Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030303a3a2f34382d3438203d3e20323135343433.roa
File: 326130613a363034343a393030303a3a2f34382d3438203d3e20323135343433.roa (raw, json)
Hash identifier: ryNu5VnlTJpvhtmeoULn3Z7FvBn2WZxeh1CyJiVI3d8=
Subject key identifier: 96:85:AF:39:DE:60:7A:C6:B1:B2:04:23:E6:43:E5:54:96:5E:7D:7B
Certificate issuer: /CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Certificate serial: 3C1E48E85D2E07488BD4D4876972AFA9DF526E4B
Authority key identifier: 48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030303a3a2f34382d3438203d3e20323135343433.roa
Signing time: Thu 22 Feb 2024 00:48:44 +0000
ROA not before: Thu 22 Feb 2024 00:43:44 +0000
ROA not after: Thu 20 Feb 2025 00:48:44 +0000
asID: 215443
IP address blocks: 2a0a:6044:9000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Aug 2024 18:19:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:1e:48:e8:5d:2e:07:48:8b:d4:d4:87:69:72:af:a9:df:52:6e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Validity
Not Before: Feb 22 00:43:44 2024 GMT
Not After : Feb 20 00:48:44 2025 GMT
Subject: CN=9685AF39DE607AC6B1B20423E643E554965E7D7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9b:5f:93:18:04:e4:a6:0b:75:d0:56:05:0b:
97:fa:6f:90:f4:22:45:9b:69:4e:4a:4d:58:ce:3c:
c1:f1:e0:db:83:c4:18:eb:46:04:17:b8:46:da:68:
43:ca:58:0f:f0:73:56:52:e2:e7:6e:d4:1b:6f:a5:
e4:75:e2:a0:97:27:09:99:60:cd:01:cc:0e:fa:ac:
3a:c9:07:00:e4:19:00:06:de:a2:83:6d:29:7b:bc:
65:5d:0a:6c:ac:11:d7:ad:f0:c6:e7:c4:fa:2f:58:
bc:4d:ac:59:0a:cd:bb:6c:e0:cb:34:f0:d7:26:da:
25:82:fd:0b:f2:b5:76:c5:33:db:72:9b:c3:e8:b0:
04:8e:71:96:c8:21:d5:f5:9d:6e:df:b5:d5:e2:e7:
3a:af:d8:b8:63:3d:b3:f9:37:8e:b6:74:06:23:33:
d7:47:61:e8:e3:a8:fc:30:a4:b4:f6:a7:98:a4:8d:
be:1d:79:ac:4e:5b:e2:2e:aa:bd:dc:41:a1:54:63:
84:39:57:26:e1:25:08:a8:36:cb:42:4b:df:b1:cb:
32:9c:b4:88:05:46:37:b9:3a:38:47:58:4d:5f:f8:
0f:69:0a:bf:34:98:8e:e5:62:15:0d:84:d7:5e:b8:
f0:d9:6e:0e:b5:7c:e4:18:50:6e:b5:ad:48:a9:68:
23:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:85:AF:39:DE:60:7A:C6:B1:B2:04:23:E6:43:E5:54:96:5E:7D:7B
X509v3 Authority Key Identifier:
keyid:48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030303a3a2f34382d3438203d3e20323135343433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:9000::/48
Signature Algorithm: sha256WithRSAEncryption
af:d5:b2:c1:c7:5c:4a:04:f1:c3:db:9e:96:c6:a3:91:3d:d1:
62:5a:71:85:36:63:21:3a:f7:7c:4c:f5:b2:ba:24:68:83:87:
