25 Sep 2023 19:36:34 +0000
ROA not before: Mon 25 Sep 2023 19:31:34 +0000
ROA not after: Mon 23 Sep 2024 19:36:34 +0000
asID: 3320
IP address blocks: 141.11.238.0/23 maxlen: 24
141.11.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:ce:5e:81:9f:1a:64:34:a5:fc:fb:b0:9f:55:0e:36:e8:58:b8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Sep 25 19:31:34 2023 GMT
Not After : Sep 23 19:36:34 2024 GMT
Subject: CN=D23DD3939108D8860F6F504E200D910EC67CE02D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:75:12:0d:e4:68:38:7b:80:98:40:24:6f:37:
df:0d:83:96:51:b0:55:ee:5d:47:e2:eb:ed:7c:99:
b8:33:cb:de:af:52:cd:2b:63:5a:76:02:d2:bf:30:
1f:14:7f:46:1d:a3:3a:2d:db:c1:6b:24:b7:dc:13:
62:01:76:b4:48:1b:a6:1c:db:47:b2:a0:b1:31:ef:
af:b3:4b:da:cf:4e:b3:52:5c:c8:45:7f:06:c8:6c:
94:3f:de:65:a4:7d:e7:5b:97:b5:29:fe:87:44:36:
cc:b2:2b:be:f0:a5:d9:aa:64:32:6a:49:24:7d:77:
00:bd:55:51:29:08:9c:6a:af:5e:29:9d:0a:a6:e0:
dc:94:1e:e9:db:a8:f6:8a:c1:68:ba:08:2d:b5:41:
f4:ee:9e:07:6d:0a:ab:27:53:7a:67:73:46:55:4c:
c8:bb:05:c6:a1:62:91:b3:a0:21:ed:c1:80:b0:34:
03:df:1c:43:9e:79:ab:4f:e2:d2:67:49:c7:f5:be:
d1:6d:4e:a0:8a:b6:f3:d9:29:70:b0:98:8c:5e:44:
65:1d:d1:cf:cb:be:d5:55:b9:7c:6a:d0:9c:de:b2:
ad:65:9d:fe:2a:02:42:83:83:b5:83:31:51:2e:bc:
6c:d0:62:98:75:0c:38:ec:2c:99:ea:98:b4:95:42:
44:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3D:D3:93:91:08:D8:86:0F:6F:50:4E:20:0D:91:0E:C6:7C:E0:2D
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS3320.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.238.0-141.11.240.255
Signature Algorithm: sha256WithRSAEncryption
c6:bf:f3:e3:4e:16:d8:c1:0d:f9:d0:fd:0d:d0:d7:1f:bb:2e:
0c:c2:d2:47:51:69:49:c3:16:e1:a2:f3:3d:33:a5:d8:84:d2:
df:7a:09:6c:d7:f4:d8:32:ef:53:40:30:af:ec:80:48:8e:e0:
53:6d:94:3c:ec:30:c6:65:dd:f4:8d:c9:80:05:f8:a7:32:db:
23:1b:09:a9:f9:a1:7c:c1:e4:7f:18:d2:4d:5e:ee:d2:e8:b3:
65:42:65:7f:2a:30:28:55:9c:4a:e6:fa:a0:ec:13:a8:0e:36:
d9:38:b0:38:b8:0c:45:39:b1:8d:bc:33:c7:97:ed:35:30:ea:
06:bc:63:3f:ab:b8:8f:85:8b:c1:69:31:5c:49:10:44:c4:24:
91:53:25:d4:41:03:47:6c:af:43:32:7e:39:0f:f0:1f:f7:a8:
6d:f9:7f:74:ae:a1:63:d2:0a:ec:fb:2b:82:89:9d:9d:ad:40:
38:1e:69:18:d0:4e:9c:ae:75:3b:24:f2:d9:75:0e:7a:07:00:
7d:e9:ad:94:08:02:31:03:0f:0f:27:ab:39:1b:49:05:48:57:
3c:fa:d4:56:06:c5:a7:ef:79:fb:ed:1b:88:b6:43:89:a3:4f:
f6:00:97:c2:e5:ab:c2:02:e4:3b:98:3f:0c:0a:f4:d8:c0:1d:
ec:cb:2e:e3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUMc5egZ8aZDSl/Puwn1UONuhYuHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA5MjUxOTMxMzRaFw0yNDA5MjMxOTM2MzRaMDMxMTAvBgNV
BAMTKEQyM0REMzkzOTEwOEQ4ODYwRjZGNTA0RTIwMEQ5MTBFQzY3Q0UwMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCudRIN5Gg4e4CYQCRvN98Ng5ZR
sFXuXUfi6+18mbgzy96vUs0rY1p2AtK/MB8Uf0Ydozot28FrJLfcE2IBdrRIG6Yc
20eyoLEx76+zS9rPTrNSXMhFfwbIbJQ/3mWkfedbl7Up/odENsyyK77wpdmqZDJq
SSR9dwC9VVEpCJxqr14pnQqm4NyUHunbqPaKwWi6CC21QfTungdtCqsnU3pnc0ZV
TMi7BcahYpGzoCHtwYCwNAPfHEOeeatP4tJnScf1vtFtTqCKtvPZKXCwmIxeRGUd
0c/LvtVVuXxq0Jzesq1lnf4qAkKDg7WDMVEuvGzQYph1DDjsLJnqmLSVQkRZAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU0j3Tk5EI2IYPb1BOIA2RDsZ84C0wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBjQvu
AwQAjQvwMA0GCSqGSIb3DQEBCwUAA4IBAQDGv/PjThbYwQ350P0N0Ncfuy4MwtJH
UWlJwxbhovM9M6XYhNLfegls1/TYMu9TQDCv7IBIjuBTbZQ87DDGZd30jcmABfin
MtsjGwmp+aF8weR/GNJNXu7S6LNlQmV/KjAoVZxK5vqg7BOoDjbZOLA4uAxFObGN
vDPHl+01MOoGvGM/q7iPhYvBaTFcSRBExCSRUyXUQQNHbK9DMn45D/Af96ht+X90
rqFj0grs+yuCiZ2drUA4HmkY0E6crnU7JPLZdQ56BwB96a2UCAIxAw8PJ6s5G0kF
SFc8+tRWBsWn73n77RuItkOJo0/2AJfC5avCAuQ7mD8MCvTYwB3syy7j
Generated at Wed Nov 15 19:29:41 2023 by rpki-client on console-fra.rpki-client.org