Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20383334.roa
File: 322e35392e35382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: eDgu9PkEwnUcz1di+JR/l9eY+OihVKg/ajI6qHAi0Tk=
Subject key identifier: 77:B9:EB:EE:F1:36:EF:B8:33:D1:70:2D:55:46:10:CF:B2:97:3F:1F
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0E91E46DE9428ECA63F7E04DCCBAECBA92C59A53
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20383334.roa
Signing time: Sat 10 Feb 2024 10:04:43 +0000
ROA not before: Sat 10 Feb 2024 09:59:43 +0000
ROA not after: Sat 08 Feb 2025 10:04:43 +0000
asID: 834
IP address blocks: 2.59.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 12:15:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:91:e4:6d:e9:42:8e:ca:63:f7:e0:4d:cc:ba:ec:ba:92:c5:9a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 10 09:59:43 2024 GMT
Not After : Feb 8 10:04:43 2025 GMT
Subject: CN=77B9EBEEF136EFB833D1702D554610CFB2973F1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:c8:27:4b:ea:0c:df:05:73:66:46:4b:f6:
87:19:26:be:99:e2:8f:a6:04:a3:24:bc:8d:ff:01:
46:fe:39:1f:e2:42:d2:82:8c:20:8b:e1:9e:95:cb:
a0:67:fb:79:a6:9b:1a:29:2c:fd:24:c8:9f:82:43:
a9:5f:78:0f:a0:f5:f8:5a:88:59:f8:ab:ad:e7:55:
2a:d4:15:89:fc:45:69:11:65:21:7f:e9:11:bc:d2:
2d:50:10:08:51:79:87:11:b9:ff:e2:29:1d:2e:4d:
61:da:27:fa:c4:42:a5:02:ba:c5:0b:52:cd:bb:ac:
59:11:80:d9:75:93:eb:1a:e2:e8:9a:aa:38:eb:c1:
6a:82:d2:06:b5:0b:66:1f:25:f9:00:25:55:c1:9a:
14:7a:06:cf:2e:db:79:01:9f:1d:c3:a2:69:09:b4:
d7:c8:33:57:b4:59:cf:22:aa:93:bd:66:25:13:b0:
c2:06:61:ec:70:33:6e:c3:31:ff:85:66:04:7d:08:
d0:e8:ca:72:ff:df:7c:ac:a4:00:69:cf:a8:9d:05:
46:e9:12:56:26:4e:8b:25:13:2f:6b:51:c4:ab:f7:
93:9b:98:ef:49:e6:50:22:61:d8:6f:e5:ca:2e:a2:
9c:46:15:bb:40:de:83:e3:56:c1:8c:79:f2:fd:62:
75:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B9:EB:EE:F1:36:EF:B8:33:D1:70:2D:55:46:10:CF:B2:97:3F:1F
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.58.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:78:3f:a3:f8:b4:29:bf:ff:4d:25:9f:28:25:35:60:98:78:
f3:e9:97:2b:7a:95:a4:b5:2f:9c:63:53:02:4f:9f:54:d0:1d:
f1:60:e3:ee:4d:49:67:36:46:7b:31:66:a6:4d:83:88:82:21:
0e:41:44:0a:28:72:2b:1f:de:0d:aa:12:8d:66:50:c2:14:c8:
0d:a9:1a:c8:35:81:7f:dc:0a:96:81:6f:e1:f4:4f:37:14:b0:
9b:c9:cd:c3:8e:c7:48:69:9f:45:a0:bf:db:be:f9:7c:77:8f:
cf:10:50:9a:9c:d9:97:b3:d6:3d:df:7a:87:71:8b:e2:2e:9a:
59:c1:44:f0:6a:bd:28:65:e3:99:ed:a3:96:2a:3e:96:7b:d2:
92:94:68:cb:b6:52:7f:bb:81:1a:eb:70:bd:9a:f5:8a:6e:31:
4e:b4:93:ed:8c:0d:42:c8:03:be:4b:88:2a:27:9a:f2:ac:eb:
c2:b2:a2:5e:6c:cf:2c:5c:94:18:b0:e7:c9:43:a1:db:cf:7b:
53:5f:e8:9b:de:38:67:c6:7e:a6:b6:5a:74:17:a0:9b:3a:1e:
70:61:ed:fe:b4:f3:e4:01:6a:23:c3:e8:af:be:07:e9:78:2c:
5d:c6:f7:f9:7d:87:4b:03:b2:b0:80:e1:1f:8f:91:93:91:95:
98:22:93:5f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUDpHkbelCjspj9+BNzLrsupLFmlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMTAwOTU5NDNaFw0yNTAyMDgxMDA0NDNaMDMxMTAvBgNV
BAMTKDc3QjlFQkVFRjEzNkVGQjgzM0QxNzAyRDU1NDYxMENGQjI5NzNGMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0M8gnS+oM3wVzZkZL9ocZJr6Z
4o+mBKMkvI3/AUb+OR/iQtKCjCCL4Z6Vy6Bn+3mmmxopLP0kyJ+CQ6lfeA+g9fha
iFn4q63nVSrUFYn8RWkRZSF/6RG80i1QEAhReYcRuf/iKR0uTWHaJ/rEQqUCusUL
Us27rFkRgNl1k+sa4uiaqjjrwWqC0ga1C2YfJfkAJVXBmhR6Bs8u23kBnx3DomkJ
tNfIM1e0Wc8iqpO9ZiUTsMIGYexwM27DMf+FZgR9CNDoynL/33yspABpz6idBUbp
ElYmToslEy9rUcSr95ObmO9J5lAiYdhv5couopxGFbtA3oPjVsGMefL9YnXdAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUd7nr7vE277gz0XAtVUYQz7KXPx8wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzowDQYJKoZI
hvcNAQELBQADggEBAH94P6P4tCm//00lnyglNWCYePPplyt6laS1L5xjUwJPn1TQ
HfFg4+5NSWc2RnsxZqZNg4iCIQ5BRAoocisf3g2qEo1mUMIUyA2pGsg1gX/cCpaB
b+H0TzcUsJvJzcOOx0hpn0Wgv9u++Xx3j88QUJqc2Zez1j3feodxi+IumlnBRPBq
vShl45nto5YqPpZ70pKUaMu2Un+7gRrrcL2a9YpuMU60k+2MDULIA75LiConmvKs
68Kyol5szyxclBiw58lDodvPe1Nf6JveOGfGfqa2WnQXoJs6HnBh7f608+QBaiPD
6K++B+l4LF3G9/l9h0sDsrCA4R+PkZORlZgik18=
-----END CERTIFICATE-----
Generated at Sat Feb 10 12:57:32 2024 by rpki-client on console-ams.rpki-client.org