Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/326130613a363034343a616337323a3a2f34382d3438203d3e20323134373537.roa
File: 326130613a363034343a616337323a3a2f34382d3438203d3e20323134373537.roa (raw, json)
Hash identifier: 7KLTEjBBkG7p4PEWRoHrE4U+gnzXBZpqsOjLtBzrv/k=
Subject key identifier: DA:FD:9A:3D:21:DA:A0:9B:4C:7D:C4:81:6D:D6:0F:19:2B:C4:B2:12
Certificate issuer: /CN=5DB0E362AFBC9002B2D552102DA11DA7A3436C1C
Certificate serial: 4247D5D27F3A01485B2CC02D523DDB6B05135D09
Authority key identifier: 5D:B0:E3:62:AF:BC:90:02:B2:D5:52:10:2D:A1:1D:A7:A3:43:6C:1C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/5DB0E362AFBC9002B2D552102DA11DA7A3436C1C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/326130613a363034343a616337323a3a2f34382d3438203d3e20323134373537.roa
Signing time: Sat 08 Jun 2024 19:01:10 +0000
ROA not before: Sat 08 Jun 2024 18:56:10 +0000
ROA not after: Sat 07 Jun 2025 19:01:10 +0000
asID: 214757
IP address blocks: 2a0a:6044:ac72::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Jun 2024 06:49:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:47:d5:d2:7f:3a:01:48:5b:2c:c0:2d:52:3d:db:6b:05:13:5d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5DB0E362AFBC9002B2D552102DA11DA7A3436C1C
Validity
Not Before: Jun 8 18:56:10 2024 GMT
Not After : Jun 7 19:01:10 2025 GMT
Subject: CN=DAFD9A3D21DAA09B4C7DC4816DD60F192BC4B212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:31:a4:fa:c0:f6:ea:7d:3a:22:46:cb:2a:11:
bd:d7:e5:16:37:54:87:e9:b3:34:b0:ab:49:86:85:
da:a5:b6:93:43:10:d6:d5:86:98:26:ef:d9:1a:74:
1c:f5:dc:bb:0d:d4:a8:f5:f6:78:17:7e:c4:50:4a:
ac:bf:55:fc:c2:54:85:21:a5:e8:8d:de:74:bd:b9:
69:56:f4:11:7b:1a:0e:b7:8e:b5:36:78:fb:76:da:
08:f3:fb:3e:ad:08:f5:85:ae:ae:07:52:84:ad:da:
c5:ce:99:48:21:56:67:a5:89:22:e2:7f:83:38:38:
6b:8c:bf:43:da:2a:1a:e7:d6:1b:f2:18:51:d8:59:
08:ad:53:fb:b5:ed:1e:60:46:aa:15:89:93:17:e4:
c0:98:88:aa:90:6d:91:9a:20:00:3a:d1:7d:29:0f:
14:e8:64:99:53:fd:5e:58:af:c2:13:01:02:51:fe:
2d:61:80:3a:94:d0:6c:60:e4:12:ea:f7:af:16:17:
68:00:a0:58:b6:78:74:3e:8f:1d:7e:56:41:c3:32:
63:ec:d3:3c:72:a3:6d:16:70:f4:68:ac:a4:60:c8:
d6:4a:a6:92:66:8a:26:96:b4:43:48:e3:30:67:ea:
75:5f:12:9b:01:19:a5:09:b3:7e:d7:d7:ae:29:bf:
32:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FD:9A:3D:21:DA:A0:9B:4C:7D:C4:81:6D:D6:0F:19:2B:C4:B2:12
X509v3 Authority Key Identifier:
keyid:5D:B0:E3:62:AF:BC:90:02:B2:D5:52:10:2D:A1:1D:A7:A3:43:6C:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/5DB0E362AFBC9002B2D552102DA11DA7A3436C1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/5DB0E362AFBC9002B2D552102DA11DA7A3436C1C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fd14eed6-48bf-4167-81bb-f675d6f19a3a/1/326130613a363034343a616337323a3a2f34382d3438203d3e20323134373537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:ac72::/48
