Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203133333335.roa
File: 322e35362e3234392e302f32342d3234203d3e203133333335.roa (raw, json)
Hash identifier: oGH9JepOJq+AwBIzN0hrUIVlTctQbSIgpOIekoLeHiY=
Subject key identifier: BC:0A:FC:61:47:D7:E8:DD:29:A7:93:5D:FE:C3:5F:2B:92:FA:E3:8E
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 67D5B76F5A60CC13057DDA5C4F9EA02F7AAF1327
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203133333335.roa
Signing time: Fri 11 Aug 2023 21:17:51 +0000
ROA not before: Fri 11 Aug 2023 21:12:51 +0000
ROA not after: Fri 09 Aug 2024 21:17:51 +0000
asID: 13335
IP address blocks: 2.56.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d5:b7:6f:5a:60:cc:13:05:7d:da:5c:4f:9e:a0:2f:7a:af:13:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Aug 11 21:12:51 2023 GMT
Not After : Aug 9 21:17:51 2024 GMT
Subject: CN=BC0AFC6147D7E8DD29A7935DFEC35F2B92FAE38E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5f:e4:7d:15:8f:de:70:02:64:9b:17:ba:83:
f5:df:12:59:7d:be:7a:12:40:d1:0d:83:9c:2b:08:
a7:36:fb:c0:32:9b:01:62:8a:00:4f:74:89:01:e2:
f0:cc:9f:a0:f7:00:cb:91:30:80:05:b3:4b:70:42:
eb:a0:18:f9:84:36:5f:72:09:f6:6d:e3:21:b9:a4:
4e:56:5c:32:c6:3e:0b:57:68:54:77:a6:45:45:61:
e7:1a:aa:80:2c:d1:26:d1:bd:1d:5a:81:f6:30:2e:
bd:d9:2d:c3:6b:00:4a:13:8a:8c:c8:1e:d1:e2:88:
b3:35:be:47:70:b1:3f:ef:79:21:34:3d:61:bc:ca:
1b:a6:f6:7c:22:de:e9:4e:57:f9:36:10:97:b6:ec:
d2:c7:a1:90:a1:b7:23:f0:ad:90:5d:f9:b9:2f:d4:
40:80:fa:73:19:e1:74:52:63:48:0f:06:fb:50:b7:
4e:4e:a3:d5:2b:02:e9:40:9d:e4:b1:3b:8b:fb:b1:
b1:cf:70:28:09:d3:62:57:5c:c1:dd:86:a9:8b:5d:
5e:f4:d9:5c:54:a3:3a:bd:ee:69:e9:76:96:69:22:
04:f8:82:4c:b8:3a:15:18:09:50:dd:26:f4:a6:e8:
d4:51:84:4a:ae:7f:9e:57:52:d7:51:71:97:4e:d7:
33:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:0A:FC:61:47:D7:E8:DD:29:A7:93:5D:FE:C3:5F:2B:92:FA:E3:8E
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234392e302f32342d3234203d3e203133333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.249.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:bb:f6:d3:e3:3b:87:82:e7:72:2f:d6:a7:a0:10:1c:0f:ec:
21:01:2f:fe:03:27:9e:ea:be:9d:7f:90:d1:e0:c1:8e:1e:a3:
30:bf:cc:4a:77:6c:e3:ca:c7:66:5a:3a:30:59:02:af:e6:ea:
73:9d:e3:cc:c2:98:cf:af:62:f7:47:cf:b3:ae:7e:7b:65:26:
e6:f2:29:d3:42:40:ca:c1:d3:29:f3:dc:56:78:65:d6:e4:bd:
89:5a:d2:dd:73:88:c7:c7:60:3c:4c:e0:5e:7b:65:c4:fa:e6:
3d:73:4d:82:6e:2b:50:03:78:e9:17:04:38:7d:2c:dc:6d:49:
2f:1c:29:68:eb:6e:aa:40:49:5a:cd:26:ba:4d:7e:7c:a3:a8:
fa:04:1c:01:61:b9:1d:d0:bd:e1:7b:dc:04:a5:af:fa:4c:17:
2a:8a:d0:31:45:53:12:bd:d0:c9:98:9f:5f:1a:9a:7e:60:c1:
74:dd:6b:e7:6f:9d:9e:ca:9e:25:b2:7c:d1:90:1a:7b:a0:17:
2f:76:65:8f:d8:80:b1:71:45:ce:f9:a0:8b:f5:ad:f4:6b:95:
3f:f0:37:c0:c8:af:93:97:01:d1:6d:1f:2f:40:da:eb:97:78:
16:b5:8e:a3:9d:6b:93:8b:e7:8e:65:0e:37:3b:0d:4a:d7:1b:
f5:2a:f1:ba
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZ9W3b1pgzBMFfdpcT56gL3qvEycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA4MTEyMTEyNTFaFw0yNDA4MDkyMTE3NTFaMDMxMTAvBgNV
BAMTKEJDMEFGQzYxNDdEN0U4REQyOUE3OTM1REZFQzM1RjJCOTJGQUUzOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2X+R9FY/ecAJkmxe6g/XfEll9
vnoSQNENg5wrCKc2+8AymwFiigBPdIkB4vDMn6D3AMuRMIAFs0twQuugGPmENl9y
CfZt4yG5pE5WXDLGPgtXaFR3pkVFYecaqoAs0SbRvR1agfYwLr3ZLcNrAEoTiozI
HtHiiLM1vkdwsT/veSE0PWG8yhum9nwi3ulOV/k2EJe27NLHoZChtyPwrZBd+bkv
1ECA+nMZ4XRSY0gPBvtQt05Oo9UrAulAneSxO4v7sbHPcCgJ02JXXMHdhqmLXV70
2VxUozq97mnpdpZpIgT4gky4OhUYCVDdJvSm6NRRhEquf55XUtdRcZdO1zOJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUvAr8YUfX6N0pp5Nd/sNfK5L6444wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzMzMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOPkw
DQYJKoZIhvcNAQELBQADggEBAMa79tPjO4eC53Iv1qegEBwP7CEBL/4DJ57qvp1/
kNHgwY4eozC/zEp3bOPKx2ZaOjBZAq/m6nOd48zCmM+vYvdHz7OufntlJubyKdNC
QMrB0ynz3FZ4ZdbkvYla0t1ziMfHYDxM4F57ZcT65j1zTYJuK1ADeOkXBDh9LNxt
SS8cKWjrbqpASVrNJrpNfnyjqPoEHAFhuR3QveF73ASlr/pMFyqK0DFFUxK90MmY
n18amn5gwXTda+dvnZ7KniWyfNGQGnugFy92ZY/YgLFxRc75oIv1rfRrlT/wN8DI
r5OXAdFtHy9A2uuXeBa1jqOda5OL545lDjc7DUrXG/Uq8bo=
-----END CERTIFICATE-----
Generated at Wed Oct 11 00:27:47 2023 by rpki-client on console-fra.rpki-client.org