Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e20383334.roa
File: 3134312e39382e37322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: oSLWvI5wranP1lnwgrb/pvSQbLIJ2rnwzOw7iVPJZtM=
Subject key identifier: C4:37:B0:C8:86:9E:7D:0D:48:4F:C4:F5:7F:DE:06:0C:E4:53:35:05
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 0FCD5536869B6161761A0BC8203AB156F1C88AFF
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e20383334.roa
Signing time: Fri 04 Oct 2024 00:01:44 +0000
ROA not before: Thu 03 Oct 2024 23:56:44 +0000
ROA not after: Fri 03 Oct 2025 00:01:44 +0000
asID: 834
IP address blocks: 141.98.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 11:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:cd:55:36:86:9b:61:61:76:1a:0b:c8:20:3a:b1:56:f1:c8:8a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Oct 3 23:56:44 2024 GMT
Not After : Oct 3 00:01:44 2025 GMT
Subject: CN=C437B0C8869E7D0D484FC4F57FDE060CE4533505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:19:1a:06:12:e6:e0:df:8d:8b:08:37:98:8a:
9e:a1:f4:8f:d6:a9:4f:a5:7e:27:19:be:0c:00:d0:
e8:6f:40:7b:23:8d:54:c2:01:2c:f6:d3:42:eb:f6:
fe:bb:68:8e:39:e3:d8:c7:07:85:12:f6:9f:74:57:
a9:4f:87:7f:f7:e8:a5:d3:81:e6:38:87:d7:54:90:
c2:0c:31:ac:d9:38:e3:3b:ed:e2:88:92:b0:e0:ab:
07:cf:73:c5:2d:e6:d5:a6:38:49:ea:09:d6:dc:09:
d6:66:ec:63:fb:17:8a:6c:a7:e8:b0:dd:53:eb:1e:
31:de:25:f6:b9:81:5b:90:8e:48:84:b9:d7:c8:34:
c8:2d:1d:7e:7e:4c:43:b5:16:b2:eb:66:d5:50:5a:
07:3c:df:64:74:97:fd:67:b6:70:a9:f5:0e:d3:c1:
74:d0:30:3c:2d:99:b6:c3:3c:cf:2a:13:6c:9d:4c:
94:8d:37:c4:53:fd:fe:eb:2f:c4:dd:61:37:10:57:
f1:27:4a:78:2b:18:f5:d5:e6:56:49:cf:61:7b:c4:
c7:37:65:93:70:36:2d:90:89:91:3e:86:9a:bc:ee:
2e:bc:5f:76:b1:90:df:50:9f:aa:a3:ba:9c:49:ad:
5d:34:a4:a8:79:37:5e:e6:f1:91:4a:ec:86:0d:bd:
ee:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:37:B0:C8:86:9E:7D:0D:48:4F:C4:F5:7F:DE:06:0C:E4:53:35:05
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.72.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:9f:c1:13:ae:6e:77:30:ce:20:7e:47:76:ce:62:27:b5:30:
b8:eb:67:9d:86:a7:2f:a6:fa:98:b3:02:76:bd:78:77:a4:05:
bb:a0:64:35:54:82:44:a1:82:97:f9:43:37:2e:51:85:9d:89:
5f:ef:e1:68:f1:ce:cf:94:a1:78:be:99:77:4b:18:05:ef:91:
68:93:7b:76:21:f6:28:0a:10:64:ef:99:9f:94:ec:33:9b:f1:
82:54:d1:1c:c1:85:38:b7:b7:04:d1:61:89:ae:33:1f:20:cf:
64:a0:e7:5f:39:64:58:af:4c:68:d1:7e:45:38:38:82:2a:d3:
45:fb:31:c5:cc:81:4b:9c:8d:ed:94:69:af:e7:27:df:6b:eb:
51:8f:b0:df:d5:43:9c:45:52:eb:1e:be:db:d4:1d:60:a6:60:
e5:da:61:86:37:43:f2:b1:b8:10:c9:34:69:ad:eb:df:7a:94:
f6:32:5f:73:ac:d8:4f:88:c7:72:af:74:53:a8:21:39:82:c5:
e9:50:5a:47:7f:8b:da:47:58:75:0f:9a:2f:c9:19:dc:77:3c:
2e:3d:2d:4e:29:1c:d5:b5:25:90:be:49:97:97:fb:be:35:42:
77:eb:1c:7b:d4:04:41:3c:71:ae:23:f2:cf:74:86:f0:0b:e9:
99:48:b1:7e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUD81VNoabYWF2GgvIIDqxVvHIiv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDEwMDMyMzU2NDRaFw0yNTEwMDMwMDAxNDRaMDMxMTAvBgNV
BAMTKEM0MzdCMEM4ODY5RTdEMEQ0ODRGQzRGNTdGREUwNjBDRTQ1MzM1MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXGRoGEubg342LCDeYip6h9I/W
qU+lficZvgwA0OhvQHsjjVTCASz200Lr9v67aI4549jHB4US9p90V6lPh3/36KXT
geY4h9dUkMIMMazZOOM77eKIkrDgqwfPc8Ut5tWmOEnqCdbcCdZm7GP7F4psp+iw
3VPrHjHeJfa5gVuQjkiEudfINMgtHX5+TEO1FrLrZtVQWgc832R0l/1ntnCp9Q7T
wXTQMDwtmbbDPM8qE2ydTJSNN8RT/f7rL8TdYTcQV/EnSngrGPXV5lZJz2F7xMc3
ZZNwNi2QiZE+hpq87i68X3axkN9Qn6qjupxJrV00pKh5N17m8ZFK7IYNve4xAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUxDewyIaefQ1IT8T1f94GDORTNQUwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWJIMA0G
CSqGSIb3DQEBCwUAA4IBAQDLn8ETrm53MM4gfkd2zmIntTC462edhqcvpvqYswJ2
vXh3pAW7oGQ1VIJEoYKX+UM3LlGFnYlf7+Fo8c7PlKF4vpl3SxgF75Fok3t2IfYo
ChBk75mflOwzm/GCVNEcwYU4t7cE0WGJrjMfIM9koOdfOWRYr0xo0X5FODiCKtNF
+zHFzIFLnI3tlGmv5yffa+tRj7Df1UOcRVLrHr7b1B1gpmDl2mGGN0PysbgQyTRp
revfepT2Ml9zrNhPiMdyr3RTqCE5gsXpUFpHf4vaR1h1D5ovyRncdzwuPS1OKRzV
tSWQvkmXl/u+NUJ36xx71ARBPHGuI/LPdIbwC+mZSLF+
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:59:15 2025 by rpki-client