Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20383334.roa
File: 322e35362e3235302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: VUPvF5a3uAdFnK8JHopZEVkjxf8+o1lV9B8SGqamzBw=
Subject key identifier: A8:A0:27:B7:50:62:BC:35:C6:3A:DF:4C:F2:FE:2F:D1:75:84:3B:FA
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 72415F2BF8CABA99B135C3C2ED2916D7EAA1971E
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20383334.roa
Signing time: Mon 12 Feb 2024 00:02:28 +0000
ROA not before: Sun 11 Feb 2024 23:57:28 +0000
ROA not after: Mon 10 Feb 2025 00:02:28 +0000
asID: 834
IP address blocks: 2.56.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 10:16:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:41:5f:2b:f8:ca:ba:99:b1:35:c3:c2:ed:29:16:d7:ea:a1:97:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 11 23:57:28 2024 GMT
Not After : Feb 10 00:02:28 2025 GMT
Subject: CN=A8A027B75062BC35C63ADF4CF2FE2FD175843BFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3b:74:2b:80:31:16:83:24:f6:c7:9b:2b:d6:
fe:49:ed:e9:9c:b1:4e:36:89:77:e6:7a:7a:cb:b8:
f5:83:f8:5c:f3:ba:bc:51:ef:f9:8c:08:1a:c1:59:
ad:fd:13:20:a6:ee:15:b7:44:c9:a3:ce:db:f2:cc:
01:7a:a1:05:0e:3c:59:a9:69:d6:0b:bc:ed:4c:c5:
ec:e0:aa:d5:bb:fb:d0:13:2d:22:71:e4:f5:e5:58:
df:6c:c3:1f:6a:dd:3f:ff:0b:09:24:ac:58:65:29:
12:ab:5a:0e:10:27:cc:6a:e3:7c:5f:76:f0:65:91:
26:f9:4e:60:7e:fb:fb:12:f7:b7:d2:4c:10:95:47:
3c:5c:60:2d:60:e6:bd:69:9e:09:ab:e3:9f:ec:56:
33:45:06:1f:a8:17:19:27:d5:fd:a7:24:82:61:d9:
c5:43:d2:14:15:76:c8:bf:e6:30:97:43:8f:9d:d0:
7b:66:62:d5:62:c1:04:22:4f:5d:37:2d:e7:69:a6:
4f:d6:69:67:6d:9e:05:cd:ac:20:3c:e3:40:75:2c:
77:a4:1b:42:13:48:f8:29:8d:2f:f4:6e:e0:7e:4b:
9c:71:67:40:07:aa:b4:0d:eb:e1:e1:42:ed:89:b0:
60:73:1a:17:3c:e1:ac:f8:33:02:3b:97:7b:2a:95:
db:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A0:27:B7:50:62:BC:35:C6:3A:DF:4C:F2:FE:2F:D1:75:84:3B:FA
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.250.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:bd:d8:4a:d8:99:56:ec:cf:bf:09:8f:da:61:85:36:33:ef:
71:bb:52:c4:54:81:8a:96:82:a9:ce:8d:2d:e3:73:33:88:9e:
44:31:6b:53:51:ca:b6:d0:7f:91:01:91:b2:06:a6:04:79:ec:
0a:f9:5d:dc:7a:4a:fa:88:f5:13:64:61:ba:e2:7b:60:e7:c4:
19:b1:a2:75:7f:fd:aa:2d:12:aa:b1:a5:62:4a:e8:c4:0f:16:
6c:02:27:6f:d4:58:ec:2c:c4:66:45:fa:f8:88:6d:f9:8d:bd:
d1:26:95:aa:cc:19:6c:d6:45:90:e6:d9:aa:57:88:7a:43:1c:
c7:71:76:14:c3:fb:a5:4b:13:c9:88:f5:10:4a:72:d7:e7:2a:
04:b9:4c:ec:82:92:e5:c7:77:54:39:76:dc:4a:7e:cd:eb:ed:
64:cb:b6:e5:66:cb:80:bf:b4:06:2e:50:5c:e7:39:50:ee:09:
b9:e7:c7:21:b8:27:e4:99:c2:b5:21:a9:8b:92:93:f2:05:f5:
fc:ad:5c:a1:af:6b:8e:cf:01:e9:91:8e:48:73:2c:bd:db:47:
fa:42:19:3e:4f:b4:d1:8e:4e:d3:f5:71:02:fe:ed:0c:f7:22:
49:f1:31:6f:f6:05:6c:e5:ca:2c:92:5b:a7:80:33:ad:3a:c2:
ae:97:9c:00
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUckFfK/jKupmxNcPC7SkW1+qhlx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMTEyMzU3MjhaFw0yNTAyMTAwMDAyMjhaMDMxMTAvBgNV
BAMTKEE4QTAyN0I3NTA2MkJDMzVDNjNBREY0Q0YyRkUyRkQxNzU4NDNCRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDO3QrgDEWgyT2x5sr1v5J7emc
sU42iXfmenrLuPWD+FzzurxR7/mMCBrBWa39EyCm7hW3RMmjztvyzAF6oQUOPFmp
adYLvO1MxezgqtW7+9ATLSJx5PXlWN9swx9q3T//CwkkrFhlKRKrWg4QJ8xq43xf
dvBlkSb5TmB++/sS97fSTBCVRzxcYC1g5r1pngmr45/sVjNFBh+oFxkn1f2nJIJh
2cVD0hQVdsi/5jCXQ4+d0HtmYtViwQQiT103Ledppk/WaWdtngXNrCA840B1LHek
G0ITSPgpjS/0buB+S5xxZ0AHqrQN6+HhQu2JsGBzGhc84az4MwI7l3sqldsfAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUqKAnt1BivDXGOt9M8v4v0XWEO/owHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4+jANBgkq
hkiG9w0BAQsFAAOCAQEAq73YStiZVuzPvwmP2mGFNjPvcbtSxFSBipaCqc6NLeNz
M4ieRDFrU1HKttB/kQGRsgamBHnsCvld3HpK+oj1E2RhuuJ7YOfEGbGidX/9qi0S
qrGlYkroxA8WbAInb9RY7CzEZkX6+Iht+Y290SaVqswZbNZFkObZqleIekMcx3F2
FMP7pUsTyYj1EEpy1+cqBLlM7IKS5cd3VDl23Ep+zevtZMu25WbLgL+0Bi5QXOc5
UO4JuefHIbgn5JnCtSGpi5KT8gX1/K1coa9rjs8B6ZGOSHMsvdtH+kIZPk+00Y5O
0/VxAv7tDPciSfExb/YFbOXKLJJbp4AzrTrCrpecAA==
Generated at Wed Feb 14 15:10:47 2024 by rpki-client on console-ams.rpki-client.org