Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20323132373033.roa
File: 3138352e3232392e3230312e302f32342d3234203d3e20323132373033.roa (raw, json)
Hash identifier: QBBww5rUlf3li/sEQ2Hdb1lXsYXBTVcCoC2swOw16W0=
Subject key identifier: E4:8B:2B:03:1D:2D:87:88:C3:EB:1A:E3:34:F7:4B:73:FB:59:CD:DC
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 5A06BA0A87B16B763AE478184124C8975FA79104
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20323132373033.roa
Signing time: Tue 03 Jan 2023 16:09:15 +0000
ROA not before: Tue 03 Jan 2023 16:04:15 +0000
ROA not after: Tue 02 Jan 2024 16:09:15 +0000
asID: 212703
IP address blocks: 185.229.201.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:06:ba:0a:87:b1:6b:76:3a:e4:78:18:41:24:c8:97:5f:a7:91:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jan 3 16:04:15 2023 GMT
Not After : Jan 2 16:09:15 2024 GMT
Subject: CN=E48B2B031D2D8788C3EB1AE334F74B73FB59CDDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:08:08:e4:9a:cd:03:1a:e1:2b:0e:e2:67:bc:
63:02:42:8a:95:bd:3a:6d:42:02:73:4f:6c:fd:f5:
c6:be:32:67:99:c5:a6:dc:1c:95:58:76:0e:b4:c1:
ba:70:ce:5b:76:46:92:02:bb:b6:71:e0:d3:47:4f:
53:ab:f7:65:6f:43:0a:c2:72:d3:c7:bd:ec:a4:3d:
17:57:aa:73:5d:20:9a:47:b4:df:fe:3a:95:9d:81:
fc:b0:49:47:e1:57:9f:87:16:68:cc:11:f3:c7:99:
2c:1a:7a:1b:aa:51:ba:ea:19:77:bd:e1:01:fd:48:
b7:2a:0d:db:d8:ae:1c:81:bc:d2:ab:24:23:cf:0f:
e7:57:b2:4e:58:bc:0f:30:a5:26:57:18:fb:8e:1d:
7c:e1:ea:e1:de:bf:e9:7d:a2:36:81:b2:aa:3a:0d:
4d:f8:3b:43:65:13:19:2c:9d:c9:fd:3a:6c:8c:f6:
db:31:f9:91:c3:33:06:61:b7:b7:04:70:3e:e3:f3:
47:6a:83:1e:ab:ed:cd:a1:01:b3:1f:13:0c:a5:cc:
06:8b:a3:04:0c:9e:95:16:2a:da:bf:91:5d:3b:57:
ba:76:c2:79:fc:86:34:91:eb:68:6e:96:b6:b4:cd:
a1:d6:30:5e:64:de:23:b0:35:b9:6e:dc:5a:2d:f0:
cc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:8B:2B:03:1D:2D:87:88:C3:EB:1A:E3:34:F7:4B:73:FB:59:CD:DC
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230312e302f32342d3234203d3e20323132373033.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.201.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:37:26:a8:71:c1:c9:32:49:7e:08:3b:7c:38:19:eb:97:68:
00:9e:c0:83:76:3e:79:ee:40:9b:09:b5:4d:a8:bb:20:81:66:
80:98:35:14:62:a4:f1:bd:c0:c8:d6:c6:51:7a:ee:a3:ff:00:
75:48:eb:e4:57:1e:ca:87:65:56:16:4a:3a:02:88:17:47:87:
60:81:3e:04:14:68:f6:89:63:d7:dd:eb:48:73:69:2e:39:8d:
cb:a8:f4:f8:98:7d:fb:00:c6:2e:6f:d9:37:03:56:82:50:03:
95:af:f9:5f:b0:28:b8:dd:d5:0d:74:bb:8a:67:fa:5c:d6:9a:
08:cb:05:04:e2:3e:50:09:cd:22:af:38:26:1b:8f:a9:2b:24:
1e:bf:c9:90:43:1b:5e:31:fb:a2:ee:ce:2d:07:5a:1f:00:9c:
ff:b0:0c:c5:c9:47:0d:a4:6c:7e:7a:3f:9f:34:46:26:ad:bd:
cd:e4:1d:47:fb:a6:1b:8d:5b:d4:8a:3e:2a:66:4c:56:a6:f0:
bb:c8:34:88:8f:25:c1:bc:4c:d1:b3:6b:fa:b7:fa:d5:71:f5:
0a:50:ca:b7:e7:df:16:dd:b4:75:ed:fc:d9:e7:3a:a9:e5:93:
10:e7:b6:e9:15:3f:4d:9e:ca:40:e2:19:93:33:ff:35:6d:f8:
e2:ea:06:2a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUWga6Coexa3Y65HgYQSTIl1+nkQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzAxMDMxNjA0MTVaFw0yNDAxMDIxNjA5MTVaMDMxMTAvBgNV
BAMTKEU0OEIyQjAzMUQyRDg3ODhDM0VCMUFFMzM0Rjc0QjczRkI1OUNEREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDCAjkms0DGuErDuJnvGMCQoqV
vTptQgJzT2z99ca+MmeZxabcHJVYdg60wbpwzlt2RpICu7Zx4NNHT1Or92VvQwrC
ctPHveykPRdXqnNdIJpHtN/+OpWdgfywSUfhV5+HFmjMEfPHmSwaehuqUbrqGXe9
4QH9SLcqDdvYrhyBvNKrJCPPD+dXsk5YvA8wpSZXGPuOHXzh6uHev+l9ojaBsqo6
DU34O0NlExksncn9OmyM9tsx+ZHDMwZht7cEcD7j80dqgx6r7c2hAbMfEwylzAaL
owQMnpUWKtq/kV07V7p2wnn8hjSR62hulra0zaHWMF5k3iOwNblu3Fot8MylAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU5IsrAx0th4jD6xrjNPdLc/tZzdwwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM3MzAzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyTANBgkqhkiG9w0BAQsFAAOCAQEA1zcmqHHByTJJfgg7fDgZ65doAJ7A
g3Y+ee5Amwm1Tai7IIFmgJg1FGKk8b3AyNbGUXruo/8AdUjr5FceyodlVhZKOgKI
F0eHYIE+BBRo9olj193rSHNpLjmNy6j0+Jh9+wDGLm/ZNwNWglADla/5X7AouN3V
DXS7imf6XNaaCMsFBOI+UAnNIq84JhuPqSskHr/JkEMbXjH7ou7OLQdaHwCc/7AM
xclHDaRsfno/nzRGJq29zeQdR/umG41b1Io+KmZMVqbwu8g0iI8lwbxM0bNr+rf6
1XH1ClDKt+ffFt20de382ec6qeWTEOe26RU/TZ7KQOIZkzP/NW344uoGKg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:00 2023 by rpki-client on console-fra.rpki-client.org