Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e20383334.roa
File: 3138352e3234342e39352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ckt6G2ZZnXENdlw3WlE3nowgpdTvbixli4meGSHWDdw=
Subject key identifier: 9B:63:95:E4:FC:23:1F:39:63:49:0E:19:6A:AB:46:16:CA:80:7A:FD
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 7E7CD454CE7B901D6F2F1B990F2826F205F71823
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e20383334.roa
Signing time: Fri 08 Dec 2023 09:05:04 +0000
ROA not before: Fri 08 Dec 2023 09:00:04 +0000
ROA not after: Fri 06 Dec 2024 09:05:04 +0000
asID: 834
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 09 Dec 2023 08:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:7c:d4:54:ce:7b:90:1d:6f:2f:1b:99:0f:28:26:f2:05:f7:18:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Dec 8 09:00:04 2023 GMT
Not After : Dec 6 09:05:04 2024 GMT
Subject: CN=9B6395E4FC231F3963490E196AAB4616CA807AFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:24:d5:cd:12:38:9a:4e:a1:1a:16:11:96:2e:
da:d7:07:12:96:1d:70:a0:c9:ed:8a:d2:ca:ec:96:
9a:3a:9c:9e:0f:8c:42:47:b3:66:c9:ab:da:f3:b8:
ad:d9:46:08:47:54:c1:b8:a5:05:99:d4:1c:36:fc:
55:94:be:88:44:26:3e:c6:31:f2:76:2d:d2:1e:ef:
71:2d:70:5b:4a:74:20:40:9f:86:85:05:d5:f5:d6:
40:cc:97:84:3e:4e:f2:ce:e3:9a:ed:2d:65:3d:a3:
70:ee:c3:2a:fd:b8:ca:c6:40:f7:30:9f:ec:fc:9e:
d4:fc:14:87:48:93:a1:1d:83:44:96:fa:b4:52:8b:
7f:09:fe:e0:54:73:28:61:2f:36:f0:92:fc:f0:f4:
1a:4a:85:38:7f:c6:c9:7e:57:57:99:7e:3f:dd:a7:
ee:82:cf:9f:ba:7f:4b:a4:19:62:70:62:a4:a3:ef:
8c:56:7b:7a:4d:f3:d8:93:34:71:1f:9c:5b:1a:e0:
26:f1:68:64:a8:1e:50:9b:76:e9:2a:fb:05:43:64:
3b:e6:6d:41:80:d6:57:08:f8:ef:f4:93:55:7e:ca:
cf:79:44:2d:2a:62:3e:b5:b6:45:f0:72:e0:c2:bc:
32:3d:b1:5f:af:10:86:70:fd:be:f1:6f:ed:f6:de:
98:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:63:95:E4:FC:23:1F:39:63:49:0E:19:6A:AB:46:16:CA:80:7A:FD
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
33:3a:bd:e3:e3:29:48:6e:05:50:50:1a:eb:f3:fe:04:23:08:
a7:88:3e:24:f2:b5:dc:55:aa:c9:10:82:a2:59:b0:e8:1c:cb:
4e:44:53:d2:bb:47:bb:e3:a6:e4:2b:a0:3a:f4:4b:4a:ed:b7:
2b:97:a5:24:a2:4d:75:23:f5:69:fd:42:b9:25:df:de:db:c6:
f9:20:7d:79:de:71:cd:7c:c8:e8:da:7b:de:3a:77:fd:32:90:
89:36:19:08:fb:68:af:0b:b1:eb:c9:ee:62:68:8b:35:91:f8:
f3:b2:1e:ed:c8:3d:bb:f2:b1:c6:4a:cd:98:4a:c7:6c:fc:e9:
e1:7e:85:ed:a2:6d:2a:4a:87:43:e2:5f:56:04:4c:5a:8b:bd:
b2:b1:57:99:ad:7f:92:88:ad:65:ad:d2:92:b2:85:60:69:23:
15:85:b7:a8:60:d1:c9:e0:37:e1:67:c4:b7:78:5f:1b:93:29:
5c:7f:9f:55:d9:bd:bf:e9:f4:91:e5:46:08:1a:5f:a9:b0:00:
6d:0a:21:e1:e2:0c:43:96:d9:be:1a:8c:ac:b4:b2:ba:37:84:
b2:2c:9b:37:78:0b:85:00:ca:85:98:98:fe:f8:27:dd:28:37:
d0:e1:8b:e7:bc:fc:e2:74:58:0c:bb:b8:fe:f8:d4:0f:09:ed:
32:22:4d:74
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUfnzUVM57kB1vLxuZDygm8gX3GCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzEyMDgwOTAwMDRaFw0yNDEyMDYwOTA1MDRaMDMxMTAvBgNV
BAMTKDlCNjM5NUU0RkMyMzFGMzk2MzQ5MEUxOTZBQUI0NjE2Q0E4MDdBRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChJNXNEjiaTqEaFhGWLtrXBxKW
HXCgye2K0srslpo6nJ4PjEJHs2bJq9rzuK3ZRghHVMG4pQWZ1Bw2/FWUvohEJj7G
MfJ2LdIe73EtcFtKdCBAn4aFBdX11kDMl4Q+TvLO45rtLWU9o3Duwyr9uMrGQPcw
n+z8ntT8FIdIk6Edg0SW+rRSi38J/uBUcyhhLzbwkvzw9BpKhTh/xsl+V1eZfj/d
p+6Cz5+6f0ukGWJwYqSj74xWe3pN89iTNHEfnFsa4CbxaGSoHlCbdukq+wVDZDvm
bUGA1lcI+O/0k1V+ys95RC0qYj61tkXwcuDCvDI9sV+vEIZw/b7xb+323pgPAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUm2OV5PwjHzljSQ4ZaqtGFsqAev0wHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC59F8w
DQYJKoZIhvcNAQELBQADggEBADM6vePjKUhuBVBQGuvz/gQjCKeIPiTytdxVqskQ
gqJZsOgcy05EU9K7R7vjpuQroDr0S0rttyuXpSSiTXUj9Wn9Qrkl397bxvkgfXne
cc18yOjae946d/0ykIk2GQj7aK8LsevJ7mJoizWR+POyHu3IPbvyscZKzZhKx2z8
6eF+he2ibSpKh0PiX1YETFqLvbKxV5mtf5KIrWWt0pKyhWBpIxWFt6hg0cngN+Fn
xLd4XxuTKVx/n1XZvb/p9JHlRggaX6mwAG0KIeHiDEOW2b4ajKy0sro3hLIsmzd4
C4UAyoWYmP74J90oN9Dhi+e8/OJ0WAy7uP741A8J7TIiTXQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org