Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030303a3a2f34382d3438203d3e20323135353930.roa
File: 326130613a363034343a393030303a3a2f34382d3438203d3e20323135353930.roa (raw, json)
Hash identifier: XZleZeyy+3h7BH5+lqcUQA7mE8qGPYv9x2RzYWMiujY=
Subject key identifier: 60:E1:BF:BA:95:65:25:E4:AE:4A:F3:05:10:40:FD:77:E1:B4:70:95
Certificate issuer: /CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Certificate serial: 09AB1F206968BDEF139F81160660501D7C013F41
Authority key identifier: 48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030303a3a2f34382d3438203d3e20323135353930.roa
Signing time: Tue 20 Feb 2024 00:45:51 +0000
ROA not before: Tue 20 Feb 2024 00:40:51 +0000
ROA not after: Tue 18 Feb 2025 00:45:51 +0000
asID: 215590
IP address blocks: 2a0a:6044:9000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Feb 2024 13:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:ab:1f:20:69:68:bd:ef:13:9f:81:16:06:60:50:1d:7c:01:3f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Validity
Not Before: Feb 20 00:40:51 2024 GMT
Not After : Feb 18 00:45:51 2025 GMT
Subject: CN=60E1BFBA956525E4AE4AF3051040FD77E1B47095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:db:ee:07:46:88:88:17:74:64:5e:11:4a:40:
85:2a:3e:4a:9b:f1:ff:eb:81:ff:ea:8a:31:91:f1:
a0:19:45:d1:f1:c6:7f:49:29:7a:ac:22:2b:e2:51:
c9:e6:b9:fb:58:3b:0d:61:fc:60:4d:ed:a1:ee:66:
a1:98:e5:34:cd:fb:61:98:66:ec:b3:2e:d2:00:54:
4e:7f:25:47:c8:50:0e:a0:84:8b:e4:1f:d5:fa:c9:
86:06:9f:44:82:56:77:73:d8:31:36:f1:72:1d:51:
c5:76:d3:77:45:3a:f6:41:c3:63:2c:fa:48:61:cd:
0b:af:08:2a:5e:a7:6b:87:04:17:aa:2d:65:0b:02:
88:2d:b5:f6:2e:ae:cc:51:d0:bf:16:35:00:82:9c:
81:4b:ba:03:9d:f6:6c:fd:5a:ff:0e:19:38:9d:65:
94:4c:03:75:5e:70:66:e1:98:4b:6c:0b:dd:d4:2c:
36:06:9a:91:3f:59:60:22:d7:6e:00:90:2f:3d:0c:
41:8f:b6:a3:09:29:a4:5d:84:68:7b:d0:8a:82:a0:
80:73:0a:57:64:a6:cd:21:d3:9e:76:59:53:03:d8:
6f:e2:dc:fc:eb:25:4a:e0:da:d5:7d:6e:a2:01:a2:
b4:b8:5e:0b:e8:c2:a1:d2:5b:06:d6:08:b8:a7:60:
85:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E1:BF:BA:95:65:25:E4:AE:4A:F3:05:10:40:FD:77:E1:B4:70:95
X509v3 Authority Key Identifier:
keyid:48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030303a3a2f34382d3438203d3e20323135353930.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:9000::/48
Signature Algorithm: sha256WithRSAEncryption
01:a4:6f:11:92:32:e0:d9:77:a1:74:78:34:b1:ca:24:fa:97:
7e:be:75:b5:f9:ed:df:0b:2b:00:30:79:e5:a0:04:08:6b:7c:
