Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203533333536.roa
File: 3137312e32322e37392e302f32342d3234203d3e203533333536.roa (raw, json)
Hash identifier: /hoLk4H1K85BTJ9Pyc3L+HJ62w1ixcIjnjSzGTZft/w=
Subject key identifier: 12:8C:76:1A:53:85:31:32:A8:3E:EC:82:2D:FE:4D:26:B5:1A:16:4A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 101043EDDB06FAD74A4BF7F4771EA1A2368DD034
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203533333536.roa
Signing time: Wed 22 Mar 2023 18:05:29 +0000
ROA not before: Wed 22 Mar 2023 18:00:29 +0000
ROA not after: Wed 20 Mar 2024 18:05:29 +0000
asID: 53356
IP address blocks: 171.22.79.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:10:43:ed:db:06:fa:d7:4a:4b:f7:f4:77:1e:a1:a2:36:8d:d0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:00:29 2023 GMT
Not After : Mar 20 18:05:29 2024 GMT
Subject: CN=128C761A53853132A83EEC822DFE4D26B51A164A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ba:0c:44:65:c3:f8:c7:36:3d:19:71:c9:cd:
2d:15:c4:91:5a:8b:3c:03:55:4d:d3:eb:60:78:a9:
59:4a:86:31:cb:a7:ac:97:25:a4:9a:11:5d:43:7a:
70:26:8c:4e:21:44:fa:f0:4d:d1:e3:99:48:1d:e2:
0a:34:72:75:93:91:d2:cf:5c:5f:37:d4:80:25:6c:
f7:71:f3:52:eb:e5:cd:44:4b:8e:01:4e:ee:15:14:
67:cf:d5:9f:bb:bc:9e:9a:3c:fa:d3:25:44:d4:ae:
39:a9:92:44:3b:2d:21:42:90:03:a2:87:91:4a:04:
42:cf:7d:28:c9:d8:84:d6:d3:54:40:b9:6b:f1:d8:
d4:b6:11:58:c9:69:02:d6:34:50:d7:c9:67:f6:68:
41:a6:9e:84:ba:cb:bc:4a:d1:7a:91:4c:1e:5f:45:
0a:ff:f3:af:36:8a:66:33:e5:cb:6c:eb:46:fe:77:
fd:63:60:71:a6:59:7e:e3:05:c6:47:72:68:0b:79:
24:a1:11:7f:ba:ab:94:8a:25:15:91:c9:6b:db:81:
7a:bb:07:bd:18:3e:0d:e8:4b:dc:a0:c4:89:f3:68:
cc:e7:8c:a5:14:36:a5:37:b1:73:ca:cf:f7:0a:0f:
27:49:f2:42:3c:f1:73:8f:1b:bc:a4:57:b5:2b:2e:
84:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:8C:76:1A:53:85:31:32:A8:3E:EC:82:2D:FE:4D:26:B5:1A:16:4A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37392e302f32342d3234203d3e203533333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.79.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:f8:62:70:f4:2c:85:d8:b7:ff:19:e3:34:06:8d:6b:fc:41:
3d:d4:fa:ad:cb:32:97:e5:d3:dd:8f:1b:c1:c3:7c:48:e0:18:
b1:0a:38:13:18:18:de:93:bb:be:65:47:fd:38:b8:bd:01:ae:
33:cb:1e:40:04:a7:5b:8a:82:54:ce:24:dd:4c:b5:ae:29:ba:
ac:d1:a9:dc:f1:ab:fe:6c:81:65:c9:90:80:58:97:bb:7b:43:
ec:61:d0:e4:28:88:f2:6b:40:77:c3:0f:71:4d:63:2f:a7:b8:
4d:ab:59:fc:70:38:db:a3:9f:29:7e:eb:16:82:fe:8a:ef:40:
d0:76:d8:79:fb:2d:c6:c1:ed:68:06:ec:0d:1a:e3:ff:b8:d3:
86:2f:36:6a:ca:32:ec:52:ed:8d:f3:4a:91:a6:2e:f5:ea:a5:
31:ee:84:30:e5:03:ce:75:d3:e7:43:1e:ba:92:02:65:31:6b:
79:50:e9:60:b0:c1:ef:65:c4:a3:a6:fb:34:32:27:33:ee:45:
03:c0:6c:78:ee:3d:14:ed:ee:60:99:ce:56:cf:4b:91:4c:3d:
9c:c2:17:6b:1d:be:8a:0e:3d:ee:14:ab:e3:8f:e0:14:69:76:
b0:51:81:97:65:0f:80:70:ce:f8:8f:8a:c0:48:c2:6e:23:c7:
a3:7e:83:97
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUEBBD7dsG+tdKS/f0dx6hojaN0DQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODAwMjlaFw0yNDAzMjAxODA1MjlaMDMxMTAvBgNV
BAMTKDEyOEM3NjFBNTM4NTMxMzJBODNFRUM4MjJERkU0RDI2QjUxQTE2NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkugxEZcP4xzY9GXHJzS0VxJFa
izwDVU3T62B4qVlKhjHLp6yXJaSaEV1DenAmjE4hRPrwTdHjmUgd4go0cnWTkdLP
XF831IAlbPdx81Lr5c1ES44BTu4VFGfP1Z+7vJ6aPPrTJUTUrjmpkkQ7LSFCkAOi
h5FKBELPfSjJ2ITW01RAuWvx2NS2EVjJaQLWNFDXyWf2aEGmnoS6y7xK0XqRTB5f
RQr/8682imYz5cts60b+d/1jYHGmWX7jBcZHcmgLeSShEX+6q5SKJRWRyWvbgXq7
B70YPg3oS9ygxInzaMznjKUUNqU3sXPKz/cKDydJ8kI88XOPG7ykV7UrLoTVAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEox2GlOFMTKoPuyCLf5NJrUaFkowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMzMzMzUzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsW
TzANBgkqhkiG9w0BAQsFAAOCAQEAavhicPQshdi3/xnjNAaNa/xBPdT6rcsyl+XT
3Y8bwcN8SOAYsQo4ExgY3pO7vmVH/Ti4vQGuM8seQASnW4qCVM4k3Uy1rim6rNGp
3PGr/myBZcmQgFiXu3tD7GHQ5CiI8mtAd8MPcU1jL6e4TatZ/HA426OfKX7rFoL+
iu9A0HbYefstxsHtaAbsDRrj/7jThi82asoy7FLtjfNKkaYu9eqlMe6EMOUDznXT
50MeupICZTFreVDpYLDB72XEo6b7NDInM+5FA8BseO49FO3uYJnOVs9LkUw9nMIX
ax2+ig497hSr44/gFGl2sFGBl2UPgHDO+I+KwEjCbiPHo36Dlw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:59 2023 by rpki-client on console-fra.rpki-client.org