Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e2038303735.roa
File: 322e35362e3235302e302f32342d3234203d3e2038303735.roa (raw, json)
Hash identifier: srKwxjuO0A72hdtjQBqf8PqzhDyt7XqThlIpJXdoLg4=
Subject key identifier: 44:C2:DA:0E:4E:80:09:DE:5A:20:DB:DF:28:18:2C:BC:C5:91:1E:78
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5285809BA73F889D4436A537036C0ABB582F640B
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e2038303735.roa
Signing time: Wed 06 Sep 2023 13:09:07 +0000
ROA not before: Wed 06 Sep 2023 13:04:07 +0000
ROA not after: Wed 04 Sep 2024 13:09:07 +0000
asID: 8075
IP address blocks: 2.56.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:85:80:9b:a7:3f:88:9d:44:36:a5:37:03:6c:0a:bb:58:2f:64:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Sep 6 13:04:07 2023 GMT
Not After : Sep 4 13:09:07 2024 GMT
Subject: CN=44C2DA0E4E8009DE5A20DBDF28182CBCC5911E78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:85:86:ab:2f:2b:39:61:b9:d8:5a:c2:e7:d1:
0b:50:11:95:49:50:9d:b9:0b:e9:f1:68:32:ec:2f:
77:92:49:74:4f:4f:38:3d:18:30:59:f4:82:70:9d:
b8:2f:1c:47:32:bf:6d:a0:5b:91:60:15:2f:46:06:
af:a9:39:45:29:da:54:c1:6f:72:60:c7:17:a9:ef:
ce:80:8a:1a:15:b9:fc:56:68:56:54:f3:13:ea:23:
2f:ff:fb:96:41:c8:f8:54:a0:4a:ba:f3:4d:85:b6:
c6:92:46:ff:e4:fe:58:36:a8:af:b4:fc:7e:1a:5d:
d0:92:a9:88:f9:e1:10:9f:f3:38:df:f2:cc:95:7e:
85:22:33:2d:2a:59:56:18:c1:f7:73:bb:82:d9:54:
c5:86:46:2b:87:3a:73:b4:2d:1b:cc:f9:82:9e:2e:
3f:36:ca:5f:62:d1:7f:90:71:3e:41:09:73:63:35:
a2:76:8b:96:1c:18:66:49:89:e1:31:be:21:cd:ff:
b7:8d:4c:f0:a8:c1:8b:18:5e:22:67:92:f3:d9:1e:
4a:88:bd:90:9c:1c:cc:65:f5:7a:6f:ad:fc:bf:63:
61:38:2c:eb:6a:f3:4f:07:63:f8:e0:1f:2f:b9:13:
4c:63:bc:e9:f5:be:da:80:37:60:a5:5a:42:67:71:
be:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C2:DA:0E:4E:80:09:DE:5A:20:DB:DF:28:18:2C:BC:C5:91:1E:78
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e2038303735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:44:1a:f6:8f:52:64:b3:ec:84:86:41:9f:1b:18:9b:41:7c:
7e:13:f2:b7:b0:2c:16:ab:b8:d0:b3:a0:dc:65:d9:0f:39:1f:
74:c9:bd:97:12:a5:d6:dd:5c:dc:28:a9:9f:45:dc:e0:4b:62:
b7:de:ee:2a:4e:f9:8b:b3:f0:dd:03:68:8b:0d:19:58:87:b4:
16:33:86:ee:2b:71:fd:3f:e4:77:7f:39:14:11:7f:0b:b8:90:
c4:4e:a4:f7:95:e5:d4:b9:23:a9:1c:e4:24:d7:02:48:2a:bc:
0e:cc:8e:9f:76:51:d4:8c:07:2a:f4:e0:0b:0b:27:55:64:51:
d3:3e:87:59:7e:51:6b:87:9a:d9:23:ae:1c:c0:61:00:97:2e:
6f:23:b4:6e:c7:70:ed:5d:77:bc:0c:9a:f0:ff:77:77:1f:98:
7a:31:59:8e:59:87:01:6a:de:37:a7:90:5c:3c:e4:2c:19:b2:
2f:6f:ad:d2:bd:45:56:35:f7:14:71:4e:dc:5b:b6:a8:a3:7e:
1c:e6:45:ff:47:0f:5d:29:22:05:4b:f6:17:a3:66:c3:c0:a5:
21:66:e6:09:6d:d0:63:e0:61:a2:e5:7d:0f:ae:ad:4b:fe:62:
26:44:d5:5c:83:a9:3e:e9:65:6d:a5:6a:cf:2e:03:6b:c1:a4:
a4:b2:4f:4e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUUoWAm6c/iJ1ENqU3A2wKu1gvZAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA5MDYxMzA0MDdaFw0yNDA5MDQxMzA5MDdaMDMxMTAvBgNV
BAMTKDQ0QzJEQTBFNEU4MDA5REU1QTIwREJERjI4MTgyQ0JDQzU5MTFFNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6hYarLys5YbnYWsLn0QtQEZVJ
UJ25C+nxaDLsL3eSSXRPTzg9GDBZ9IJwnbgvHEcyv22gW5FgFS9GBq+pOUUp2lTB
b3Jgxxep786AihoVufxWaFZU8xPqIy//+5ZByPhUoEq6802FtsaSRv/k/lg2qK+0
/H4aXdCSqYj54RCf8zjf8syVfoUiMy0qWVYYwfdzu4LZVMWGRiuHOnO0LRvM+YKe
Lj82yl9i0X+QcT5BCXNjNaJ2i5YcGGZJieExviHN/7eNTPCowYsYXiJnkvPZHkqI
vZCcHMxl9Xpvrfy/Y2E4LOtq808HY/jgHy+5E0xjvOn1vtqAN2ClWkJncb7dAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQURMLaDk6ACd5aINvfKBgsvMWRHngwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzAzNzM1LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjj6MA0G
CSqGSIb3DQEBCwUAA4IBAQBaRBr2j1Jks+yEhkGfGxibQXx+E/K3sCwWq7jQs6Dc
ZdkPOR90yb2XEqXW3VzcKKmfRdzgS2K33u4qTvmLs/DdA2iLDRlYh7QWM4buK3H9
P+R3fzkUEX8LuJDETqT3leXUuSOpHOQk1wJIKrwOzI6fdlHUjAcq9OALCydVZFHT
PodZflFrh5rZI64cwGEAly5vI7Rux3DtXXe8DJrw/3d3H5h6MVmOWYcBat43p5Bc
POQsGbIvb63SvUVWNfcUcU7cW7aoo34c5kX/Rw9dKSIFS/YXo2bDwKUhZuYJbdBj
4GGi5X0Prq1L/mImRNVcg6k+6WVtpWrPLgNrwaSksk9O
Generated at Fri Sep 8 07:11:21 2023 by rpki-client on console-ams.rpki-client.org