Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e20323030313933.roa
File: 3138352e3137322e3137352e302f32342d3234203d3e20323030313933.roa (raw, json)
Hash identifier: MWmQHfWC/YPjfg9izYk6uSS5rpRb8EGR4VtE/OTvw7c=
Subject key identifier: 25:2F:06:4E:19:1B:47:A7:80:AC:11:4B:A5:A3:44:7C:B8:6D:AE:AF
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 03173F51C047C113FAF1F3475782EC1EC01122DB
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e20323030313933.roa
Signing time: Mon 28 Aug 2023 10:06:12 +0000
ROA not before: Mon 28 Aug 2023 10:01:12 +0000
ROA not after: Mon 26 Aug 2024 10:06:12 +0000
asID: 200193
IP address blocks: 185.172.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:17:3f:51:c0:47:c1:13:fa:f1:f3:47:57:82:ec:1e:c0:11:22:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 28 10:01:12 2023 GMT
Not After : Aug 26 10:06:12 2024 GMT
Subject: CN=252F064E191B47A780AC114BA5A3447CB86DAEAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9e:f3:e6:2b:a2:c1:76:9d:e2:96:a6:e1:94:
5c:de:5a:3a:d7:5c:c6:6d:91:46:1f:a5:9c:af:e7:
be:ea:7b:dc:14:8b:aa:2a:e4:30:d8:c2:ad:72:8f:
b6:1b:94:dd:01:23:ed:38:f7:27:ff:f4:a8:dc:f9:
ed:15:1e:28:8c:29:c8:27:7e:9c:a9:13:5b:ee:c1:
9a:87:5b:bc:c5:f1:e9:5d:2d:8d:08:82:56:be:8b:
7b:39:13:f2:df:0e:88:94:e7:4c:0e:bd:a7:1e:8e:
33:14:14:dc:d0:5b:10:e9:cd:7b:a1:e5:65:21:23:
05:41:6d:16:1c:d5:f8:cb:24:98:30:1f:85:d4:95:
73:4a:f9:16:5c:62:7c:71:71:56:87:57:aa:97:1e:
b2:52:08:f8:da:71:aa:23:e7:37:f8:7e:a6:59:f4:
1b:51:aa:15:fa:8b:b1:24:ff:5f:6c:14:1a:0c:cd:
59:79:3c:38:59:2a:09:dd:78:20:90:eb:12:e0:24:
fb:7e:67:16:bf:35:96:be:46:3b:02:25:f2:85:eb:
15:44:a3:54:f5:22:35:9c:ea:a9:1d:13:46:35:3b:
3c:47:79:64:dc:b4:eb:9b:98:c4:38:bd:15:f1:c0:
08:16:e9:b8:b1:b7:1a:b3:7e:da:70:9f:66:20:f7:
9d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2F:06:4E:19:1B:47:A7:80:AC:11:4B:A5:A3:44:7C:B8:6D:AE:AF
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137352e302f32342d3234203d3e20323030313933.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.175.0/24
Signature Algorithm: sha256WithRSAEncryption
94:6a:e7:a2:c2:f9:f1:6d:d2:09:ee:f9:c3:73:ca:4b:3d:7c:
cf:b3:f5:d4:1d:e1:31:bd:b3:14:a6:3d:12:9e:9b:a3:fa:25:
e9:b5:7c:16:51:25:98:e9:43:de:91:ef:5a:99:e6:31:c2:ec:
d0:51:e1:bb:4b:be:26:8f:df:b9:54:86:d5:3e:40:7d:10:0f:
6a:5f:c0:40:7b:e9:eb:87:20:66:00:cb:f3:36:1f:90:bf:c3:
18:0f:9b:4c:9b:45:6f:7d:32:16:1c:02:d6:bf:35:d0:3c:eb:
fe:d4:1f:4c:db:be:ce:e1:d1:ea:ac:50:25:9f:90:7e:9f:83:
9e:50:37:74:52:80:88:6e:89:b4:a0:b7:c8:62:26:b4:72:0d:
d4:32:cf:c3:c2:df:e2:0d:04:e7:ed:f8:5b:df:54:b0:b3:12:
17:21:36:5e:5e:92:fe:38:02:19:a9:62:68:f8:fe:b6:f4:63:
7c:49:fb:06:35:85:bb:a8:83:c4:f1:0a:11:8a:60:66:a5:69:
7e:02:db:d1:14:29:83:ea:3b:fa:47:cf:e8:d7:67:c2:e4:d4:
be:b0:3d:21:4c:a7:bb:40:30:75:70:f5:84:8f:1f:7b:d3:79:
28:88:18:f0:78:e7:1f:ce:49:19:08:f5:48:55:5a:3f:b4:27:
36:fd:a1:59
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUAxc/UcBHwRP68fNHV4LsHsARItswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA4MjgxMDAxMTJaFw0yNDA4MjYxMDA2MTJaMDMxMTAvBgNV
BAMTKDI1MkYwNjRFMTkxQjQ3QTc4MEFDMTE0QkE1QTM0NDdDQjg2REFFQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnvPmK6LBdp3ilqbhlFzeWjrX
XMZtkUYfpZyv577qe9wUi6oq5DDYwq1yj7YblN0BI+049yf/9Kjc+e0VHiiMKcgn
fpypE1vuwZqHW7zF8eldLY0Igla+i3s5E/LfDoiU50wOvacejjMUFNzQWxDpzXuh
5WUhIwVBbRYc1fjLJJgwH4XUlXNK+RZcYnxxcVaHV6qXHrJSCPjacaoj5zf4fqZZ
9BtRqhX6i7Ek/19sFBoMzVl5PDhZKgndeCCQ6xLgJPt+Zxa/NZa+RjsCJfKF6xVE
o1T1IjWc6qkdE0Y1OzxHeWTctOubmMQ4vRXxwAgW6bixtxqzftpwn2Yg9519AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUJS8GThkbR6eArBFLpaNEfLhtrq8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMDMxMzkzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmsrzANBgkqhkiG9w0BAQsFAAOCAQEAlGrnosL58W3SCe75w3PKSz18z7P1
1B3hMb2zFKY9Ep6bo/ol6bV8FlElmOlD3pHvWpnmMcLs0FHhu0u+Jo/fuVSG1T5A
fRAPal/AQHvp64cgZgDL8zYfkL/DGA+bTJtFb30yFhwC1r810Dzr/tQfTNu+zuHR
6qxQJZ+Qfp+DnlA3dFKAiG6JtKC3yGImtHIN1DLPw8Lf4g0E5+34W99UsLMSFyE2
Xl6S/jgCGaliaPj+tvRjfEn7BjWFu6iDxPEKEYpgZqVpfgLb0RQpg+o7+kfP6Ndn
wuTUvrA9IUynu0AwdXD1hI8fe9N5KIgY8HjnH85JGQj1SFVaP7QnNv2hWQ==
-----END CERTIFICATE-----
Generated at Fri Sep 22 17:54:50 2023 by rpki-client on console-fra.rpki-client.org