Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203236373337.roa
File: 38352e3230392e31392e302f32342d3234203d3e203236373337.roa (raw, json)
Hash identifier: FHKCKG8IVpgIReBIuiL6ArBA6DZ0Ma0D/Ntly7g9FqY=
Subject key identifier: CD:B7:6C:F7:41:D7:AB:1E:49:5A:A1:D9:05:A4:12:36:C0:6B:B2:02
Certificate issuer: /CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Certificate serial: 5CE2EA5B70073CCA158B7BDD9B30FAEB9559BB4F
Authority key identifier: 8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203236373337.roa
Signing time: Thu 04 Jul 2024 19:40:50 +0000
ROA not before: Thu 04 Jul 2024 19:35:50 +0000
ROA not after: Thu 03 Jul 2025 19:40:50 +0000
asID: 26737
IP address blocks: 85.209.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 00:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:e2:ea:5b:70:07:3c:ca:15:8b:7b:dd:9b:30:fa:eb:95:59:bb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f4ce7722f99075d94738b7e61070401269eb3d6
Validity
Not Before: Jul 4 19:35:50 2024 GMT
Not After : Jul 3 19:40:50 2025 GMT
Subject: CN=CDB76CF741D7AB1E495AA1D905A41236C06BB202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b1:a4:17:8a:b8:ba:2e:99:e1:e6:93:54:79:
d6:1e:c7:78:15:d4:a2:d6:34:4f:79:d5:d8:6f:df:
fc:fe:3f:f9:58:08:2a:3f:60:5d:e6:e5:f5:72:a0:
2f:c5:d2:67:08:c6:63:e6:f5:9f:c4:87:f7:2b:9f:
99:3d:02:22:c6:a6:2b:22:1d:e0:be:a3:2e:b3:f7:
a2:46:03:76:4c:3f:7b:7f:da:7b:d6:44:0b:d7:3d:
bc:ef:47:e2:5d:d1:90:7d:66:04:f3:73:ad:8b:9d:
94:9b:f6:4d:be:b6:7c:3b:7a:87:69:8a:94:df:90:
72:08:db:bc:55:d1:91:60:45:46:59:b0:79:aa:ba:
33:87:0b:4c:05:d5:2a:34:69:c2:b0:c9:cb:ca:10:
6a:ea:0d:b4:ce:16:e4:0d:6b:e5:cc:ca:4b:3f:cb:
d4:9c:e7:bc:1a:96:0e:9c:a0:9a:72:c4:9d:aa:34:
f1:2e:08:41:27:ab:6f:5c:c4:3e:a1:47:8d:6f:b4:
f6:d4:bb:2b:6e:23:f6:2b:92:6a:fd:df:1d:4e:f2:
df:02:c1:4e:b5:6d:cf:f6:3c:2c:b3:a0:e7:37:2c:
d8:13:33:3f:a1:ce:3b:87:c0:49:5f:ba:db:6a:fa:
8d:f7:fc:c6:1a:5b:52:63:20:b0:b3:8e:2c:5c:39:
4f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B7:6C:F7:41:D7:AB:1E:49:5A:A1:D9:05:A4:12:36:C0:6B:B2:02
X509v3 Authority Key Identifier:
keyid:8F:4C:E7:72:2F:99:07:5D:94:73:8B:7E:61:07:04:01:26:9E:B3:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/8F4CE7722F99075D94738B7E61070401269EB3D6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j0znci-ZB12Uc4t-YQcEASaes9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa977115-5110-4257-94ef-4d2b43884040/0/38352e3230392e31392e302f32342d3234203d3e203236373337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.19.0/24
Signature Algorithm: sha256WithRSAEncryption
