Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e203231383539.roa
File: 39322e3131342e342e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: Etv9X4lXRHlc3zYG8DB49l9ac3eSI7w85vPXQpg6LWM=
Subject key identifier: 28:7A:30:FC:E3:29:80:65:83:EF:DF:EB:4C:99:B6:9E:C8:79:91:BA
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 236E19E3BD4A56CC816C66B0D21E63F1D11C4B48
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e203231383539.roa
Signing time: Fri 01 Dec 2023 13:07:21 +0000
ROA not before: Fri 01 Dec 2023 13:02:21 +0000
ROA not after: Fri 29 Nov 2024 13:07:21 +0000
asID: 21859
IP address blocks: 92.114.4.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:6e:19:e3:bd:4a:56:cc:81:6c:66:b0:d2:1e:63:f1:d1:1c:4b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Dec 1 13:02:21 2023 GMT
Not After : Nov 29 13:07:21 2024 GMT
Subject: CN=287A30FCE329806583EFDFEB4C99B69EC87991BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6e:06:3b:7a:62:23:ac:9a:0e:fa:42:c8:82:
fa:1d:cb:42:e7:a2:cc:f9:07:07:2e:ae:25:b2:b7:
56:9f:26:44:b4:16:90:ca:61:a5:44:93:0f:27:61:
9b:d2:43:2f:08:e0:cb:70:ec:33:5b:97:0d:c2:37:
2d:ec:ee:0e:0a:50:b8:f8:54:3a:24:01:f8:78:b8:
44:f8:9d:a4:c5:40:37:68:b5:61:a4:8e:4c:af:9d:
42:c1:ab:ff:d6:bf:68:d8:64:bf:a8:35:d7:4d:f3:
e9:cf:55:3d:c5:e3:86:d8:0c:47:14:a5:47:ac:50:
4e:e9:5c:76:fe:c9:97:64:07:e0:ef:49:d0:45:be:
f3:1b:64:9e:c2:9d:49:17:34:91:1a:14:ea:82:b1:
fc:ca:36:84:5a:e3:f9:fe:4d:65:0b:11:90:00:98:
20:19:d5:04:59:d6:33:fa:f8:67:fc:bb:26:00:fb:
36:58:7f:56:9a:93:ec:ef:45:78:30:f5:7a:39:73:
27:44:13:70:be:33:47:52:ab:a2:a1:66:d3:e4:65:
17:55:ee:51:c3:76:50:e7:bc:04:0c:23:a2:01:0c:
b4:ca:90:eb:53:d5:1f:f6:82:27:45:26:82:5d:1d:
30:30:90:e1:67:c6:3e:bf:d2:fd:a3:58:7d:a9:19:
d3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7A:30:FC:E3:29:80:65:83:EF:DF:EB:4C:99:B6:9E:C8:79:91:BA
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/39322e3131342e342e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.4.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:31:ed:da:df:be:d1:af:51:96:d7:c3:84:7a:48:fa:9e:c1:
03:d4:e5:22:b1:d1:e6:81:50:48:d0:7d:8b:8d:2c:59:a4:69:
fd:08:f8:18:42:10:c5:e7:c7:ad:be:9b:6a:7e:06:10:70:ff:
fa:40:ea:f1:51:33:82:c7:8a:ef:bc:df:39:b1:23:a1:67:d3:
32:18:1e:9c:fd:6d:e5:bb:b3:e7:8e:bb:f9:28:11:31:c9:5e:
ea:f5:44:d1:16:7d:66:39:29:ed:1e:90:36:9b:11:2b:41:72:
b1:d7:22:ad:f8:76:25:3a:02:34:1d:1d:a2:97:d0:77:ad:30:
61:00:ae:0e:fa:72:cf:30:14:b2:fc:b9:0f:0b:57:08:9a:5f:
0b:a5:62:87:77:44:25:84:6f:2c:a2:8d:56:de:0a:e5:87:30:
aa:64:52:e2:43:27:52:eb:d3:01:d9:e0:4e:53:60:20:ab:90:
8e:02:56:e2:6d:76:b2:7f:af:7d:ff:3c:b7:d7:f6:42:3b:6d:
d7:bf:c5:4d:bf:78:b1:1c:85:32:84:51:7f:8a:43:87:13:08:
e6:7f:e1:28:30:3a:b8:81:2c:f6:54:17:20:5f:ea:56:9d:7a:
be:25:22:ef:0d:bf:e2:a9:bf:68:d3:da:9a:36:7b:52:bd:ee:
6c:14:0a:50
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUI24Z471KVsyBbGaw0h5j8dEcS0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yMzEyMDExMzAyMjFaFw0yNDExMjkxMzA3MjFaMDMxMTAvBgNV
BAMTKDI4N0EzMEZDRTMyOTgwNjU4M0VGREZFQjRDOTlCNjlFQzg3OTkxQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfbgY7emIjrJoO+kLIgvody0Ln
osz5BwcuriWyt1afJkS0FpDKYaVEkw8nYZvSQy8I4Mtw7DNblw3CNy3s7g4KULj4
VDokAfh4uET4naTFQDdotWGkjkyvnULBq//Wv2jYZL+oNddN8+nPVT3F44bYDEcU
pUesUE7pXHb+yZdkB+DvSdBFvvMbZJ7CnUkXNJEaFOqCsfzKNoRa4/n+TWULEZAA
mCAZ1QRZ1jP6+Gf8uyYA+zZYf1aak+zvRXgw9Xo5cydEE3C+M0dSq6KhZtPkZRdV
7lHDdlDnvAQMI6IBDLTKkOtT1R/2gidFJoJdHTAwkOFnxj6/0v2jWH2pGdNJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUKHow/OMpgGWD79/rTJm2nsh5kbowHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzkzMjJlMzEzMTM0MmUzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzODM1Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABccgQw
DQYJKoZIhvcNAQELBQADggEBAMsx7drfvtGvUZbXw4R6SPqewQPU5SKx0eaBUEjQ
fYuNLFmkaf0I+BhCEMXnx62+m2p+BhBw//pA6vFRM4LHiu+83zmxI6Fn0zIYHpz9
beW7s+eOu/koETHJXur1RNEWfWY5Ke0ekDabEStBcrHXIq34diU6AjQdHaKX0Het
MGEArg76cs8wFLL8uQ8LVwiaXwulYod3RCWEbyyijVbeCuWHMKpkUuJDJ1Lr0wHZ
4E5TYCCrkI4CVuJtdrJ/r33/PLfX9kI7bde/xU2/eLEchTKEUX+KQ4cTCOZ/4Sgw
OriBLPZUFyBf6lader4lIu8Nv+Kpv2jT2po2e1K97mwUClA=
Generated at Mon Jan 1 01:33:33 2024 by rpki-client on console-fra.rpki-client.org