Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20323732303237.roa
File: 322e35362e3235302e302f32342d3234203d3e20323732303237.roa (raw, json)
Hash identifier: tjx8kSgUapdsOqNT5znjpuKp8bLhjFMkzJDXt4TwihU=
Subject key identifier: 17:4B:A8:30:29:B1:43:D1:C5:34:12:67:9B:00:56:17:D9:7B:2C:83
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1C0F9DCBBC89F83C48D1329F51C0542105536B4E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20323732303237.roa
Signing time: Wed 22 Mar 2023 18:09:44 +0000
ROA not before: Wed 22 Mar 2023 18:04:44 +0000
ROA not after: Wed 20 Mar 2024 18:09:44 +0000
asID: 272027
IP address blocks: 2.56.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:0f:9d:cb:bc:89:f8:3c:48:d1:32:9f:51:c0:54:21:05:53:6b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:04:44 2023 GMT
Not After : Mar 20 18:09:44 2024 GMT
Subject: CN=174BA83029B143D1C53412679B005617D97B2C83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c4:45:be:b2:86:32:7a:b0:3f:a9:d4:dc:df:
ec:a9:be:b4:0a:bc:a1:38:ec:2a:f0:42:6a:32:13:
06:4e:b5:62:1a:3d:1f:6b:a5:81:f7:1f:fa:25:76:
b4:91:54:94:9f:20:f2:b7:8b:64:45:d1:47:54:83:
27:f3:60:ad:c6:49:8f:97:7c:18:12:7e:ba:0f:d8:
7e:0a:e6:1b:c8:1e:7a:3b:02:c9:c9:9f:9a:a0:7c:
66:b3:a5:6d:80:56:f1:14:79:9b:2b:ec:4d:62:76:
36:28:b6:6c:a4:87:1c:29:84:d9:e6:e2:7c:d3:d0:
53:ca:75:d1:4b:7c:f4:95:0c:b2:0e:55:b8:2a:2d:
e7:24:4d:ce:12:4f:a7:30:e7:07:b7:ab:5f:fb:6c:
c5:bb:3f:d5:a1:ff:39:b3:79:24:29:89:c9:d0:3c:
3f:77:96:a7:21:51:37:f0:9f:bf:00:6f:28:d5:a7:
70:0a:3f:ab:c5:17:4c:b0:56:00:d8:4c:b5:cf:30:
d7:ae:63:82:c4:9f:bf:85:ab:32:11:3d:ff:8d:0d:
6d:99:95:2a:ce:1a:a4:0e:12:b7:b5:9f:b7:70:87:
61:cf:56:2b:3f:ac:5b:f7:5e:2a:f7:9c:43:28:4e:
5d:ba:cc:e6:5b:4c:a7:63:dc:4b:20:77:1b:21:f9:
cc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4B:A8:30:29:B1:43:D1:C5:34:12:67:9B:00:56:17:D9:7B:2C:83
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20323732303237.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:bc:75:28:66:a5:1d:5a:0a:2c:a8:24:6f:e7:b9:d5:0f:34:
a5:5a:ce:c8:ec:34:8e:dd:c5:c8:93:7b:88:9d:d2:d7:5d:b1:
0e:15:16:76:eb:6f:57:a4:c7:d6:e6:75:07:98:20:61:dd:f7:
b2:87:7e:b4:d9:ae:5f:14:70:0f:c6:e4:e4:72:c6:3b:5d:66:
9c:ae:91:1a:5f:6b:a9:d7:40:8c:6c:af:8b:a6:b0:26:e4:c7:
1c:48:b6:38:17:20:e1:63:ad:16:41:3b:e6:0f:08:ec:bc:bb:
ea:db:26:1c:02:4f:f6:94:57:5a:58:6a:b2:c7:be:2e:ad:dc:
ec:38:a2:28:7b:5c:00:0f:03:d2:88:86:ec:82:07:10:87:8c:
f6:82:cd:44:9b:8b:2e:0d:b9:e8:78:aa:fc:91:0a:23:51:54:
a9:9d:47:28:d2:57:b5:7a:93:e1:3f:da:20:54:f6:71:1d:86:
0a:17:07:1c:37:f9:87:c8:4b:c3:40:2d:5d:31:8d:59:21:9e:
19:ff:6c:4f:ff:b8:53:7f:5e:04:a2:88:70:7e:52:10:07:ac:
e6:df:8f:d5:af:74:89:5e:f9:f4:86:ca:35:ea:ff:5f:34:a4:
a6:30:b4:58:c2:0a:38:ba:c0:16:5a:bf:95:fe:73:35:b7:ba:
04:21:cf:a2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHA+dy7yJ+DxI0TKfUcBUIQVTa04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA0NDRaFw0yNDAzMjAxODA5NDRaMDMxMTAvBgNV
BAMTKDE3NEJBODMwMjlCMTQzRDFDNTM0MTI2NzlCMDA1NjE3RDk3QjJDODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuxEW+soYyerA/qdTc3+ypvrQK
vKE47CrwQmoyEwZOtWIaPR9rpYH3H/oldrSRVJSfIPK3i2RF0UdUgyfzYK3GSY+X
fBgSfroP2H4K5hvIHno7AsnJn5qgfGazpW2AVvEUeZsr7E1idjYotmykhxwphNnm
4nzT0FPKddFLfPSVDLIOVbgqLeckTc4ST6cw5we3q1/7bMW7P9Wh/zmzeSQpicnQ
PD93lqchUTfwn78AbyjVp3AKP6vFF0ywVgDYTLXPMNeuY4LEn7+FqzIRPf+NDW2Z
lSrOGqQOEre1n7dwh2HPVis/rFv3Xir3nEMoTl26zOZbTKdj3Esgdxsh+cwvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUF0uoMCmxQ9HFNBJnmwBWF9l7LIMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMjMwMzIzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4
+jANBgkqhkiG9w0BAQsFAAOCAQEAXLx1KGalHVoKLKgkb+e51Q80pVrOyOw0jt3F
yJN7iJ3S112xDhUWdutvV6TH1uZ1B5ggYd33sod+tNmuXxRwD8bk5HLGO11mnK6R
Gl9rqddAjGyvi6awJuTHHEi2OBcg4WOtFkE75g8I7Ly76tsmHAJP9pRXWlhqsse+
Lq3c7DiiKHtcAA8D0oiG7IIHEIeM9oLNRJuLLg256Hiq/JEKI1FUqZ1HKNJXtXqT
4T/aIFT2cR2GChcHHDf5h8hLw0AtXTGNWSGeGf9sT/+4U39eBKKIcH5SEAes5t+P
1a90iV759IbKNer/XzSkpjC0WMIKOLrAFlq/lf5zNbe6BCHPog==
-----END CERTIFICATE-----
Generated at Mon Sep 4 00:38:49 2023 by rpki-client on console-ams.rpki-client.org