Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/326130613a363034343a616337303a3a2f34342d3434203d3e20323134373537.roa
File: 326130613a363034343a616337303a3a2f34342d3434203d3e20323134373537.roa (raw, json)
Hash identifier: 3K1Lej+urQE49yCgKHS241hFqoLYTQx/NMUMJDrsdrc=
Subject key identifier: D2:6B:69:BC:C9:5A:F2:7C:BA:AA:B2:47:D4:63:FA:C5:FA:2A:A0:6A
Certificate issuer: /CN=5DB0E362AFBC9002B2D552102DA11DA7A3436C1C
Certificate serial: 168696B20A6A9B66D3EFDDECDF867E623200E646
Authority key identifier: 5D:B0:E3:62:AF:BC:90:02:B2:D5:52:10:2D:A1:1D:A7:A3:43:6C:1C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/5DB0E362AFBC9002B2D552102DA11DA7A3436C1C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/326130613a363034343a616337303a3a2f34342d3434203d3e20323134373537.roa
Signing time: Sat 08 Jun 2024 16:02:12 +0000
ROA not before: Sat 08 Jun 2024 15:57:12 +0000
ROA not after: Sat 07 Jun 2025 16:02:12 +0000
asID: 214757
IP address blocks: 2a0a:6044:ac70::/44 maxlen: 44
Validation: Failed, certificate revoked on Sun 09 Jun 2024 06:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:86:96:b2:0a:6a:9b:66:d3:ef:dd:ec:df:86:7e:62:32:00:e6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5DB0E362AFBC9002B2D552102DA11DA7A3436C1C
Validity
Not Before: Jun 8 15:57:12 2024 GMT
Not After : Jun 7 16:02:12 2025 GMT
Subject: CN=D26B69BCC95AF27CBAAAB247D463FAC5FA2AA06A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4a:dc:1c:7a:cc:6b:38:b9:b0:56:5f:2c:ad:
8f:5b:ba:41:ca:e4:4c:e3:da:58:29:4a:3e:6d:c3:
89:86:1d:33:a1:d8:59:cb:42:ab:54:27:85:99:6d:
36:08:7d:9b:19:77:97:e1:b1:13:4f:29:c3:5c:b8:
4d:5c:f7:36:a9:48:15:ce:e6:db:93:15:7a:ed:e4:
8e:29:90:65:15:42:70:ca:54:87:bb:9b:a2:07:3e:
cc:41:f5:2c:87:40:50:ef:58:89:3b:55:a5:fc:65:
42:a6:12:e6:d6:f3:d6:18:c1:49:24:95:5c:bc:ac:
87:cb:3d:27:0e:d8:4e:79:a5:ff:e4:94:a2:a8:f3:
15:51:b9:3d:50:ee:b9:d5:82:71:b9:70:b9:f2:c5:
fb:4e:00:f1:a1:4d:2a:2d:83:7b:41:5d:3e:2e:0a:
d2:92:ca:e8:b8:89:84:cd:f9:78:33:d9:78:8d:4c:
94:72:1b:50:40:5d:6e:a5:71:cb:54:51:a9:f5:28:
75:d7:d0:7a:a9:ff:75:2d:26:db:55:2d:39:7e:79:
00:80:a9:56:71:5b:e0:cd:05:97:7d:bd:5a:6f:14:
bf:db:bc:fc:3f:ae:9c:8d:a9:f4:e9:6e:c8:94:7f:
b5:cb:b8:64:bb:37:d0:56:52:14:49:d6:63:f1:74:
5e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6B:69:BC:C9:5A:F2:7C:BA:AA:B2:47:D4:63:FA:C5:FA:2A:A0:6A
X509v3 Authority Key Identifier:
keyid:5D:B0:E3:62:AF:BC:90:02:B2:D5:52:10:2D:A1:1D:A7:A3:43:6C:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/5DB0E362AFBC9002B2D552102DA11DA7A3436C1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/5DB0E362AFBC9002B2D552102DA11DA7A3436C1C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/326130613a363034343a616337303a3a2f34342d3434203d3e20323134373537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:ac70::/44
