Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653530303a3a2f34302d3430203d3e20323134363433.roa
File: 326131343a373538313a653530303a3a2f34302d3430203d3e20323134363433.roa (raw, json)
Hash identifier: S6nAbcwMzoPH17CjYT5iVeHqKq5xWMRbaDQpXNGY4Iw=
Subject key identifier: 71:B2:37:B8:88:16:FD:1D:CA:BC:88:FE:16:80:86:42:D5:08:D7:4D
Certificate issuer: /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial: 67C7A0DA01A3B309071FDE068771359F9A45CDFA
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653530303a3a2f34302d3430203d3e20323134363433.roa
Signing time: Tue 30 Jul 2024 22:44:58 +0000
ROA not before: Tue 30 Jul 2024 22:39:58 +0000
ROA not after: Tue 29 Jul 2025 22:44:58 +0000
asID: 214643
IP address blocks: 2a14:7581:e500::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Sep 2024 19:12:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:c7:a0:da:01:a3:b3:09:07:1f:de:06:87:71:35:9f:9a:45:cd:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Validity
Not Before: Jul 30 22:39:58 2024 GMT
Not After : Jul 29 22:44:58 2025 GMT
Subject: CN=71B237B88816FD1DCABC88FE16808642D508D74D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:7e:45:db:b3:08:ab:23:36:2b:56:52:ca:d3:
14:49:6d:3e:e3:0f:5c:2a:33:ec:ae:45:71:c2:72:
65:b9:fa:2e:37:29:ee:4f:2a:c5:4e:40:06:1f:27:
eb:b0:32:49:5f:77:64:ac:1b:00:05:e3:17:80:ff:
ee:6d:f4:12:12:ef:75:75:f9:d0:e4:8e:50:5f:5b:
d8:a0:9f:60:b3:02:90:96:dd:69:8e:bf:37:da:49:
33:81:ff:a5:8a:55:1e:f6:4e:da:76:ff:38:f6:3f:
99:95:2e:f4:3b:f5:d0:2b:44:d5:b4:01:03:18:df:
2a:72:73:ec:36:dc:2b:d2:8c:45:f7:17:d6:f0:96:
14:d2:ad:3c:65:8c:a0:f8:b1:9c:30:18:c0:b6:13:
aa:da:96:de:bd:fc:c8:8d:96:ac:e2:eb:73:d2:c0:
1f:46:82:0d:84:57:c5:62:87:30:99:30:5a:61:f8:
0c:d3:6d:d6:37:c6:07:ff:78:2e:bd:8c:71:fb:54:
08:b1:d5:db:07:50:5f:4c:d0:51:0d:aa:83:1f:73:
0e:aa:b6:5d:94:7f:86:32:57:b1:06:b9:dd:1b:bd:
4a:b9:c7:39:4e:45:07:77:a8:40:d1:6d:ac:f3:bb:
23:19:53:fd:3d:56:bc:3f:79:bb:35:19:63:89:a3:
26:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B2:37:B8:88:16:FD:1D:CA:BC:88:FE:16:80:86:42:D5:08:D7:4D
X509v3 Authority Key Identifier:
keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653530303a3a2f34302d3430203d3e20323134363433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:e500::/40
Signature Algorithm: sha256WithRSAEncryption
2e:ca:b7:f3:f9:76:c9:dd:d3:f0:54:f7:89:36:3c:c1:14:95:
16:d4:fe:c7:97:f9:8d:cc:ed:d7:11:d9:ed:3e:30:57:7c:dc:
33:06:ed:79:40:63:52:59:c3:e1:eb:ea:8d:d9:43:cf:bc:7d:
8e:e6:28:0e:0a:8a:55:82:e3:69:b9:c3:d9:68:4e:7b:b0:6f:
f2:b2:d0:be:cd:95:fa:a2:00:ea:73:9f:22:23:77:06:2c:0c:
86:14:81:c2:6c:90:68:1c:88:08:4b:e2:13:9f:72:ac:01:a1:
53:b0:cd:f6:46:6d:c9:6e:a5:7d:72:08:a5:03:86:2e:8b:b8:
d6:ea:77:db:6f:fd:13:09:d5:68:b1:ec:e6:9b:f1:a2:8d:6b:
87:37:7e:7b:46:1a:9b:19:fc:b7:08:d3:75:39:c9:39:7e:ee:
26:2a:55:50:a3:de:05:94:8f:db:39:6e:22:e9:1a:ad:f8:a1:
ff:14:ce:c7:f6:b1:d1:41:6d:bb:be:41:df:74:fe:b2:1a:cd:
56:de:a9:ce:14:9c:f6:fa:2b:84:15:fd:2b:02:94:15:44:e9:
af:63:5c:46:f7:51:42:de:0a:fe:4e:31:d1:c4:53:84:cf:81:
ee:7f:9e:1e:bd:25:2a:60:7e:78:c9:86:91:82:4c:3b:e1:a0:
f1:4f:94:24
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUZ8eg2gGjswkHH94Gh3E1n5pFzfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDA3MzAyMjM5NThaFw0yNTA3MjkyMjQ0NThaMDMxMTAvBgNV
BAMTKDcxQjIzN0I4ODgxNkZEMURDQUJDODhGRTE2ODA4NjQyRDUwOEQ3NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4fkXbswirIzYrVlLK0xRJbT7j
D1wqM+yuRXHCcmW5+i43Ke5PKsVOQAYfJ+uwMklfd2SsGwAF4xeA/+5t9BIS73V1
+dDkjlBfW9ign2CzApCW3WmOvzfaSTOB/6WKVR72Ttp2/zj2P5mVLvQ79dArRNW0
AQMY3ypyc+w23CvSjEX3F9bwlhTSrTxljKD4sZwwGMC2E6ralt69/MiNlqzi63PS
wB9Ggg2EV8VihzCZMFph+AzTbdY3xgf/eC69jHH7VAix1dsHUF9M0FENqoMfcw6q
tl2Uf4YyV7EGud0bvUq5xzlORQd3qEDRbazzuyMZU/09Vrw/ebs1GWOJoyatAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUcbI3uIgW/R3KvIj+FoCGQtUI100wHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzUzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1geUwDQYJKoZIhvcNAQELBQADggEBAC7K
t/P5dsnd0/BU94k2PMEUlRbU/seX+Y3M7dcR2e0+MFd83DMG7XlAY1JZw+Hr6o3Z
Q8+8fY7mKA4KilWC42m5w9loTnuwb/Ky0L7NlfqiAOpznyIjdwYsDIYUgcJskGgc
iAhL4hOfcqwBoVOwzfZGbclupX1yCKUDhi6LuNbqd9tv/RMJ1Wix7Oab8aKNa4c3
fntGGpsZ/LcI03U5yTl+7iYqVVCj3gWUj9s5biLpGq34of8Uzsf2sdFBbbu+Qd90
/rIazVbeqc4UnPb6K4QV/SsClBVE6a9jXEb3UULeCv5OMdHEU4TPge5/nh69JSpg
fnjJhpGCTDvhoPFPlCQ=
-----END CERTIFICATE-----
Generated at Tue Sep 3 22:00:53 2024 by rpki-client on console-ams.rpki-client.org