Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3233203d3e203433323630.roa
File: 322e35362e3234382e302f32332d3233203d3e203433323630.roa (raw, json)
Hash identifier: DPqNMkzkWVaJuYL9d08hfE/yUAtedlXJLRVvcp6OnsQ=
Subject key identifier: 21:84:F7:F8:46:56:0C:9A:4F:0B:E0:67:21:A8:6E:4B:96:C1:81:FB
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0B3EB8ED73787B3041F6C7B2E49302A9087C7A1A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3233203d3e203433323630.roa
Signing time: Wed 22 Mar 2023 18:09:14 +0000
ROA not before: Wed 22 Mar 2023 18:04:14 +0000
ROA not after: Wed 20 Mar 2024 18:09:14 +0000
asID: 43260
IP address blocks: 2.56.248.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:3e:b8:ed:73:78:7b:30:41:f6:c7:b2:e4:93:02:a9:08:7c:7a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:04:14 2023 GMT
Not After : Mar 20 18:09:14 2024 GMT
Subject: CN=2184F7F846560C9A4F0BE06721A86E4B96C181FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:19:52:ce:3b:5e:91:be:e3:40:f8:85:91:68:
e3:82:8a:80:db:0f:74:db:f3:44:98:6d:6d:31:67:
fc:a7:61:8c:83:ef:ac:8d:e4:50:8f:9a:a9:05:10:
4d:b4:02:7a:b0:9c:bd:97:4d:fe:fd:35:96:fe:74:
71:ba:c3:88:91:1c:4a:e0:65:74:9f:25:a4:c7:3a:
35:3c:86:6f:2f:2c:0d:58:61:89:0d:4b:67:cb:f4:
b0:87:34:45:15:e5:e9:e3:ec:1f:68:09:5f:34:3c:
8b:f7:02:25:5f:d1:2c:dd:d6:ef:9a:99:e5:47:77:
79:8b:c5:17:81:da:d8:74:86:bb:52:14:98:30:40:
3b:0a:eb:aa:3a:b9:79:84:0f:09:85:79:d4:2a:80:
cc:fb:93:01:ca:ec:d7:dc:29:99:ef:cf:a5:1e:08:
84:0d:e8:77:e4:b7:bf:69:2a:30:1e:8a:7d:ab:ba:
af:8f:a9:39:0a:23:40:a3:59:da:91:ce:6a:d8:a3:
83:72:4f:fc:b0:a1:04:60:c3:28:4d:15:cd:b5:6e:
4c:3b:30:24:8b:10:b8:27:7b:ce:f9:b8:6d:9e:76:
11:c5:56:99:fa:7b:32:92:ee:ae:48:4b:56:12:70:
d9:6b:eb:d0:99:20:76:17:b9:4a:5e:1b:11:bc:c1:
fe:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:84:F7:F8:46:56:0C:9A:4F:0B:E0:67:21:A8:6E:4B:96:C1:81:FB
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3233203d3e203433323630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/23
Signature Algorithm: sha256WithRSAEncryption
54:21:12:22:78:d0:84:00:0c:ab:4d:58:22:7b:ad:42:69:9a:
6b:52:4c:b8:d0:a7:b6:61:6d:92:28:9e:1c:1f:38:35:78:d6:
3c:f5:dc:a9:35:e4:b5:f5:20:0c:f6:f8:27:27:4d:e0:5a:84:
56:c5:51:85:b3:5c:8c:c9:71:68:8b:fa:7d:88:70:cb:a7:65:
e9:e4:a6:24:90:36:22:97:4d:84:e7:7b:96:1e:43:1d:58:73:
27:96:2c:f8:30:be:b5:29:20:46:57:bf:95:50:d1:5c:f1:d8:
a5:c7:df:e1:8c:4d:c1:c7:6d:78:21:70:55:4e:35:65:b7:76:
a3:46:e5:2f:96:3f:1a:9a:71:09:67:26:85:68:c3:5d:55:d4:
fa:14:f5:4b:d5:65:21:87:c1:a5:75:23:6d:28:9e:ee:58:1b:
74:f7:31:8a:e3:a3:b5:35:b6:35:40:76:10:9c:f0:66:a4:5a:
a3:fa:f5:9d:e5:cb:10:72:6c:24:a5:5a:8c:36:82:9e:c4:9e:
3d:91:2d:71:85:30:c9:0f:ad:5e:9c:f3:05:68:ca:f6:55:fc:
df:03:4c:7d:13:97:11:31:df:b6:3d:7d:80:19:96:18:fb:df:
d9:2f:5f:95:2a:4b:36:80:35:60:11:05:25:20:87:1e:a9:8a:
b2:c3:18:5f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUCz647XN4ezBB9sey5JMCqQh8ehowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA0MTRaFw0yNDAzMjAxODA5MTRaMDMxMTAvBgNV
BAMTKDIxODRGN0Y4NDY1NjBDOUE0RjBCRTA2NzIxQTg2RTRCOTZDMTgxRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGGVLOO16RvuNA+IWRaOOCioDb
D3Tb80SYbW0xZ/ynYYyD76yN5FCPmqkFEE20AnqwnL2XTf79NZb+dHG6w4iRHErg
ZXSfJaTHOjU8hm8vLA1YYYkNS2fL9LCHNEUV5enj7B9oCV80PIv3AiVf0Szd1u+a
meVHd3mLxReB2th0hrtSFJgwQDsK66o6uXmEDwmFedQqgMz7kwHK7NfcKZnvz6Ue
CIQN6Hfkt79pKjAein2ruq+PqTkKI0CjWdqRzmrYo4NyT/ywoQRgwyhNFc21bkw7
MCSLELgne875uG2edhHFVpn6ezKS7q5IS1YScNlr69CZIHYXuUpeGxG8wf4tAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUIYT3+EZWDJpPC+BnIahuS5bBgfswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM0MzMzMjM2MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAECOPgw
DQYJKoZIhvcNAQELBQADggEBAFQhEiJ40IQADKtNWCJ7rUJpmmtSTLjQp7ZhbZIo
nhwfODV41jz13Kk15LX1IAz2+CcnTeBahFbFUYWzXIzJcWiL+n2IcMunZenkpiSQ
NiKXTYTne5YeQx1YcyeWLPgwvrUpIEZXv5VQ0Vzx2KXH3+GMTcHHbXghcFVONWW3
dqNG5S+WPxqacQlnJoVow11V1PoU9UvVZSGHwaV1I20onu5YG3T3MYrjo7U1tjVA
dhCc8GakWqP69Z3lyxBybCSlWow2gp7Enj2RLXGFMMkPrV6c8wVoyvZV/N8DTH0T
lxEx37Y9fYAZlhj739kvX5UqSzaANWARBSUghx6pirLDGF8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:49 2023 by rpki-client on console-ams.rpki-client.org