Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e32342e302f32312d3234203d3e203432333636.roa
File: 3135362e36372e32342e302f32312d3234203d3e203432333636.roa (raw, json)
Hash identifier: SFcpudPyx1Dll2u3lEyMaQ2cDICCBcxfJGZC2hhVbnE=
Subject key identifier: E5:58:C6:2A:E1:5D:C7:55:17:79:09:92:EC:21:EC:A8:D8:C2:D9:F7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A59CD509907ACD45C1A3D9340A0B479E4308983
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e32342e302f32312d3234203d3e203432333636.roa
Signing time: Tue 26 Mar 2024 18:03:16 +0000
ROA not before: Tue 26 Mar 2024 17:58:16 +0000
ROA not after: Tue 25 Mar 2025 18:03:16 +0000
asID: 42366
IP address blocks: 156.67.24.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 07:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:59:cd:50:99:07:ac:d4:5c:1a:3d:93:40:a0:b4:79:e4:30:89:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 26 17:58:16 2024 GMT
Not After : Mar 25 18:03:16 2025 GMT
Subject: CN=E558C62AE15DC75517790992EC21ECA8D8C2D9F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e5:f9:46:ae:95:c5:4a:14:b9:06:80:8b:cd:
a8:84:8a:20:ce:16:cc:30:c4:a0:2f:14:d0:4d:21:
da:2c:09:6c:67:e1:07:6b:24:b8:e0:6b:57:03:31:
d4:ca:b3:30:a9:a9:2d:fc:d4:08:34:0d:10:c4:00:
18:5e:42:49:74:f0:ea:08:16:ef:d7:1f:ad:e5:3f:
e6:29:46:38:29:a5:b8:4b:fc:ac:dd:63:18:35:dc:
62:b1:47:5f:67:8e:af:5d:1a:71:f7:e4:bd:a9:5e:
77:43:38:9c:94:88:73:2c:16:59:9b:3c:65:5e:e9:
21:69:f2:f9:b0:97:19:1e:7d:83:f3:67:18:a1:d1:
df:a1:cd:34:a1:c6:a6:e0:16:82:3f:0e:35:eb:b5:
d6:c0:2c:ae:ff:12:e8:97:b4:46:a2:0c:53:cc:a8:
54:ff:fe:18:50:58:c1:9a:4a:6d:53:24:6a:dd:bf:
aa:53:49:95:c0:73:b8:87:c4:47:08:73:9c:49:61:
76:5a:79:32:86:57:0c:a3:28:bf:c4:0b:ec:ba:5e:
e9:3c:d4:c0:eb:ea:67:12:f5:73:3d:17:a6:02:ab:
93:54:ec:51:e9:71:13:a5:c0:fe:12:25:b8:8e:ac:
e5:14:d8:be:f1:18:11:82:53:f8:0f:ff:29:e0:83:
7c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:58:C6:2A:E1:5D:C7:55:17:79:09:92:EC:21:EC:A8:D8:C2:D9:F7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e32342e302f32312d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.24.0/21
Signature Algorithm: sha256WithRSAEncryption
76:46:13:a7:84:40:fc:0e:95:e5:b5:f2:d1:ac:e4:6e:f0:e3:
cb:d5:37:7c:60:24:5b:53:89:8e:5b:c4:73:54:8f:44:01:d8:
de:57:71:4e:2e:09:c2:90:c0:de:bc:31:69:67:3d:cb:76:76:
bf:5d:08:f6:bd:58:bf:a6:2c:e2:ff:c2:56:38:0e:71:42:43:
6f:1e:2c:0a:05:6e:f4:ae:81:b2:2d:e0:dd:af:a9:dd:92:49:
3a:bf:6f:73:bd:11:d8:2f:c5:66:e1:65:07:20:81:b8:28:f8:
e5:a1:fb:a7:f3:9e:0e:5e:82:f1:34:a4:37:a2:41:7f:cf:bc:
32:f6:af:2d:35:30:0a:d0:f4:3d:3e:f0:fd:f0:b0:e9:be:53:
e4:3f:78:a1:d4:b2:64:a4:b7:7b:84:c5:40:93:e8:3d:0a:cf:
65:26:b1:74:74:7e:29:27:40:b9:4b:70:f8:8e:a4:4e:b3:bc:
2e:98:cc:7c:a3:25:ec:21:15:3a:03:5b:66:21:5b:25:f6:de:
82:f0:ac:a9:8d:a9:2b:59:0e:8a:1f:98:75:da:ad:72:7c:6c:
bb:ed:55:11:00:ad:3c:35:70:9d:64:43:c6:f0:20:c2:38:d6:
1b:08:fa:2a:d2:12:5e:c7:59:2c:12:46:d3:c9:96:b3:e3:65:
e3:5f:7d:4d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWlnNUJkHrNRcGj2TQKC0eeQwiYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMjYxNzU4MTZaFw0yNTAzMjUxODAzMTZaMDMxMTAvBgNV
BAMTKEU1NThDNjJBRTE1REM3NTUxNzc5MDk5MkVDMjFFQ0E4RDhDMkQ5RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd5flGrpXFShS5BoCLzaiEiiDO
FswwxKAvFNBNIdosCWxn4QdrJLjga1cDMdTKszCpqS381Ag0DRDEABheQkl08OoI
Fu/XH63lP+YpRjgppbhL/KzdYxg13GKxR19njq9dGnH35L2pXndDOJyUiHMsFlmb
PGVe6SFp8vmwlxkefYPzZxih0d+hzTShxqbgFoI/DjXrtdbALK7/EuiXtEaiDFPM
qFT//hhQWMGaSm1TJGrdv6pTSZXAc7iHxEcIc5xJYXZaeTKGVwyjKL/EC+y6Xuk8
1MDr6mcS9XM9F6YCq5NU7FHpcROlwP4SJbiOrOUU2L7xGBGCU/gP/yngg3w/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU5VjGKuFdx1UXeQmS7CHsqNjC2fcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMjM0
MmUzMDJmMzIzMTJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5xD
GDANBgkqhkiG9w0BAQsFAAOCAQEAdkYTp4RA/A6V5bXy0azkbvDjy9U3fGAkW1OJ
jlvEc1SPRAHY3ldxTi4JwpDA3rwxaWc9y3Z2v10I9r1Yv6Ys4v/CVjgOcUJDbx4s
CgVu9K6Bsi3g3a+p3ZJJOr9vc70R2C/FZuFlByCBuCj45aH7p/OeDl6C8TSkN6JB
f8+8MvavLTUwCtD0PT7w/fCw6b5T5D94odSyZKS3e4TFQJPoPQrPZSaxdHR+KSdA
uUtw+I6kTrO8LpjMfKMl7CEVOgNbZiFbJfbegvCsqY2pK1kOih+Yddqtcnxsu+1V
EQCtPDVwnWRDxvAgwjjWGwj6KtISXsdZLBJG08mWs+Nl4199TQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:08 2025 by rpki-client