Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3234203d3e203433323630.roa
File: 322e35362e3234382e302f32332d3234203d3e203433323630.roa (raw, json)
Hash identifier: j6ziC4t+xVIosgKg9mlFRjM6TrijLciH1hyyaH36Exc=
Subject key identifier: FB:C2:BF:FE:9A:C7:1F:4C:75:B6:3F:6B:3D:EE:E3:13:DA:4A:06:94
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 28AD9990B125B0691D759FF90730FAE9399DB8E2
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3234203d3e203433323630.roa
Signing time: Fri 24 Mar 2023 03:26:37 +0000
ROA not before: Fri 24 Mar 2023 03:21:37 +0000
ROA not after: Fri 22 Mar 2024 03:26:37 +0000
asID: 43260
IP address blocks: 2.56.248.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:ad:99:90:b1:25:b0:69:1d:75:9f:f9:07:30:fa:e9:39:9d:b8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 24 03:21:37 2023 GMT
Not After : Mar 22 03:26:37 2024 GMT
Subject: CN=FBC2BFFE9AC71F4C75B63F6B3DEEE313DA4A0694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a7:82:14:1b:0e:03:78:11:a0:df:af:ec:9e:
ac:e3:2b:b1:f2:cb:5f:be:e9:90:ab:d1:2b:80:55:
44:2b:d7:27:c7:52:23:9c:51:ca:56:34:87:d6:b7:
68:af:79:e2:1e:2a:28:82:02:53:28:14:e6:ca:4e:
25:6e:78:c3:62:91:9d:a9:0a:11:04:4e:31:c7:c3:
ac:d5:e3:4a:be:f4:15:e4:2a:92:42:4b:67:3b:3b:
75:e1:0a:1e:43:2b:8d:88:28:f8:5f:44:38:ab:db:
5c:14:d4:7f:fa:e3:e7:d6:22:04:dc:91:31:aa:39:
4f:68:e1:d2:89:bc:04:1f:b3:4d:3c:f1:bf:76:79:
ab:81:93:6a:70:c7:8e:d7:d8:41:6f:5f:1e:e7:69:
7d:1a:26:15:54:15:76:1d:9c:9a:a5:cc:09:2d:99:
92:70:f5:c9:d2:ce:16:69:ff:31:93:78:c0:84:3e:
35:b8:92:78:c9:d7:dd:91:e5:1a:68:17:50:1a:e4:
5d:f9:7b:ef:a2:89:b2:79:80:2e:5d:84:03:e7:98:
30:a0:85:54:d1:a5:79:54:9a:c0:72:d5:cd:99:71:
c3:f1:3f:cc:89:82:65:4a:44:a0:99:4b:bc:41:e7:
6e:95:b6:b9:f8:d7:9e:65:58:f4:0d:92:83:1d:68:
d1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C2:BF:FE:9A:C7:1F:4C:75:B6:3F:6B:3D:EE:E3:13:DA:4A:06:94
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3234203d3e203433323630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:13:8b:dc:6b:65:2a:6f:66:c3:d4:ea:d0:81:8f:ff:d6:ba:
6f:4e:58:37:8a:65:85:fb:fb:da:ac:bb:b2:a9:1a:93:ca:b9:
df:63:e5:e2:a9:ea:3c:5d:e0:fe:a3:56:a6:dd:53:27:92:38:
ca:6c:46:5a:22:fe:80:f6:75:5f:72:59:c6:62:45:c1:5f:bb:
ec:25:d3:10:6f:e1:82:fc:45:1a:cf:60:a6:15:f4:cd:64:3c:
06:d7:a4:fe:23:e1:ed:fe:22:c0:19:33:b0:f8:b7:94:e6:03:
c7:b6:ec:4f:09:d3:54:f7:38:bb:fb:6f:55:44:70:58:9a:90:
be:b2:70:c6:31:db:ae:af:75:d1:b5:d4:df:1d:ab:b0:47:38:
88:e7:28:e4:13:eb:d0:83:07:9e:fd:0b:8c:7d:9d:54:b6:40:
88:20:29:39:55:8a:0f:7c:fc:49:02:4c:24:f1:56:8c:6d:54:
10:ef:ca:7a:7d:16:28:e4:69:04:a0:ec:d4:af:90:f9:39:85:
d9:8a:40:7e:ab:15:0a:e6:ec:06:51:e2:e9:9f:39:08:a4:41:
de:62:e9:46:6b:de:ef:59:ec:be:64:01:a4:68:44:46:00:2f:
ea:65:2f:ad:e6:60:6f:75:3d:4d:b8:73:4f:2f:2e:8b:db:d9:
45:9d:bd:49
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUKK2ZkLElsGkddZ/5BzD66TmduOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjQwMzIxMzdaFw0yNDAzMjIwMzI2MzdaMDMxMTAvBgNV
BAMTKEZCQzJCRkZFOUFDNzFGNEM3NUI2M0Y2QjNERUVFMzEzREE0QTA2OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4p4IUGw4DeBGg36/snqzjK7Hy
y1++6ZCr0SuAVUQr1yfHUiOcUcpWNIfWt2iveeIeKiiCAlMoFObKTiVueMNikZ2p
ChEETjHHw6zV40q+9BXkKpJCS2c7O3XhCh5DK42IKPhfRDir21wU1H/64+fWIgTc
kTGqOU9o4dKJvAQfs0088b92eauBk2pwx47X2EFvXx7naX0aJhVUFXYdnJqlzAkt
mZJw9cnSzhZp/zGTeMCEPjW4knjJ192R5RpoF1Aa5F35e++iibJ5gC5dhAPnmDCg
hVTRpXlUmsBy1c2ZccPxP8yJgmVKRKCZS7xB526Vtrn4155lWPQNkoMdaNGZAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU+8K//prHH0x1tj9rPe7jE9pKBpQwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzMzMjM2MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAECOPgw
DQYJKoZIhvcNAQELBQADggEBAFsTi9xrZSpvZsPU6tCBj//Wum9OWDeKZYX7+9qs
u7KpGpPKud9j5eKp6jxd4P6jVqbdUyeSOMpsRloi/oD2dV9yWcZiRcFfu+wl0xBv
4YL8RRrPYKYV9M1kPAbXpP4j4e3+IsAZM7D4t5TmA8e27E8J01T3OLv7b1VEcFia
kL6ycMYx266vddG11N8dq7BHOIjnKOQT69CDB579C4x9nVS2QIggKTlVig98/EkC
TCTxVoxtVBDvynp9FijkaQSg7NSvkPk5hdmKQH6rFQrm7AZR4umfOQikQd5i6UZr
3u9Z7L5kAaRoREYAL+plL63mYG91PU24c08vLovb2UWdvUk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:12:49 2023 by rpki-client on console-ams.rpki-client.org