Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136302e302f32332d3233203d3e20313530353532.roa
File: 3138352e322e3136302e302f32332d3233203d3e20313530353532.roa (raw, json)
Hash identifier: MvlBUKpvTC10USApjbV9zkrJ3eGcEiwSjNGrOfYgKxo=
Subject key identifier: DA:8D:F9:3E:AD:54:2E:06:04:E0:8A:57:02:9A:62:AD:40:43:67:B9
Certificate issuer: /CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Certificate serial: 2FE35DD360A53FB73E7BC82F9E290B083E1763F1
Authority key identifier: 9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136302e302f32332d3233203d3e20313530353532.roa
Signing time: Thu 29 Feb 2024 07:16:28 +0000
ROA not before: Thu 29 Feb 2024 07:11:28 +0000
ROA not after: Thu 27 Feb 2025 07:16:28 +0000
asID: 150552
IP address blocks: 185.2.160.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 29 Feb 2024 23:56:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:e3:5d:d3:60:a5:3f:b7:3e:7b:c8:2f:9e:29:0b:08:3e:17:63:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0d24c855eee00fe4abf3903c6e8fcc7083ed4d
Validity
Not Before: Feb 29 07:11:28 2024 GMT
Not After : Feb 27 07:16:28 2025 GMT
Subject: CN=DA8DF93EAD542E0604E08A57029A62AD404367B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b2:7f:6c:eb:2a:64:96:55:f8:48:a2:11:e8:
16:5a:1f:2e:75:8a:68:8c:a5:2b:db:e2:30:61:0b:
21:f1:94:ed:2e:e8:da:6a:e9:ce:df:5d:7a:70:41:
13:3a:1a:bc:ce:bd:5e:a6:2d:55:50:3b:36:cb:df:
57:bf:5a:5d:b4:ac:83:e3:70:e1:fc:8b:af:73:a5:
80:c2:4a:bc:62:2b:73:bd:5b:e1:e1:f4:c3:f8:cb:
57:36:a5:7f:7f:39:d1:c5:b2:5a:4c:87:76:e0:ba:
44:6f:8f:2d:b5:6a:63:2e:bb:22:6f:82:14:c7:ed:
19:54:55:3a:f5:b1:d6:d4:1e:90:7a:55:d9:fb:f1:
59:13:52:23:71:22:14:12:1b:92:0c:8d:61:23:f3:
e3:6a:d0:d1:21:36:d3:f1:5b:8b:a2:e4:f6:ab:bf:
50:26:58:0d:53:66:8f:ee:87:c8:62:fb:b0:5c:71:
85:c6:b8:4e:1d:33:90:0a:6d:f2:e9:68:cf:27:b0:
db:d8:50:2f:d5:c4:79:d6:6b:04:f2:8b:fd:a4:06:
1b:aa:db:06:f0:8c:44:31:35:06:a0:1d:de:ba:d5:
0c:94:75:fc:e9:2c:4d:62:5e:ea:8e:f6:18:18:e2:
d7:65:cb:ec:0f:59:cc:9d:92:8d:db:e3:ca:61:8f:
ec:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8D:F9:3E:AD:54:2E:06:04:E0:8A:57:02:9A:62:AD:40:43:67:B9
X509v3 Authority Key Identifier:
keyid:9F:0D:24:C8:55:EE:E0:0F:E4:AB:F3:90:3C:6E:8F:CC:70:83:ED:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/9F0D24C855EEE00FE4ABF3903C6E8FCC7083ED4D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nw0kyFXu4A_kq_OQPG6PzHCD7U0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/af31768d-42b1-4e92-b83f-bef7ee017813/0/3138352e322e3136302e302f32332d3233203d3e20313530353532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.160.0/23
Signature Algorithm: sha256WithRSAEncryption
