Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37362e302f32332d3234203d3e203335393133.roa
File: 3137312e32322e37362e302f32332d3234203d3e203335393133.roa (raw, json)
Hash identifier: pM6fpX7CxwziNd2omduzpTyhxj3z9sIJdutEXauC+v0=
Subject key identifier: 1A:C3:A2:C6:EF:27:BB:B3:1F:EA:96:E2:1C:36:50:D5:34:49:FC:F7
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4307CEA6F1E24C386CDD66A9D92D1CED2E70E448
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37362e302f32332d3234203d3e203335393133.roa
Signing time: Wed 22 Mar 2023 18:05:02 +0000
ROA not before: Wed 22 Mar 2023 18:00:02 +0000
ROA not after: Wed 20 Mar 2024 18:05:02 +0000
asID: 35913
IP address blocks: 171.22.76.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:07:ce:a6:f1:e2:4c:38:6c:dd:66:a9:d9:2d:1c:ed:2e:70:e4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:00:02 2023 GMT
Not After : Mar 20 18:05:02 2024 GMT
Subject: CN=1AC3A2C6EF27BBB31FEA96E21C3650D53449FCF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:80:91:fc:fa:62:78:cf:42:fd:dd:b1:8c:1c:
f1:56:7e:6c:d3:eb:0a:bd:08:46:cf:e0:01:af:be:
7c:56:f4:f6:bb:e7:64:f8:5e:ce:99:84:0d:95:f1:
df:da:59:2c:a7:0d:9e:7d:a8:31:54:01:d4:0a:38:
4a:80:b7:30:04:85:1c:d4:bc:a1:a6:8d:39:44:9f:
d3:23:e2:9a:18:8d:98:2b:ad:f1:24:2a:d8:70:d9:
72:c2:c9:80:1d:e6:78:5f:be:b4:f1:98:53:4b:9a:
63:42:4d:45:db:8e:b3:ca:ef:00:53:f9:5f:b9:51:
1a:39:61:b9:44:cf:fd:d0:f2:7e:24:85:9d:ba:a5:
ee:5b:1c:6b:96:fa:e1:b7:ad:09:14:89:d2:e7:e9:
03:09:46:96:f8:16:95:e5:5e:3c:ab:b3:35:94:e8:
db:4f:40:14:31:60:bf:d8:09:99:fa:77:d9:ec:dd:
c6:fb:38:82:c6:22:72:11:fa:00:ab:c5:c9:3b:19:
b6:79:da:29:ca:ca:d9:52:28:c6:cd:c8:42:2d:fb:
7e:b4:a4:86:13:f9:f3:48:28:b0:eb:2d:9e:89:49:
5f:95:5d:55:ff:a2:0e:1b:92:07:84:0b:e1:d6:e1:
30:e6:51:99:c7:c7:1c:1b:8f:62:cf:2b:d2:2e:cb:
de:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C3:A2:C6:EF:27:BB:B3:1F:EA:96:E2:1C:36:50:D5:34:49:FC:F7
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37362e302f32332d3234203d3e203335393133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.76.0/23
Signature Algorithm: sha256WithRSAEncryption
ca:bf:6d:2f:29:50:04:6b:f0:46:a0:56:b6:96:f5:26:93:4e:
89:55:f8:91:20:02:a3:ea:4e:5a:cd:c4:05:3d:10:fb:59:be:
3a:41:00:b9:15:51:55:c5:0e:b4:f1:68:f2:72:c2:e5:00:3f:
dc:71:3b:b8:24:db:37:8c:24:13:a6:ba:9d:3f:7f:55:2f:76:
ce:7e:81:05:32:d8:91:13:39:6f:be:48:7b:91:ce:2d:fa:61:
79:20:4e:b3:7b:0b:42:20:e8:08:3d:6a:18:ff:cb:66:ce:90:
c6:b3:02:11:3b:20:ca:88:72:e4:ca:a7:6b:84:4f:69:87:19:
e1:13:f6:b3:b3:c2:82:5a:5b:12:13:4d:45:8e:20:29:49:f1:
1a:f2:7c:04:35:16:e4:18:65:95:c0:78:f6:cb:08:b9:7d:59:
7e:89:44:72:e5:2e:17:92:69:60:e9:09:81:02:a9:7a:c6:af:
15:c8:8b:e2:67:86:6e:d3:00:40:72:45:2d:8e:e4:b4:02:a9:
ed:7b:72:74:89:df:bf:80:4d:6c:6b:22:40:eb:8f:8f:b3:3c:
f8:4f:30:40:fb:f7:36:66:18:bb:3d:fa:58:20:06:23:5c:b3:
15:39:00:5b:2a:65:a3:b6:ab:a3:dc:22:2a:4d:c0:12:7a:d9:
f2:d2:b1:46
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQwfOpvHiTDhs3Wap2S0c7S5w5EgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODAwMDJaFw0yNDAzMjAxODA1MDJaMDMxMTAvBgNV
BAMTKDFBQzNBMkM2RUYyN0JCQjMxRkVBOTZFMjFDMzY1MEQ1MzQ0OUZDRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNgJH8+mJ4z0L93bGMHPFWfmzT
6wq9CEbP4AGvvnxW9Pa752T4Xs6ZhA2V8d/aWSynDZ59qDFUAdQKOEqAtzAEhRzU
vKGmjTlEn9Mj4poYjZgrrfEkKthw2XLCyYAd5nhfvrTxmFNLmmNCTUXbjrPK7wBT
+V+5URo5YblEz/3Q8n4khZ26pe5bHGuW+uG3rQkUidLn6QMJRpb4FpXlXjyrszWU
6NtPQBQxYL/YCZn6d9ns3cb7OILGInIR+gCrxck7GbZ52inKytlSKMbNyEIt+360
pIYT+fNIKLDrLZ6JSV+VXVX/og4bkgeEC+HW4TDmUZnHxxwbj2LPK9Iuy94tAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUGsOixu8nu7Mf6pbiHDZQ1TRJ/PcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM2
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzMzNTM5MzEzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAasW
TDANBgkqhkiG9w0BAQsFAAOCAQEAyr9tLylQBGvwRqBWtpb1JpNOiVX4kSACo+pO
Ws3EBT0Q+1m+OkEAuRVRVcUOtPFo8nLC5QA/3HE7uCTbN4wkE6a6nT9/VS92zn6B
BTLYkRM5b75Ie5HOLfpheSBOs3sLQiDoCD1qGP/LZs6QxrMCETsgyohy5Mqna4RP
aYcZ4RP2s7PCglpbEhNNRY4gKUnxGvJ8BDUW5BhllcB49ssIuX1ZfolEcuUuF5Jp
YOkJgQKpesavFciL4meGbtMAQHJFLY7ktAKp7XtydInfv4BNbGsiQOuPj7M8+E8w
QPv3NmYYuz36WCAGI1yzFTkAWyplo7aro9wiKk3AEnrZ8tKxRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:59 2023 by rpki-client on console-fra.rpki-client.org