Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32322d3232203d3e2030.roa
File: 3138352e3137322e3137322e302f32322d3232203d3e2030.roa (raw, json)
Hash identifier: Y2LphTks5ZepoQSSfhH2lJS+HaJc1/A+rWqgdA7ueEo=
Subject key identifier: F8:3D:7F:FA:59:73:24:A7:4E:C7:22:84:E2:51:72:D1:76:A6:2F:03
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 37B1F4461C225AFC7B43F8A40717A42F202BCED5
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32322d3232203d3e2030.roa
Signing time: Wed 22 Mar 2023 18:06:12 +0000
ROA not before: Wed 22 Mar 2023 18:01:12 +0000
ROA not after: Wed 20 Mar 2024 18:06:12 +0000
asID: 0
IP address blocks: 185.172.172.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b1:f4:46:1c:22:5a:fc:7b:43:f8:a4:07:17:a4:2f:20:2b:ce:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:01:12 2023 GMT
Not After : Mar 20 18:06:12 2024 GMT
Subject: CN=F83D7FFA597324A74EC72284E25172D176A62F03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:03:21:a2:99:5d:98:bc:8f:da:73:b9:44:
46:f2:af:ec:40:14:46:d4:de:9a:43:a3:b1:38:e0:
d5:ed:38:43:f3:bd:03:6d:60:a2:4a:9e:c2:54:22:
22:2f:08:3f:53:46:20:72:69:98:2a:fc:26:56:92:
5a:20:5d:4a:61:fd:f3:be:af:5d:08:52:68:45:5c:
31:73:39:b4:31:17:9d:df:24:67:9e:96:95:f6:ff:
f6:83:38:f7:df:b1:38:24:72:96:9b:6f:0b:49:be:
f0:47:55:20:81:56:f1:21:6c:9a:e6:44:c6:36:f5:
21:1f:46:e8:06:7b:15:9f:88:94:4a:b6:5c:c1:0f:
e8:b9:a8:47:f6:05:2f:78:c2:15:73:26:d5:d3:e5:
9c:61:9d:cc:cd:0e:39:30:2c:5d:d6:c7:8e:79:35:
74:06:26:a4:38:2c:40:64:4d:08:34:d9:9c:64:da:
f1:90:a4:5d:ef:b9:43:91:13:6a:be:d0:0f:80:a0:
a5:0c:b0:3b:b2:28:58:4b:0a:b8:e7:ca:cf:04:f9:
75:07:43:18:b4:f5:f7:bf:a2:81:e7:c6:79:65:bd:
ee:5b:50:5b:7f:40:fa:29:5f:fc:5a:16:c0:6d:99:
78:0a:62:a4:9c:1b:34:8d:9a:a7:11:ff:b5:f7:e9:
99:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3D:7F:FA:59:73:24:A7:4E:C7:22:84:E2:51:72:D1:76:A6:2F:03
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32322d3232203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/22
Signature Algorithm: sha256WithRSAEncryption
75:4c:2b:55:1b:9e:58:8e:1c:22:81:87:8c:85:02:4a:b6:fa:
f2:a3:01:9a:33:2a:01:6c:ee:68:97:c0:87:21:f5:b0:02:a6:
1d:ed:50:93:f7:49:e4:d3:60:f4:6e:ef:9e:8e:03:f7:e2:0a:
af:27:6d:0f:58:86:c6:6c:ac:0c:b9:02:b7:a1:e7:d8:43:9c:
a8:01:66:aa:8b:32:a2:b1:af:e3:d7:fa:70:7a:5a:e1:79:97:
45:bc:53:19:32:aa:c3:bf:65:e3:85:e0:d5:23:2d:fc:0c:12:
f1:86:9f:bf:82:3b:15:7b:3c:67:e8:25:9c:37:ba:2e:c0:4e:
a1:b9:d8:ee:f7:ff:d3:98:44:fe:aa:bf:40:0b:64:36:17:61:
a1:c4:b3:c5:83:a5:70:12:b7:56:e7:38:dc:21:69:21:f5:b6:
e8:ae:6f:87:2f:a8:4c:0c:1e:ed:4a:64:e8:55:fb:c8:9a:5f:
aa:b4:a7:4c:a6:eb:f3:90:6a:b2:75:42:89:aa:ac:d9:30:79:
3c:0c:0b:fd:1f:09:7a:43:d8:73:dd:85:2f:1f:84:5f:6b:5b:
8a:de:8a:7e:71:62:cb:94:a9:f7:32:ca:f6:7d:05:96:19:16:
8f:1e:76:3a:5c:73:a8:f6:10:7d:16:7f:05:bb:9b:d1:a8:36:
f7:23:b0:25
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUN7H0RhwiWvx7Q/ikBxekLyArztUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODAxMTJaFw0yNDAzMjAxODA2MTJaMDMxMTAvBgNV
BAMTKEY4M0Q3RkZBNTk3MzI0QTc0RUM3MjI4NEUyNTE3MkQxNzZBNjJGMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHtgMhopldmLyP2nO5REbyr+xA
FEbU3ppDo7E44NXtOEPzvQNtYKJKnsJUIiIvCD9TRiByaZgq/CZWklogXUph/fO+
r10IUmhFXDFzObQxF53fJGeelpX2//aDOPffsTgkcpabbwtJvvBHVSCBVvEhbJrm
RMY29SEfRugGexWfiJRKtlzBD+i5qEf2BS94whVzJtXT5ZxhnczNDjkwLF3Wx455
NXQGJqQ4LEBkTQg02Zxk2vGQpF3vuUORE2q+0A+AoKUMsDuyKFhLCrjnys8E+XUH
Qxi09fe/ooHnxnllve5bUFt/QPopX/xaFsBtmXgKYqScGzSNmqcR/7X36ZkDAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU+D1/+llzJKdOxyKE4lFy0XamLwMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaysMA0G
CSqGSIb3DQEBCwUAA4IBAQB1TCtVG55YjhwigYeMhQJKtvryowGaMyoBbO5ol8CH
IfWwAqYd7VCT90nk02D0bu+ejgP34gqvJ20PWIbGbKwMuQK3oefYQ5yoAWaqizKi
sa/j1/pwelrheZdFvFMZMqrDv2XjheDVIy38DBLxhp+/gjsVezxn6CWcN7ouwE6h
udju9//TmET+qr9AC2Q2F2GhxLPFg6VwErdW5zjcIWkh9bborm+HL6hMDB7tSmTo
VfvIml+qtKdMpuvzkGqydUKJqqzZMHk8DAv9Hwl6Q9hz3YUvH4Rfa1uK3op+cWLL
lKn3Msr2fQWWGRaPHnY6XHOo9hB9Fn8Fu5vRqDb3I7Al
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:49 2023 by rpki-client on console-ams.rpki-client.org