Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e20383334.roa
File: 38352e3230392e3232332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: BBRQOxW0aqqyq3aqAaO7Y5H7HBEu9zhZIz7H7dSgvFU=
Subject key identifier: 43:8A:36:30:1B:47:3F:DF:30:7E:91:47:4B:F5:BD:BC:22:D2:32:29
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 212FB1AA6AE6C307E7A5D8A2274A92E0DC551E38
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e20383334.roa
Signing time: Fri 23 Feb 2024 00:03:13 +0000
ROA not before: Thu 22 Feb 2024 23:58:13 +0000
ROA not after: Fri 21 Feb 2025 00:03:13 +0000
asID: 834
IP address blocks: 85.209.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 18:32:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:2f:b1:aa:6a:e6:c3:07:e7:a5:d8:a2:27:4a:92:e0:dc:55:1e:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 22 23:58:13 2024 GMT
Not After : Feb 21 00:03:13 2025 GMT
Subject: CN=438A36301B473FDF307E91474BF5BDBC22D23229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6d:2d:af:b6:4e:5e:07:1c:47:ca:41:32:ba:
a2:76:01:0b:c5:4a:6f:77:e3:ab:68:0f:15:ad:1a:
3e:22:79:2c:38:36:f2:f4:f1:fd:58:cb:3a:3c:b3:
5c:51:42:09:b1:30:09:9c:03:fe:e1:a3:22:ae:f8:
22:88:b3:57:da:17:42:25:ee:4e:62:cf:46:f3:af:
d3:fe:f9:a1:3a:36:ca:fc:c5:a6:02:b9:71:34:9b:
ef:66:38:b2:6c:70:5c:2e:71:6a:b0:f3:9d:f9:54:
83:21:65:26:79:87:15:34:5f:52:4b:4b:80:cf:7e:
7c:8f:09:ca:ae:df:27:8c:e6:7f:aa:1f:1c:e0:c0:
cd:52:83:5c:89:b7:8e:bc:cc:f5:66:8d:53:5b:23:
2b:2b:94:3e:6d:6b:9d:da:25:c2:12:50:d3:6b:08:
f7:4e:0e:3f:24:1c:38:92:97:17:e1:e5:b7:90:21:
32:e6:51:7d:85:1e:25:79:ff:8e:23:84:a5:1f:a9:
aa:4b:0a:f0:86:12:e4:33:27:2b:ed:61:46:54:92:
44:70:b4:89:7c:6a:4b:ad:4d:aa:43:fd:53:1f:5e:
d8:57:6a:b7:34:63:6a:64:6f:ab:a8:0a:52:c1:9a:
7c:ba:51:8c:fd:06:e7:07:1a:89:04:d5:c0:30:25:
cc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:8A:36:30:1B:47:3F:DF:30:7E:91:47:4B:F5:BD:BC:22:D2:32:29
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f7:e2:f9:83:bc:99:ef:80:9b:cd:20:31:34:62:03:7b:33:
66:b1:ba:47:8f:49:21:c7:1e:a4:29:c7:92:1f:33:03:8f:91:
8a:92:73:c8:5d:af:94:c4:db:f1:10:c3:8d:d2:0e:84:83:2d:
eb:ab:0a:be:29:65:53:02:b9:30:06:a9:0a:91:e3:e0:91:8a:
eb:f6:d4:44:84:91:b6:b6:5c:66:2d:bf:13:16:22:e4:1c:23:
19:72:02:3b:60:15:b4:d3:2f:6a:80:a5:2d:cc:c6:1d:04:bb:
0e:83:1a:21:8c:64:6f:d5:d3:fe:2f:5b:2c:b8:02:bb:e9:ad:
1d:78:29:c4:ae:60:dc:81:5b:c9:48:93:65:3a:02:ab:23:df:
b5:43:18:cd:32:3e:5b:85:f2:7d:f1:51:e8:ae:c6:ed:a4:24:
a9:67:89:99:c6:44:70:41:c8:b5:d9:e4:38:a5:47:36:9a:dc:
45:fc:7a:41:68:66:f6:ba:1e:a5:58:54:38:11:94:a3:94:c6:
03:90:c4:3a:72:5c:f3:3a:77:3b:c0:a8:46:52:4f:bf:e4:08:
b5:c4:9b:7f:21:0c:7f:21:4f:1c:81:71:d6:8e:9f:76:95:e1:
93:05:08:27:42:ce:dd:9c:26:fd:8e:40:dd:c6:fa:b1:ce:24:
e3:e0:4c:13
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUIS+xqmrmwwfnpdiiJ0qS4NxVHjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAyMjIyMzU4MTNaFw0yNTAyMjEwMDAzMTNaMDMxMTAvBgNV
BAMTKDQzOEEzNjMwMUI0NzNGREYzMDdFOTE0NzRCRjVCREJDMjJEMjMyMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDbS2vtk5eBxxHykEyuqJ2AQvF
Sm9346toDxWtGj4ieSw4NvL08f1Yyzo8s1xRQgmxMAmcA/7hoyKu+CKIs1faF0Il
7k5iz0bzr9P++aE6Nsr8xaYCuXE0m+9mOLJscFwucWqw8535VIMhZSZ5hxU0X1JL
S4DPfnyPCcqu3yeM5n+qHxzgwM1Sg1yJt468zPVmjVNbIysrlD5ta53aJcISUNNr
CPdODj8kHDiSlxfh5beQITLmUX2FHiV5/44jhKUfqapLCvCGEuQzJyvtYUZUkkRw
tIl8akutTapD/VMfXthXarc0Y2pkb6uoClLBmny6UYz9BucHGokE1cAwJcwNAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUQ4o2MBtHP98wfpFHS/W9vCLSMikwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0d8w
DQYJKoZIhvcNAQELBQADggEBAIX34vmDvJnvgJvNIDE0YgN7M2axukePSSHHHqQp
x5IfMwOPkYqSc8hdr5TE2/EQw43SDoSDLeurCr4pZVMCuTAGqQqR4+CRiuv21ESE
kba2XGYtvxMWIuQcIxlyAjtgFbTTL2qApS3Mxh0Euw6DGiGMZG/V0/4vWyy4Arvp
rR14KcSuYNyBW8lIk2U6Aqsj37VDGM0yPluF8n3xUeiuxu2kJKlniZnGRHBByLXZ
5DilRzaa3EX8ekFoZva6HqVYVDgRlKOUxgOQxDpyXPM6dzvAqEZST7/kCLXEm38h
DH8hTxyBcdaOn3aV4ZMFCCdCzt2cJv2OQN3G+rHOJOPgTBM=
Generated at Fri Feb 23 22:22:37 2024 by rpki-client on console-ams.rpki-client.org