Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3234203d3e20383334.roa
File: 322e35362e3234382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: egi0WkP+wHfWPI1SS5I5WugFBkiQtQ5lHonMKys/LPM=
Subject key identifier: 59:B7:11:AE:5B:2E:6D:75:AD:57:04:39:E6:A6:55:F9:BF:9B:97:A6
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 47BDB8E79658549DB5FB4B9CB4CA6041A64EB903
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3234203d3e20383334.roa
Signing time: Tue 08 Aug 2023 11:00:08 +0000
ROA not before: Tue 08 Aug 2023 10:55:08 +0000
ROA not after: Tue 06 Aug 2024 11:00:08 +0000
asID: 834
IP address blocks: 2.56.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jan 2024 23:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:bd:b8:e7:96:58:54:9d:b5:fb:4b:9c:b4:ca:60:41:a6:4e:b9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 8 10:55:08 2023 GMT
Not After : Aug 6 11:00:08 2024 GMT
Subject: CN=59B711AE5B2E6D75AD570439E6A655F9BF9B97A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:62:44:76:ba:5d:b5:d4:e5:43:be:74:4a:a2:
6a:45:7d:4a:66:d9:a7:66:78:ba:5c:30:20:1d:1f:
33:51:c0:88:9c:61:91:ef:2a:35:2a:d3:8f:21:ac:
b8:7b:6b:50:f2:31:91:7d:64:87:71:2b:ce:81:2d:
fc:bd:0f:81:e0:00:b5:c4:bd:09:f1:99:4f:f9:c7:
50:47:1b:34:2c:94:81:76:56:b6:c5:20:6c:db:5a:
6e:6a:28:12:80:65:64:31:83:a3:6c:4f:bf:34:ed:
c6:b6:4f:b0:c1:e2:64:72:5f:5f:d2:93:82:44:b2:
3d:84:e1:f2:e0:a8:eb:1d:ab:9c:e3:18:6d:7a:e5:
1d:90:de:ef:0b:e8:5a:13:82:99:e2:38:08:26:7e:
58:e7:9e:c9:94:a4:67:89:fb:7d:c5:17:93:2d:e0:
03:94:6c:ce:45:f1:ef:99:83:22:b1:25:f0:f6:37:
9a:e0:d7:d1:d4:27:02:f4:9e:1b:3f:9e:22:4b:3d:
07:2b:73:5b:d6:aa:ca:00:84:16:f9:63:21:cf:a2:
1d:21:3e:3b:a7:bc:62:35:6e:42:b7:bc:33:41:7b:
4c:43:c1:0d:60:db:4e:57:2a:c2:19:3c:09:88:eb:
ad:ae:eb:f7:22:b8:6a:f8:89:ca:34:ca:0f:70:e1:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:B7:11:AE:5B:2E:6D:75:AD:57:04:39:E6:A6:55:F9:BF:9B:97:A6
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/23
Signature Algorithm: sha256WithRSAEncryption
79:d8:ee:b2:6e:ce:c6:bd:87:0a:cf:21:d8:ec:8e:bd:17:0b:
0b:4e:93:d8:ac:98:b5:cf:c3:11:5a:87:b3:ed:db:e7:6a:35:
7b:10:cb:23:22:1a:2f:85:b9:f4:ac:63:f2:fe:39:5a:d4:0c:
1c:04:a6:38:a4:f8:07:65:20:2f:06:42:da:07:26:43:ad:d3:
20:50:0c:7e:25:84:2f:c9:59:08:1e:9a:68:9b:95:2b:04:39:
3d:ce:8e:28:d4:12:71:0a:61:3c:71:92:3c:80:32:49:7d:92:
7e:68:8d:72:33:46:2b:9a:15:c5:bd:16:0e:24:02:91:73:a1:
0e:5d:7c:a3:03:79:4f:dc:db:9f:42:65:ca:5f:0a:75:d7:3a:
2d:f5:5f:2d:dd:1b:56:9d:22:d1:be:a4:20:0e:00:69:c7:ee:
c7:93:01:bb:ce:7c:a0:9f:8a:61:2c:0a:6b:48:af:cf:fc:b1:
40:d6:ae:b3:c9:d9:2b:90:6e:5e:ae:e2:ca:fc:bd:07:45:c6:
85:88:03:02:cc:3f:04:5d:88:dc:64:a6:cd:b6:dd:d5:0d:e2:
e5:30:37:ee:c8:ad:63:6d:51:06:8e:64:78:22:21:17:3c:4a:
6f:87:cf:03:35:a7:db:4f:1b:28:de:61:aa:33:cc:15:74:b3:
02:64:29:ef
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUR72455ZYVJ21+0uctMpgQaZOuQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA4MDgxMDU1MDhaFw0yNDA4MDYxMTAwMDhaMDMxMTAvBgNV
BAMTKDU5QjcxMUFFNUIyRTZENzVBRDU3MDQzOUU2QTY1NUY5QkY5Qjk3QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQYkR2ul211OVDvnRKompFfUpm
2admeLpcMCAdHzNRwIicYZHvKjUq048hrLh7a1DyMZF9ZIdxK86BLfy9D4HgALXE
vQnxmU/5x1BHGzQslIF2VrbFIGzbWm5qKBKAZWQxg6NsT7807ca2T7DB4mRyX1/S
k4JEsj2E4fLgqOsdq5zjGG165R2Q3u8L6FoTgpniOAgmfljnnsmUpGeJ+33FF5Mt
4AOUbM5F8e+ZgyKxJfD2N5rg19HUJwL0nhs/niJLPQcrc1vWqsoAhBb5YyHPoh0h
PjunvGI1bkK3vDNBe0xDwQ1g205XKsIZPAmI662u6/ciuGr4ico0yg9w4ZIBAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUWbcRrlsubXWtVwQ55qZV+b+bl6YwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQI4+DANBgkq
hkiG9w0BAQsFAAOCAQEAedjusm7Oxr2HCs8h2OyOvRcLC06T2KyYtc/DEVqHs+3b
52o1exDLIyIaL4W59Kxj8v45WtQMHASmOKT4B2UgLwZC2gcmQ63TIFAMfiWEL8lZ
CB6aaJuVKwQ5Pc6OKNQScQphPHGSPIAySX2SfmiNcjNGK5oVxb0WDiQCkXOhDl18
owN5T9zbn0Jlyl8Kddc6LfVfLd0bVp0i0b6kIA4Aacfux5MBu858oJ+KYSwKa0iv
z/yxQNaus8nZK5BuXq7iyvy9B0XGhYgDAsw/BF2I3GSmzbbd1Q3i5TA37sitY21R
Bo5keCIhFzxKb4fPAzWn208bKN5hqjPMFXSzAmQp7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org