d3:8b:53:76:07:cc:5e:26:6b:28:7b:4e:65:94:37:dc:90:25:
9a:28:d5:d8:b8:df:84:cd:37:b4:03:c4:05:fe:a4:d7:94:a4:
c5:77:b5:df:e2:9b:b9:61:68:7e:a3:84:c8:19:10:12:32:3c:
ad:ec:99:49:3d:73:d3:1c:5e:4e:35:4e:0a:fb:b8:76:54:c8:
12:89:e2:6d:7c:8d:80:04:e3:62:a4:20:20:31:08:d0:0c:60:
56:4c:04:8e:2d:c1:25:c4:7b:9d:22:67:ba:ea:2d:f8:ca:7f:
ad:f3:94:44:b1:69:3d:e6:0d:95:ff:10:10:1a:76:0f:d3:be:
cc:da:47:6c:5d:2d:cb:d8:0e:e8:99:f6:a2:14:d0:92:04:49:
5f:1a:4d:65:9f:b9:dc:38:3c:ae:61:1d:ef:9b:65:a7:76:a8:
b6:df:de:71:55:c0:c1:15:27:8e:fd:e9:cb:2c:01:bd:5b:26:
be:d8:5c:ba:2f:07:b9:a1:6e:4f:38:2e:19:e0:9a:bd:17:59:
6f:17:2e:94:ea:af:a2:f4:bd:fa:93:00:68:b4:c2:75:1c:b8:
db:75:6a:82
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUCasfIGlove8Tn4EWBmBQHXwBP0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBC
MkFGNjZERjAeFw0yNDAyMjAwMDQwNTFaFw0yNTAyMTgwMDQ1NTFaMDMxMTAvBgNV
BAMTKDYwRTFCRkJBOTU2NTI1RTRBRTRBRjMwNTEwNDBGRDc3RTFCNDcwOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC22+4HRoiIF3RkXhFKQIUqPkqb
8f/rgf/qijGR8aAZRdHxxn9JKXqsIiviUcnmuftYOw1h/GBN7aHuZqGY5TTN+2GY
ZuyzLtIAVE5/JUfIUA6ghIvkH9X6yYYGn0SCVndz2DE28XIdUcV203dFOvZBw2Ms
+khhzQuvCCpep2uHBBeqLWULAogttfYursxR0L8WNQCCnIFLugOd9mz9Wv8OGTid
ZZRMA3VecGbhmEtsC93ULDYGmpE/WWAi124AkC89DEGPtqMJKaRdhGh70IqCoIBz
Cldkps0h0552WVMD2G/i3PzrJUrg2tV9bqIBorS4XgvowqHSWwbWCLinYIWjAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUYOG/upVlJeSuSvMFEED9d+G0cJUwHwYDVR0j
BBgwFoAUSIvYav2xviOOHj6t6FoFILKvZt8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWNiMzAzMjItOTRmNy00ZTYxLTg2OTEtNWMxYjYxMWIw
YTk1LzEvNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBCMkFGNjZERi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC80ODhCRDg2QUZEQjFCRTIzOEUxRTNFQURF
ODVBMDUyMEIyQUY2NkRGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lY2IzMDMyMi05NGY3LTRlNjEtODY5MS01YzFiNjExYjBhOTUvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM5MzAzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzUzOTMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRJAAMA0GCSqGSIb3DQEBCwUAA4IBAQAB
pG8RkjLg2XehdHg0scok+pd+vnW1+e3fCysAMHnloAQIa3zTi1N2B8xeJmsoe05l
lDfckCWaKNXYuN+EzTe0A8QF/qTXlKTFd7Xf4pu5YWh+o4TIGRASMjyt7JlJPXPT
HF5ONU4K+7h2VMgSieJtfI2ABONipCAgMQjQDGBWTASOLcElxHudIme66i34yn+t
85REsWk95g2V/xAQGnYP077M2kdsXS3L2A7omfaiFNCSBElfGk1ln7ncODyuYR3v
m2Wndqi2395xVcDBFSeO/enLLAG9Wya+2Fy6Lwe5oW5POC4Z4Jq9F1lvFy6U6q+i
9L36kwBotMJ1HLjbdWqC
Generated at Wed Feb 21 19:06:54 2024 by rpki-client on console-ams.rpki-client.org