1b:bf:a1:0e:00:d6:48:9b:bf:b3:c8:fe:7c:b2:d0:c1:39:54:
86:02:e5:17:ff:82:66:f8:7d:a5:50:3a:37:e0:55:0a:4e:83:
1b:86:5a:0b:3b:5c:3a:06:21:ba:31:00:79:bb:3c:c5:e9:b6:
72:51:66:0b:41:fa:54:43:fd:0a:9c:1d:01:44:ce:71:15:f6:
19:07:24:c5:a9:b5:91:7d:5a:3a:91:bd:a6:09:4c:d1:25:57:
64:69:5b:2d:fc:1c:cf:fd:55:a2:a6:e2:b8:7c:93:44:be:46:
63:69:ff:ff:f3:9f:e5:9f:f6:2a:af:47:62:44:7b:45:8f:34:
3c:27:da:17:67:c9:4b:e3:f6:1c:3b:3d:bf:81:38:c3:a9:50:
14:f1:b9:db:5d:49:95:6e:8d:ae:7b:31:13:8c:76:33:78:c9:
f2:b6:9d:d0:89:2b:24:50:b5:71:8c:d4:63:ea:88:f2:20:f9:
3a:c4:67:f7:fb:9c:36:b3:c3:63:f0:18:b5:32:97:4c:09:78:
1d:bc:18:ca:6d:5a:3d:58:39:84:9f:60:14:9c:22:33:46:9e:
a0:69:15:ec
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUPB5I6F0uB0iL1NSHaXKvqd9SbkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBC
MkFGNjZERjAeFw0yNDAyMjIwMDQzNDRaFw0yNTAyMjAwMDQ4NDRaMDMxMTAvBgNV
BAMTKDk2ODVBRjM5REU2MDdBQzZCMUIyMDQyM0U2NDNFNTU0OTY1RTdEN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYm1+TGATkpgt10FYFC5f6b5D0
IkWbaU5KTVjOPMHx4NuDxBjrRgQXuEbaaEPKWA/wc1ZS4udu1BtvpeR14qCXJwmZ
YM0BzA76rDrJBwDkGQAG3qKDbSl7vGVdCmysEdet8MbnxPovWLxNrFkKzbts4Ms0
8Ncm2iWC/QvytXbFM9tym8PosASOcZbIIdX1nW7ftdXi5zqv2LhjPbP5N462dAYj
M9dHYejjqPwwpLT2p5ikjb4deaxOW+Iuqr3cQaFUY4Q5VybhJQioNstCS9+xyzKc
tIgFRje5OjhHWE1f+A9pCr80mI7lYhUNhNdeuPDZbg61fOQYUG61rUipaCMLAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUloWvOd5gesaxsgQj5kPlVJZefXswHwYDVR0j
BBgwFoAUSIvYav2xviOOHj6t6FoFILKvZt8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWNiMzAzMjItOTRmNy00ZTYxLTg2OTEtNWMxYjYxMWIw
YTk1LzEvNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBCMkFGNjZERi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC80ODhCRDg2QUZEQjFCRTIzOEUxRTNFQURF
ODVBMDUyMEIyQUY2NkRGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lY2IzMDMyMi05NGY3LTRlNjEtODY5MS01YzFiNjExYjBhOTUvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM5MzAzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzQzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRJAAMA0GCSqGSIb3DQEBCwUAA4IBAQCv
1bLBx1xKBPHD256WxqORPdFiWnGFNmMhOvd8TPWyuiRog4cbv6EOANZIm7+zyP58
stDBOVSGAuUX/4Jm+H2lUDo34FUKToMbhloLO1w6BiG6MQB5uzzF6bZyUWYLQfpU
Q/0KnB0BRM5xFfYZByTFqbWRfVo6kb2mCUzRJVdkaVst/BzP/VWipuK4fJNEvkZj
af//85/ln/Yqr0diRHtFjzQ8J9oXZ8lL4/YcOz2/gTjDqVAU8bnbXUmVbo2uezET
jHYzeMnytp3QiSskULVxjNRj6ojyIPk6xGf3+5w2s8Nj8Bi1MpdMCXgdvBjKbVo9
WDmEn2AUnCIzRp6gaRXs
-----END CERTIFICATE-----
Generated at Wed Aug 7 20:23:14 2024 by rpki-client on console-fra.rpki-client.org