02:d6:98:e4:45:39:9b:97:ce:71:32:69:86:a9:db:89:09:5b:
39:5e:e7:09:7d:b7:aa:7d:b4:f0:0d:36:e5:ba:82:66:70:dd:
e6:05:eb:b9:c1:6f:89:9b:e5:d9:53:95:b9:52:0d:d8:55:ce:
31:c9:7a:4c:ee:8d:48:5b:8c:6f:ae:db:b8:97:0a:33:9b:d5:
f6:03:c0:e5:af:8a:1c:b0:b6:3c:8f:6e:95:6a:0f:40:e6:00:
28:c3:17:5d:3a:99:65:a0:cd:e9:8d:9f:eb:25:22:dd:44:17:
a4:a8:79:cc:92:6b:73:a4:5d:d9:65:39:80:ac:97:f6:2c:9c:
f2:ab:88:cb:31:14:26:df:c9:c4:77:6a:61:9e:34:d5:35:da:
ad:11:b6:4a:3c:b3:2d:d2:35:00:4e:aa:b3:e4:30:7b:12:4a:
7d:3e:c5:3f:25:9f:51:9a:78:3b:36:17:89:1d:d9:51:89:43:
0c:93:db:34:3b:72:9d:e1:53:51:b3:96:82:4d:2d:f0:35:c6:
60:f5:ad:a2:87:e2:a6:b5:fa:8d:9f:7e:b9:2c:05:c1:37:38:
d1:8c:e1:5e:54:14:63:55:4f:62:1e:16:0c:37:14:44:15:ab:
e3:ef:f9:a5:90:68:85:47:e1:38:4e:05:28:38:78:8f:7b:95:
9b:0e:20:50
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXOLqW3AHPMoVi3vdmzD665VZu08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGY0Y2U3NzIyZjk5MDc1ZDk0NzM4YjdlNjEwNzA0MDEy
NjllYjNkNjAeFw0yNDA3MDQxOTM1NTBaFw0yNTA3MDMxOTQwNTBaMDMxMTAvBgNV
BAMTKENEQjc2Q0Y3NDFEN0FCMUU0OTVBQTFEOTA1QTQxMjM2QzA2QkIyMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhsaQXiri6Lpnh5pNUedYex3gV
1KLWNE951dhv3/z+P/lYCCo/YF3m5fVyoC/F0mcIxmPm9Z/Eh/crn5k9AiLGpisi
HeC+oy6z96JGA3ZMP3t/2nvWRAvXPbzvR+Jd0ZB9ZgTzc62LnZSb9k2+tnw7eodp
ipTfkHII27xV0ZFgRUZZsHmqujOHC0wF1So0acKwycvKEGrqDbTOFuQNa+XMyks/
y9Sc57walg6coJpyxJ2qNPEuCEEnq29cxD6hR41vtPbUuytuI/Yrkmr93x1O8t8C
wU61bc/2PCyzoOc3LNgTMz+hzjuHwElfuttq+o33/MYaW1JjILCzjixcOU/tAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUzbds90HXqx5JWqHZBaQSNsBrsgIwHwYDVR0j
BBgwFoAUj0znci+ZB12Uc4t+YQcEASaes9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUtNTExMC00MjU3LTk0ZWYtNGQyYjQzODg0
MDQwLzAvOEY0Q0U3NzIyRjk5MDc1RDk0NzM4QjdFNjEwNzA0MDEyNjlFQjNENi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2owem5jaS1aQjEyVWM0dC1ZUWNFQVNh
ZXM5WS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWE5NzcxMTUt
NTExMC00MjU3LTk0ZWYtNGQyYjQzODg0MDQwLzAvMzgzNTJlMzIzMDM5MmUzMTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzMzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXR
EzANBgkqhkiG9w0BAQsFAAOCAQEAAtaY5EU5m5fOcTJphqnbiQlbOV7nCX23qn20
8A025bqCZnDd5gXrucFviZvl2VOVuVIN2FXOMcl6TO6NSFuMb67buJcKM5vV9gPA
5a+KHLC2PI9ulWoPQOYAKMMXXTqZZaDN6Y2f6yUi3UQXpKh5zJJrc6Rd2WU5gKyX
9iyc8quIyzEUJt/JxHdqYZ401TXarRG2SjyzLdI1AE6qs+QwexJKfT7FPyWfUZp4
OzYXiR3ZUYlDDJPbNDtyneFTUbOWgk0t8DXGYPWtoofiprX6jZ9+uSwFwTc40Yzh
XlQUY1VPYh4WDDcURBWr4+/5pZBohUfhOE4FKDh4j3uVmw4gUA==
-----END CERTIFICATE-----
Generated at Mon Aug 12 03:06:33 2024 by rpki-client on console-ams.rpki-client.org