Signature Algorithm: sha256WithRSAEncryption
14:ec:fe:73:11:68:b3:94:82:6f:86:02:a8:e4:36:5b:e2:2f:
29:16:1f:6f:da:6a:1b:c3:7e:be:e1:92:53:33:51:a8:35:3d:
30:37:24:00:e5:f0:db:89:f0:ff:61:86:43:36:cd:67:d4:72:
6b:4b:a8:38:39:9e:3e:e7:df:67:26:2a:9f:4c:22:56:1f:f4:
cb:ee:30:10:3f:74:1b:6b:0f:9f:32:49:cd:4a:60:35:f7:fc:
75:f0:a6:0f:47:80:68:e4:82:a9:a3:4b:cf:f2:34:34:73:56:
3a:fb:73:72:30:76:a3:16:2e:a5:99:a8:de:14:d8:e5:fb:ce:
cf:34:ba:dc:e8:f0:a3:8d:4e:03:b4:37:ba:eb:3f:1f:ff:f5:
74:78:c2:e3:24:3b:bb:dd:97:7b:23:00:b4:e0:c1:b9:c9:10:
12:cb:f4:80:8c:0d:70:59:e2:4c:37:03:c8:94:0a:94:8d:32:
ad:81:e8:38:a4:ef:09:fa:db:fe:54:1f:2a:13:52:59:da:d1:
49:c3:73:16:bd:68:72:a1:92:0d:cd:2f:ac:87:3a:04:55:e0:
75:ba:af:4d:30:c2:73:24:ea:78:4d:5d:10:9b:00:b7:f5:ef:
91:8a:da:fb:f7:e1:1d:6a:19:43:4c:ac:35:f2:fa:4a:f3:0b:
e0:bb:df:32
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUQkfV0n86AUhbLMAtUj3bawUTXQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNURCMEUzNjJBRkJDOTAwMkIyRDU1MjEwMkRBMTFEQTdB
MzQzNkMxQzAeFw0yNDA2MDgxODU2MTBaFw0yNTA2MDcxOTAxMTBaMDMxMTAvBgNV
BAMTKERBRkQ5QTNEMjFEQUEwOUI0QzdEQzQ4MTZERDYwRjE5MkJDNEIyMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/MaT6wPbqfToiRssqEb3X5RY3
VIfpszSwq0mGhdqltpNDENbVhpgm79kadBz13LsN1Kj19ngXfsRQSqy/VfzCVIUh
peiN3nS9uWlW9BF7Gg63jrU2ePt22gjz+z6tCPWFrq4HUoSt2sXOmUghVmeliSLi
f4M4OGuMv0PaKhrn1hvyGFHYWQitU/u17R5gRqoViZMX5MCYiKqQbZGaIAA60X0p
DxToZJlT/V5Yr8ITAQJR/i1hgDqU0Gxg5BLq968WF2gAoFi2eHQ+jx1+VkHDMmPs
0zxyo20WcPRorKRgyNZKppJmiiaWtENI4zBn6nVfEpsBGaUJs37X164pvzLxAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU2v2aPSHaoJtMfcSBbdYPGSvEshIwHwYDVR0j
BBgwFoAUXbDjYq+8kAKy1VIQLaEdp6NDbBwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmQxNGVlZDYtNDhiZi00MTY3LTgxYmItZjY3NWQ2ZjE5
YTNhLzEvNURCMEUzNjJBRkJDOTAwMkIyRDU1MjEwMkRBMTFEQTdBMzQzNkMxQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC81REIwRTM2MkFGQkM5MDAyQjJENTUyMTAy
REExMURBN0EzNDM2QzFDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mZDE0ZWVkNi00OGJmLTQxNjctODFiYi1mNjc1ZDZmMTlhM2EvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTYxNjMzNzMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzczNTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRKxyMA0GCSqGSIb3DQEBCwUAA4IBAQAU
7P5zEWizlIJvhgKo5DZb4i8pFh9v2mobw36+4ZJTM1GoNT0wNyQA5fDbifD/YYZD
Ns1n1HJrS6g4OZ4+599nJiqfTCJWH/TL7jAQP3Qbaw+fMknNSmA19/x18KYPR4Bo
5IKpo0vP8jQ0c1Y6+3NyMHajFi6lmajeFNjl+87PNLrc6PCjjU4DtDe66z8f//V0
eMLjJDu73Zd7IwC04MG5yRASy/SAjA1wWeJMNwPIlAqUjTKtgeg4pO8J+tv+VB8q
E1JZ2tFJw3MWvWhyoZINzS+shzoEVeB1uq9NMMJzJOp4TV0QmwC39e+Ritr79+Ed
ahlDTKw18vpK8wvgu98y
-----END CERTIFICATE-----
Generated at Sun Jun 9 07:51:10 2024 by rpki-client on console-ams.rpki-client.org