Signature Algorithm: sha256WithRSAEncryption
52:11:b4:6d:c6:0b:84:9c:74:06:82:9e:ec:c4:da:f8:5e:74:
39:a5:be:cf:77:13:38:dc:05:6f:9a:62:18:73:2e:39:ed:8d:
23:30:f7:ef:f9:95:10:7b:a4:8f:76:c2:36:52:a7:41:c4:ab:
e6:70:48:67:89:2e:41:d2:f0:30:be:f3:d7:71:26:90:9c:76:
5e:4a:ac:57:74:53:61:41:ca:1b:e0:b7:c4:00:3f:a7:31:eb:
e1:6a:2f:c9:28:ff:e9:ca:c2:77:67:41:bf:5a:c0:90:54:51:
54:57:f4:e4:c7:0b:68:2e:f9:f9:31:e7:1b:78:42:35:b0:b1:
0b:f6:d0:02:54:c4:eb:0e:f5:37:49:ad:78:96:09:dc:8d:47:
83:47:f1:98:d6:49:31:12:70:72:34:ca:df:59:ed:f8:f5:3f:
e2:25:aa:99:41:2c:5d:22:f8:12:15:13:27:eb:ba:0f:4f:2f:
c6:73:ac:f4:be:75:fb:11:5c:6d:21:d7:95:4a:0c:7b:ee:f3:
8e:a2:e5:a4:80:0a:4d:f5:60:bc:92:7f:fc:96:0d:42:9e:16:
b4:02:3d:69:61:33:ad:61:24:a4:da:87:6b:71:02:eb:96:cc:
f3:b9:a0:6b:c0:30:64:fd:f3:91:80:e2:f5:21:68:3a:3e:be:
82:38:6b:ac
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUFoaWsgpqm2bT793s34Z+YjIA5kYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNURCMEUzNjJBRkJDOTAwMkIyRDU1MjEwMkRBMTFEQTdB
MzQzNkMxQzAeFw0yNDA2MDgxNTU3MTJaFw0yNTA2MDcxNjAyMTJaMDMxMTAvBgNV
BAMTKEQyNkI2OUJDQzk1QUYyN0NCQUFBQjI0N0Q0NjNGQUM1RkEyQUEwNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpStwcesxrOLmwVl8srY9bukHK
5Ezj2lgpSj5tw4mGHTOh2FnLQqtUJ4WZbTYIfZsZd5fhsRNPKcNcuE1c9zapSBXO
5tuTFXrt5I4pkGUVQnDKVIe7m6IHPsxB9SyHQFDvWIk7VaX8ZUKmEubW89YYwUkk
lVy8rIfLPScO2E55pf/klKKo8xVRuT1Q7rnVgnG5cLnyxftOAPGhTSotg3tBXT4u
CtKSyui4iYTN+Xgz2XiNTJRyG1BAXW6lcctUUan1KHXX0Hqp/3UtJttVLTl+eQCA
qVZxW+DNBZd9vVpvFL/bvPw/rpyNqfTpbsiUf7XLuGS7N9BWUhRJ1mPxdF77AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU0mtpvMla8ny6qrJH1GP6xfoqoGowHwYDVR0j
BBgwFoAUXbDjYq+8kAKy1VIQLaEdp6NDbBwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmQxNGVlZDYtNDhiZi00MTY3LTgxYmItZjY3NWQ2ZjE5
YTNhLzEvNURCMEUzNjJBRkJDOTAwMkIyRDU1MjEwMkRBMTFEQTdBMzQzNkMxQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC81REIwRTM2MkFGQkM5MDAyQjJENTUyMTAy
REExMURBN0EzNDM2QzFDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mZDE0ZWVkNi00OGJmLTQxNjctODFiYi1mNjc1ZDZmMTlhM2EvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYxNjMzNzMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTM0MzczNTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKgpgRKxwMA0GCSqGSIb3DQEBCwUAA4IBAQBS
EbRtxguEnHQGgp7sxNr4XnQ5pb7PdxM43AVvmmIYcy457Y0jMPfv+ZUQe6SPdsI2
UqdBxKvmcEhniS5B0vAwvvPXcSaQnHZeSqxXdFNhQcob4LfEAD+nMevhai/JKP/p
ysJ3Z0G/WsCQVFFUV/TkxwtoLvn5MecbeEI1sLEL9tACVMTrDvU3Sa14lgncjUeD
R/GY1kkxEnByNMrfWe349T/iJaqZQSxdIvgSFRMn67oPTy/Gc6z0vnX7EVxtIdeV
Sgx77vOOouWkgApN9WC8kn/8lg1Cnha0Aj1pYTOtYSSk2odrcQLrlszzuaBrwDBk
/fORgOL1IWg6Pr6COGus
-----END CERTIFICATE-----
Generated at Sun Jun 9 07:51:10 2024 by rpki-client on console-ams.rpki-client.org