Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766323a3a2f34382d3438203d3e20323135373631.roa
File: 326130663a383563313a3766323a3a2f34382d3438203d3e20323135373631.roa (raw, json)
Hash identifier: XQw2tJcNclOSJXkrIshjMHVBfPL6qzwJ2IjuxN5vuhY=
Subject key identifier: 8B:58:0A:BF:71:84:A5:CB:EF:9D:8E:08:F9:A9:6D:2D:68:B3:B3:A3
Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial: 1DD3ABE1537AA67B659CF681FA2B36B68B47D4EE
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766323a3a2f34382d3438203d3e20323135373631.roa
Signing time: Mon 25 Mar 2024 23:18:38 +0000
ROA not before: Mon 25 Mar 2024 23:13:38 +0000
ROA not after: Mon 24 Mar 2025 23:18:38 +0000
asID: 215761
IP address blocks: 2a0f:85c1:7f2::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 28 Mar 2024 20:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:d3:ab:e1:53:7a:a6:7b:65:9c:f6:81:fa:2b:36:b6:8b:47:d4:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Validity
Not Before: Mar 25 23:13:38 2024 GMT
Not After : Mar 24 23:18:38 2025 GMT
Subject: CN=8B580ABF7184A5CBEF9D8E08F9A96D2D68B3B3A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e1:9a:39:46:27:8f:0d:a6:5a:43:77:44:58:
71:a4:5f:1a:fd:6b:bf:7b:37:99:2f:8e:0c:b9:02:
70:50:4b:64:29:1c:13:f0:e7:47:05:c5:2a:22:a6:
4b:35:a6:a6:47:0f:8d:f7:ca:b2:2d:35:b2:5e:5e:
52:07:ac:c3:5d:b6:5e:f2:4a:76:1a:26:9f:ac:a6:
4d:07:b7:dd:de:95:f0:9b:c3:8e:cf:64:49:ed:2e:
32:3b:7e:72:d7:ed:46:82:dd:61:72:55:7c:73:b9:
8d:ab:19:ac:d5:14:e4:8f:21:55:8e:1b:9c:26:cb:
20:e9:24:ea:db:82:36:33:fb:30:5c:8f:c8:81:9e:
13:01:cd:b2:f7:75:7c:81:e0:f9:c6:aa:ed:82:20:
a4:20:63:8e:ab:1a:72:34:7f:5b:47:d0:9d:f3:2c:
aa:de:79:09:40:42:12:0e:fa:bf:98:49:a9:01:f4:
3b:fa:c3:40:f4:9a:e2:38:ef:ab:cc:6f:f7:62:11:
18:72:74:57:fa:4e:73:9d:a4:60:ce:f3:b6:1a:24:
40:b7:50:79:02:4e:a2:9d:25:64:dc:99:9e:26:23:
41:61:23:f4:c3:54:ea:ed:70:76:f7:f2:ff:f8:86:
b6:0e:08:ff:5a:f2:a2:be:05:6a:3e:09:24:fa:2f:
4a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:58:0A:BF:71:84:A5:CB:EF:9D:8E:08:F9:A9:6D:2D:68:B3:B3:A3
X509v3 Authority Key Identifier:
keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766323a3a2f34382d3438203d3e20323135373631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:7f2::/48
Signature Algorithm: sha256WithRSAEncryption
8b:d4:d1:fd:a0:1a:40:bd:7a:8f:39:74:c0:fd:db:4f:7b:68:
b2:c2:06:c2:23:55:a4:d6:64:cc:6e:98:fb:fd:12:e1:af:58:
fc:86:44:0f:3f:d3:96:28:51:71:49:80:1e:42:0d:92:54:00:
92:0b:02:4c:ae:e5:76:31:8f:4d:87:ba:22:b5:13:fb:88:d2:
e8:3a:7d:22:8e:54:2f:04:0f:b2:bf:ad:a9:90:dd:4d:27:b9:
36:e4:68:98:6b:49:7d:ee:76:41:05:74:47:08:b0:cc:a8:e2:
85:e6:8e:d9:2e:0d:fa:29:36:7b:8e:4c:02:ae:3b:7a:36:bd:
ca:be:35:e1:1a:81:9a:e4:aa:dd:b8:ed:8c:eb:95:3c:56:e4:
86:22:6b:85:ea:b8:d0:d6:07:6d:23:91:19:57:63:de:0d:64:
8c:a7:aa:91:36:42:f8:bb:67:ff:01:20:10:01:55:6f:13:55:
7c:1c:9c:a1:3f:06:1e:da:c4:b9:3c:3e:9d:74:3f:39:21:84:
29:56:e0:ca:a6:d1:6e:e8:54:08:15:ce:e9:e6:84:df:7b:5a:
9f:ff:6c:5f:e9:aa:8a:a7:72:23:e2:0d:64:8e:3c:78:02:17:
30:00:be:8a:14:ff:de:0c:3d:2d:ff:a9:81:11:03:19:43:91:
ee:da:f4:87
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUHdOr4VN6pntlnPaB+is2totH1O4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNDAzMjUyMzEzMzhaFw0yNTAzMjQyMzE4MzhaMDMxMTAvBgNV
BAMTKDhCNTgwQUJGNzE4NEE1Q0JFRjlEOEUwOEY5QTk2RDJENjhCM0IzQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC94Zo5RiePDaZaQ3dEWHGkXxr9
a797N5kvjgy5AnBQS2QpHBPw50cFxSoipks1pqZHD433yrItNbJeXlIHrMNdtl7y
SnYaJp+spk0Ht93elfCbw47PZEntLjI7fnLX7UaC3WFyVXxzuY2rGazVFOSPIVWO
G5wmyyDpJOrbgjYz+zBcj8iBnhMBzbL3dXyB4PnGqu2CIKQgY46rGnI0f1tH0J3z
LKreeQlAQhIO+r+YSakB9Dv6w0D0muI476vMb/diERhydFf6TnOdpGDO87YaJEC3
UHkCTqKdJWTcmZ4mI0FhI/TDVOrtcHb38v/4hrYOCP9a8qK+BWo+CST6L0orAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUi1gKv3GEpcvvnY4I+altLWizs6MwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTM3MzYzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8jANBgkqhkiG9w0BAQsFAAOCAQEAi9TR
/aAaQL16jzl0wP3bT3tossIGwiNVpNZkzG6Y+/0S4a9Y/IZEDz/TlihRcUmAHkIN
klQAkgsCTK7ldjGPTYe6IrUT+4jS6Dp9Io5ULwQPsr+tqZDdTSe5NuRomGtJfe52
QQV0RwiwzKjiheaO2S4N+ik2e45MAq47eja9yr414RqBmuSq3bjtjOuVPFbkhiJr
heq40NYHbSORGVdj3g1kjKeqkTZC+Ltn/wEgEAFVbxNVfBycoT8GHtrEuTw+nXQ/
OSGEKVbgyqbRbuhUCBXO6eaE33tan/9sX+mqiqdyI+INZI48eAIXMAC+ihT/3gw9
Lf+pgREDGUOR7tr0hw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:13:29 2024 by rpki-client on console-ams.rpki-client.org