Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20383334.roa
File: 322e35362e3234382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: K2YCVQgbNa3Orq2V2lEABdNOs5riWuX7VuhXH+7i8H8=
Subject key identifier: B8:7A:B7:D3:39:02:72:B3:15:14:C9:9F:CF:8A:04:89:92:75:9E:A6
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 55928C73EB3F9B80CDD00CF6FF6FFBC3866DB310
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20383334.roa
Signing time: Mon 02 Dec 2024 10:49:03 +0000
ROA not before: Mon 02 Dec 2024 10:44:03 +0000
ROA not after: Mon 01 Dec 2025 10:49:03 +0000
asID: 834
IP address blocks: 2.56.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 18:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:92:8c:73:eb:3f:9b:80:cd:d0:0c:f6:ff:6f:fb:c3:86:6d:b3:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 2 10:44:03 2024 GMT
Not After : Dec 1 10:49:03 2025 GMT
Subject: CN=B87AB7D3390272B31514C99FCF8A048992759EA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a4:15:92:64:9f:d1:ca:3b:82:b2:97:d1:24:
13:a8:fb:6e:e4:58:21:8d:a0:b4:91:1e:a6:e4:ce:
2f:8b:f1:cf:02:34:4c:0f:61:5e:2a:06:4d:54:1e:
e9:5b:51:b3:9c:3a:f0:aa:d3:12:d2:d9:dd:a3:7f:
e7:fc:58:cd:c0:9b:ab:9c:5e:ce:30:69:c1:b5:af:
1d:89:ee:26:48:58:69:8c:d9:5e:ec:55:25:b8:46:
08:b4:e3:47:4e:3e:d3:2f:1c:27:1f:6b:f8:90:63:
e3:5f:f5:18:65:42:4e:bd:51:79:3a:24:df:37:d1:
f2:4d:75:90:5f:44:ac:72:93:dd:76:9b:b8:0a:fe:
36:22:d6:be:2a:c0:f6:49:bd:90:b9:a6:b9:91:eb:
61:94:1f:54:fe:77:77:23:12:8f:5f:71:f5:3a:5a:
ba:e3:ba:0c:41:89:35:8e:e9:d6:ae:a1:d0:5e:9a:
6a:61:35:2e:96:5f:7e:d2:09:00:8a:cd:db:e4:6b:
f1:ee:77:c9:65:89:fa:9b:e2:6c:be:64:cd:d4:d2:
32:87:8b:98:a7:e1:a9:60:af:db:fe:5b:00:d5:82:
31:fa:8a:fd:e5:c9:f6:dc:dc:d6:29:d5:fe:69:d8:
9c:ad:9d:ea:04:22:2f:55:35:88:c9:7c:99:2a:d5:
6f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7A:B7:D3:39:02:72:B3:15:14:C9:9F:CF:8A:04:89:92:75:9E:A6
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c8:15:71:de:ed:4f:e4:ea:da:54:a1:71:ff:13:ce:49:a4:
59:3d:e1:c5:b8:05:53:1c:e5:93:e2:98:50:33:a8:05:90:bb:
d0:72:f6:53:4d:fd:f7:d3:7c:26:8a:25:0f:62:6f:bf:36:42:
2e:34:d7:e7:68:b9:4d:3e:e8:08:d3:7d:21:00:d3:8c:52:87:
e4:08:b2:5a:dc:a5:88:d2:d6:81:09:d7:79:4d:83:24:14:a2:
d2:e8:2f:28:68:4c:e0:ff:9b:93:26:60:75:d1:36:2a:04:62:
dd:d4:73:69:dd:f8:5b:87:29:24:6b:9a:2e:8e:a4:39:d3:1f:
70:c6:c4:e1:01:66:2f:d3:f3:54:31:83:97:fc:1a:50:a9:1f:
e3:a4:6e:0d:f7:a4:8b:f6:17:c5:b0:df:04:8e:8f:ca:ab:ad:
6f:05:d5:96:d3:fa:a5:6f:7e:9b:96:3a:9a:7f:82:09:1b:c2:
92:56:d8:53:4f:22:32:ac:74:b8:be:25:ad:0b:ff:79:8e:6e:
c4:61:c8:aa:12:1e:10:fe:c5:10:27:36:a9:93:94:0e:94:3c:
d7:9a:43:f7:01:4c:7d:5f:4f:ae:bc:db:79:c7:3f:93:d6:cd:
2a:0d:9a:e5:cb:f3:5a:62:69:a9:5f:0b:21:ae:e5:2e:54:64:
21:26:0d:36
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUVZKMc+s/m4DN0Az2/2/7w4ZtsxAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDEyMDIxMDQ0MDNaFw0yNTEyMDExMDQ5MDNaMDMxMTAvBgNV
BAMTKEI4N0FCN0QzMzkwMjcyQjMxNTE0Qzk5RkNGOEEwNDg5OTI3NTlFQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7pBWSZJ/RyjuCspfRJBOo+27k
WCGNoLSRHqbkzi+L8c8CNEwPYV4qBk1UHulbUbOcOvCq0xLS2d2jf+f8WM3Am6uc
Xs4wacG1rx2J7iZIWGmM2V7sVSW4Rgi040dOPtMvHCcfa/iQY+Nf9RhlQk69UXk6
JN830fJNdZBfRKxyk912m7gK/jYi1r4qwPZJvZC5prmR62GUH1T+d3cjEo9fcfU6
WrrjugxBiTWO6dauodBemmphNS6WX37SCQCKzdvka/Hud8llifqb4my+ZM3U0jKH
i5in4algr9v+WwDVgjH6iv3lyfbc3NYp1f5p2JytneoEIi9VNYjJfJkq1W+vAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUuHq30zkCcrMVFMmfz4oEiZJ1nqYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4+DANBgkq
hkiG9w0BAQsFAAOCAQEAEcgVcd7tT+Tq2lShcf8TzkmkWT3hxbgFUxzlk+KYUDOo
BZC70HL2U03999N8JoolD2JvvzZCLjTX52i5TT7oCNN9IQDTjFKH5AiyWtyliNLW
gQnXeU2DJBSi0ugvKGhM4P+bkyZgddE2KgRi3dRzad34W4cpJGuaLo6kOdMfcMbE
4QFmL9PzVDGDl/waUKkf46RuDfeki/YXxbDfBI6PyqutbwXVltP6pW9+m5Y6mn+C
CRvCklbYU08iMqx0uL4lrQv/eY5uxGHIqhIeEP7FECc2qZOUDpQ815pD9wFMfV9P
rrzbecc/k9bNKg2a5cvzWmJpqV8LIa7lLlRkISYNNg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:06:17 2025 by rpki-client