Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231332e352e3132382e302f32342d3234203d3e203233343730.roa
File: 3231332e352e3132382e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: D3VwUFqP8ESdZ5+LfehYAuEtUd/GvjQkwHzmZmBgVEg=
Subject key identifier: 9F:61:99:5A:E0:86:A0:7E:02:A4:D9:17:45:71:83:81:37:9C:89:93
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 66ED93FB8B0E4DD3F8C8E9BEB2FBC213D16BFA92
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231332e352e3132382e302f32342d3234203d3e203233343730.roa
Signing time: Tue 27 Feb 2024 15:28:00 +0000
ROA not before: Tue 27 Feb 2024 15:23:00 +0000
ROA not after: Tue 25 Feb 2025 15:28:00 +0000
asID: 23470
IP address blocks: 213.5.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 10:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:ed:93:fb:8b:0e:4d:d3:f8:c8:e9:be:b2:fb:c2:13:d1:6b:fa:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Feb 27 15:23:00 2024 GMT
Not After : Feb 25 15:28:00 2025 GMT
Subject: CN=9F61995AE086A07E02A4D91745718381379C8993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:1c:8e:fb:fe:bc:06:43:c9:1b:6d:d2:54:
ce:19:fc:23:ec:c5:fc:fb:cb:0c:af:01:ee:48:f5:
df:00:8e:f9:09:1f:ce:d5:b9:b2:ea:3d:b9:c0:44:
ef:ee:3c:f2:30:85:8b:6d:60:2f:9d:cc:ab:88:08:
64:1e:48:1e:21:50:9c:19:82:65:d1:f7:b9:d2:0e:
7f:14:e3:07:d4:c0:93:c5:f5:43:64:a6:8b:8f:3c:
a8:0e:37:51:fa:f5:6b:0c:58:0c:13:38:19:fe:53:
06:d9:ce:71:45:0d:67:c2:0b:60:3f:fc:04:54:d3:
8e:18:39:6c:7a:a1:24:42:20:98:4b:8f:3c:35:52:
95:7b:53:9d:6b:dd:b3:ca:1c:dc:84:d3:5a:66:80:
0d:11:26:55:53:02:f5:4d:7c:a3:98:49:c8:82:5d:
9e:e9:d5:cc:48:1c:6a:76:59:9f:56:af:e5:d2:6e:
98:e8:5c:72:12:b2:79:46:49:94:60:ab:7b:05:ca:
7b:0a:f4:28:c8:6a:c8:a1:ee:0e:0c:9e:28:65:2a:
ab:ee:10:43:2d:9f:6d:0d:de:ce:41:b9:ba:91:48:
d8:68:ed:6d:c4:32:82:89:56:cd:04:b4:dd:1d:9e:
a3:de:02:b7:c1:0e:6f:fc:95:07:d2:16:e5:83:b7:
00:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:61:99:5A:E0:86:A0:7E:02:A4:D9:17:45:71:83:81:37:9C:89:93
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231332e352e3132382e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.128.0/24
Signature Algorithm: sha256WithRSAEncryption
41:81:d2:78:e9:e9:c1:d0:af:6c:23:a5:80:95:10:0e:c4:02:
5b:94:28:a7:94:1f:bc:93:9e:97:ab:46:8a:a9:bb:97:bb:1c:
4f:1c:c0:02:ff:39:e1:bc:50:8f:7c:7b:68:62:5e:43:13:70:
bc:c7:7e:ce:a0:5d:ed:6b:c0:b4:0f:2d:d6:11:52:0f:da:e2:
7e:9a:b5:ea:8c:46:cf:06:d7:a4:8f:11:39:9d:32:bb:0d:4d:
ea:f6:02:e0:ad:ba:d3:57:90:17:6c:7d:e1:6b:24:3e:e9:31:
97:8d:6e:d7:60:54:db:fb:32:cd:21:ad:f9:f0:3d:e0:e5:99:
ca:0c:96:2c:78:5b:b1:80:63:5b:aa:5c:6b:0a:9b:37:65:83:
9c:f1:7e:cb:f3:89:82:d4:d3:e2:6e:e2:0a:5f:ff:33:cd:69:
ca:85:65:40:02:e1:0f:d7:a4:1c:6a:9c:b2:3d:03:f2:19:81:
82:68:60:b6:81:a0:49:4f:af:9b:69:13:60:e9:dc:a4:74:c8:
47:4a:c9:00:3d:33:93:ed:97:25:b2:1b:68:39:04:1b:ac:06:
98:97:23:84:16:93:d7:0f:91:32:73:8b:f7:95:c9:3a:04:a1:
e0:14:53:39:2f:e5:85:a4:15:0a:a1:8e:2d:a2:8e:cb:67:7e:
f9:0b:b2:da
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZu2T+4sOTdP4yOm+svvCE9Fr+pIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNDAyMjcxNTIzMDBaFw0yNTAyMjUxNTI4MDBaMDMxMTAvBgNV
BAMTKDlGNjE5OTVBRTA4NkEwN0UwMkE0RDkxNzQ1NzE4MzgxMzc5Qzg5OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIaRyO+/68BkPJG23SVM4Z/CPs
xfz7ywyvAe5I9d8AjvkJH87VubLqPbnARO/uPPIwhYttYC+dzKuICGQeSB4hUJwZ
gmXR97nSDn8U4wfUwJPF9UNkpouPPKgON1H69WsMWAwTOBn+UwbZznFFDWfCC2A/
/ARU044YOWx6oSRCIJhLjzw1UpV7U51r3bPKHNyE01pmgA0RJlVTAvVNfKOYSciC
XZ7p1cxIHGp2WZ9Wr+XSbpjoXHISsnlGSZRgq3sFynsK9CjIasih7g4MnihlKqvu
EEMtn20N3s5BubqRSNho7W3EMoKJVs0EtN0dnqPeArfBDm/8lQfSFuWDtwBDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUn2GZWuCGoH4CpNkXRXGDgTeciZMwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMzMmUzNTJlMzEzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMzM0MzczMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANUF
gDANBgkqhkiG9w0BAQsFAAOCAQEAQYHSeOnpwdCvbCOlgJUQDsQCW5Qop5QfvJOe
l6tGiqm7l7scTxzAAv854bxQj3x7aGJeQxNwvMd+zqBd7WvAtA8t1hFSD9rifpq1
6oxGzwbXpI8ROZ0yuw1N6vYC4K2601eQF2x94WskPukxl41u12BU2/syzSGt+fA9
4OWZygyWLHhbsYBjW6pcawqbN2WDnPF+y/OJgtTT4m7iCl//M81pyoVlQALhD9ek
HGqcsj0D8hmBgmhgtoGgSU+vm2kTYOncpHTIR0rJAD0zk+2XJbIbaDkEG6wGmJcj
hBaT1w+RMnOL95XJOgSh4BRTOS/lhaQVCqGOLaKOy2d++Quy2g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-fra.rpki-client.org