02:28:0e:dc:16:f9:1c:e7:1f:00:bf:b6:dc:41:b3:78:64:d3:
86:5a:25:40:5a:10:29:47:04:f2:38:db:96:76:f6:61:a1:91:
f4:43:0c:18:d0:e0:47:4c:d9:c2:51:cf:1c:ec:18:d5:2f:68:
24:90:53:87:75:c7:00:c5:47:76:27:6a:e7:54:a1:63:82:14:
b0:c1:58:be:b9:a6:51:16:b9:9c:9c:6e:b8:d5:92:26:99:b7:
e3:f0:6b:35:a6:40:da:68:58:07:fd:3e:86:e3:b1:52:25:82:
09:d0:9d:0f:eb:95:30:40:0b:b8:4b:d0:58:9f:dd:6c:1d:18:
47:48:2e:4a:ee:e9:15:9d:51:7c:f2:a2:b9:d8:e7:b3:43:9a:
3a:8b:6d:fa:1d:19:44:42:52:98:51:6d:b2:11:fa:7d:96:8c:
d2:2d:cc:0f:ea:96:1c:1b:43:6f:12:49:ac:15:40:e4:89:e4:
fc:1a:5b:02:86:c8:b3:05:1c:4a:70:5d:3d:9b:d4:5d:aa:5c:
4a:ff:34:62:b2:93:fc:99:a5:37:e2:4f:26:65:50:3e:67:1a:
fc:18:76:22:56:8d:e6:59:98:a5:f4:23:41:5b:5a:41:79:60:
63:42:60:aa:92:fe:2f:98:db:f6:20:40:8b:f5:0e:fc:eb:b4:
4f:64:bf:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUL+Nd02ClP7c+e8gvnikLCD4XY/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWYwZDI0Yzg1NWVlZTAwZmU0YWJmMzkwM2M2ZThmY2M3
MDgzZWQ0ZDAeFw0yNDAyMjkwNzExMjhaFw0yNTAyMjcwNzE2MjhaMDMxMTAvBgNV
BAMTKERBOERGOTNFQUQ1NDJFMDYwNEUwOEE1NzAyOUE2MkFENDA0MzY3QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNsn9s6ypkllX4SKIR6BZaHy51
imiMpSvb4jBhCyHxlO0u6Npq6c7fXXpwQRM6GrzOvV6mLVVQOzbL31e/Wl20rIPj
cOH8i69zpYDCSrxiK3O9W+Hh9MP4y1c2pX9/OdHFslpMh3bgukRvjy21amMuuyJv
ghTH7RlUVTr1sdbUHpB6Vdn78VkTUiNxIhQSG5IMjWEj8+Nq0NEhNtPxW4ui5Par
v1AmWA1TZo/uh8hi+7BccYXGuE4dM5AKbfLpaM8nsNvYUC/VxHnWawTyi/2kBhuq
2wbwjEQxNQagHd661QyUdfzpLE1iXuqO9hgY4tdly+wPWcydko3b48phj+ytAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2o35Pq1ULgYE4IpXAppirUBDZ7kwHwYDVR0j
BBgwFoAUnw0kyFXu4A/kq/OQPG6PzHCD7U0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQtNDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3
ODEzLzAvOUYwRDI0Qzg1NUVFRTAwRkU0QUJGMzkwM0M2RThGQ0M3MDgzRUQ0RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL253MGt5Rlh1NEFfa3FfT1FQRzZQekhD
RDdVMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWYzMTc2OGQt
NDJiMS00ZTkyLWI4M2YtYmVmN2VlMDE3ODEzLzAvMzEzODM1MmUzMjJlMzEzNjMw
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzEzNTMwMzUzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uQKgMA0GCSqGSIb3DQEBCwUAA4IBAQACKA7cFvkc5x8Av7bcQbN4ZNOGWiVAWhAp
RwTyONuWdvZhoZH0QwwY0OBHTNnCUc8c7BjVL2gkkFOHdccAxUd2J2rnVKFjghSw
wVi+uaZRFrmcnG641ZImmbfj8Gs1pkDaaFgH/T6G47FSJYIJ0J0P65UwQAu4S9BY
n91sHRhHSC5K7ukVnVF88qK52OezQ5o6i236HRlEQlKYUW2yEfp9lozSLcwP6pYc
G0NvEkmsFUDkieT8GlsChsizBRxKcF09m9RdqlxK/zRispP8maU34k8mZVA+Zxr8
GHYiVo3mWZil9CNBW1pBeWBjQmCqkv4vmNv2IECL9Q7867RPZL/T
-----END CERTIFICATE-----
Generated at Fri Mar 1 02:28:34 2024 by rpki-client on console-fra.rpki-client.org