Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653230303a3a2f34302d3430203d3e20323134363433.roa
File: 326131343a373538313a653230303a3a2f34302d3430203d3e20323134363433.roa (raw, json)
Hash identifier: HWirBEltH/YnmM3UVsS2lz8r9iAi6dvW2Fwbw3QXKn4=
Subject key identifier: B3:07:DC:83:A4:8B:C1:D0:E7:F5:81:51:F6:FA:9F:18:EE:84:4E:84
Certificate issuer: /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial: 4179D9ECAAC60FB54429F71AA58B9AB1E800F753
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653230303a3a2f34302d3430203d3e20323134363433.roa
Signing time: Tue 30 Jul 2024 22:44:16 +0000
ROA not before: Tue 30 Jul 2024 22:39:16 +0000
ROA not after: Tue 29 Jul 2025 22:44:16 +0000
asID: 214643
IP address blocks: 2a14:7581:e200::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Sep 2024 19:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:79:d9:ec:aa:c6:0f:b5:44:29:f7:1a:a5:8b:9a:b1:e8:00:f7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Validity
Not Before: Jul 30 22:39:16 2024 GMT
Not After : Jul 29 22:44:16 2025 GMT
Subject: CN=B307DC83A48BC1D0E7F58151F6FA9F18EE844E84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0f:a4:25:57:f4:3a:2f:93:f8:39:1a:ac:b3:
05:7f:63:90:18:6f:11:52:68:69:60:93:b4:30:3e:
74:90:51:07:ef:53:93:d4:15:11:17:3e:45:a8:5f:
0f:05:e9:94:32:f5:b8:f4:36:cf:9e:17:3b:69:a2:
79:e0:57:1e:9c:4a:b5:73:7e:42:93:e4:59:d1:95:
43:f5:0f:c6:04:fb:7d:c5:9c:75:8c:c7:80:4d:3c:
6f:0a:69:85:72:f7:3b:c9:49:4e:d6:2b:a8:a3:9e:
f2:11:94:2c:f5:de:d2:27:2e:08:9b:eb:5c:2a:60:
50:82:f8:7e:bc:43:7d:41:35:5b:b3:3a:47:e5:dc:
28:41:e4:40:29:0d:51:c2:2b:7c:34:8f:06:c9:1c:
11:f4:df:0a:40:da:d6:d1:bd:87:56:68:99:6b:e4:
f1:a3:e7:df:e2:f1:b2:86:13:2f:89:af:87:f2:2e:
f5:80:f3:e8:f5:91:80:09:f3:7b:43:11:2b:d3:da:
46:35:40:23:ae:0a:9f:e0:15:fc:41:2d:21:7f:d1:
6a:47:84:b2:eb:72:c1:05:90:c0:4d:29:d8:37:22:
6e:a2:c2:da:95:46:43:14:71:56:15:dc:1f:78:4c:
6c:4f:e5:6c:8e:7d:8d:ab:d3:d6:e7:d2:5b:19:3e:
66:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:07:DC:83:A4:8B:C1:D0:E7:F5:81:51:F6:FA:9F:18:EE:84:4E:84
X509v3 Authority Key Identifier:
keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653230303a3a2f34302d3430203d3e20323134363433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:e200::/40
Signature Algorithm: sha256WithRSAEncryption
2f:b6:60:f2:9c:03:ef:34:ff:7a:cd:7f:e8:f8:2d:c5:eb:98:
76:b0:b3:55:5e:29:ab:a5:ff:b1:16:c9:64:f2:c0:9e:e6:51:
0f:cb:90:a8:6a:05:cc:d2:79:99:eb:30:2c:74:f4:5c:ff:66:
40:7a:47:b0:2b:3b:85:95:7f:1f:58:59:f4:40:05:4f:c4:40:
01:ce:f9:c9:eb:ea:b0:c2:25:b6:43:4d:ec:99:5e:c1:7a:60:
1f:9a:ea:4e:b0:97:27:fe:a4:d9:46:6d:07:c6:a0:0c:82:29:
4d:db:ff:5d:fb:de:2d:c4:45:55:25:be:7d:f0:e0:6b:23:55:
04:61:fc:f0:0d:40:3e:4a:8d:19:14:5a:04:98:ad:b7:2d:19:
81:e9:f1:2e:b9:b9:69:36:33:d2:1f:7c:6a:ca:ce:46:20:9f:
04:f5:68:2c:99:e1:69:f8:85:2a:f4:61:de:fa:8c:81:1c:9a:
b1:5b:3e:13:20:b3:17:55:96:df:7c:e1:94:96:0b:f3:d2:70:
74:79:1e:f5:c2:cc:b9:79:4d:4a:16:36:73:f1:ee:38:dc:77:
8c:76:b9:24:f0:8f:be:3f:e5:37:d3:1d:ca:2b:d0:cc:b4:4b:
70:e5:e7:c7:88:29:05:a6:d5:3d:fb:5b:40:85:aa:81:0c:a4:
db:72:88:24
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUQXnZ7KrGD7VEKfcapYuasegA91MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA3MzAyMjM5MTZaFw0yNTA3MjkyMjQ0MTZaMDMxMTAvBgNV
BAMTKEIzMDdEQzgzQTQ4QkMxRDBFN0Y1ODE1MUY2RkE5RjE4RUU4NDRFODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiD6QlV/Q6L5P4ORqsswV/Y5AY
bxFSaGlgk7QwPnSQUQfvU5PUFREXPkWoXw8F6ZQy9bj0Ns+eFztponngVx6cSrVz
fkKT5FnRlUP1D8YE+33FnHWMx4BNPG8KaYVy9zvJSU7WK6ijnvIRlCz13tInLgib
61wqYFCC+H68Q31BNVuzOkfl3ChB5EApDVHCK3w0jwbJHBH03wpA2tbRvYdWaJlr
5PGj59/i8bKGEy+Jr4fyLvWA8+j1kYAJ83tDESvT2kY1QCOuCp/gFfxBLSF/0WpH
hLLrcsEFkMBNKdg3Im6iwtqVRkMUcVYV3B94TGxP5WyOfY2r09bn0lsZPmabAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUswfcg6SLwdDn9YFR9vqfGO6EToQwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzIzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1geIwDQYJKoZIhvcNAQELBQADggEBAC+2
YPKcA+80/3rNf+j4LcXrmHaws1VeKaul/7EWyWTywJ7mUQ/LkKhqBczSeZnrMCx0
9Fz/ZkB6R7ArO4WVfx9YWfRABU/EQAHO+cnr6rDCJbZDTeyZXsF6YB+a6k6wlyf+
pNlGbQfGoAyCKU3b/1373i3ERVUlvn3w4GsjVQRh/PANQD5KjRkUWgSYrbctGYHp
8S65uWk2M9IffGrKzkYgnwT1aCyZ4Wn4hSr0Yd76jIEcmrFbPhMgsxdVlt984ZSW
C/PScHR5HvXCzLl5TUoWNnPx7jjcd4x2uSTwj74/5TfTHcor0My0S3Dl58eIKQWm
1T37W0CFqoEMpNtyiCQ=
-----END CERTIFICATE-----
Generated at Tue Sep 3 22:00:53 2024 by rpki-client on console-ams.rpki-client.org