Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137362e302f32322d3234203d3e2030.roa
File: 3137362e35332e3137362e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: 8NHelkDUDYik7EoVgQ5iIiqxIEPeWRqzpg/I+4ZeSpI=
Subject key identifier: 11:45:3B:10:E6:D3:F7:CB:02:50:9E:40:A4:8A:37:1C:B0:4B:C3:65
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 69D72F10149FA26E6DEEF0AD9CE701F66A1581AD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137362e302f32322d3234203d3e2030.roa
Signing time: Fri 20 Oct 2023 13:41:55 +0000
ROA not before: Fri 20 Oct 2023 13:36:55 +0000
ROA not after: Fri 18 Oct 2024 13:41:55 +0000
asID: 0
IP address blocks: 176.53.176.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jan 2024 18:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d7:2f:10:14:9f:a2:6e:6d:ee:f0:ad:9c:e7:01:f6:6a:15:81:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:55 2023 GMT
Not After : Oct 18 13:41:55 2024 GMT
Subject: CN=11453B10E6D3F7CB02509E40A48A371CB04BC365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:60:69:af:3b:b5:7a:be:fa:41:a4:91:dc:a8:
7d:98:7d:29:9f:64:a0:f3:ce:2c:f9:0a:90:04:35:
10:45:86:c6:4b:48:5c:48:7c:57:18:f4:9c:b7:fd:
04:38:67:f7:e1:3d:b8:54:f8:c8:ea:84:ad:58:fa:
6c:c9:ef:51:d6:a2:8b:30:2f:1a:93:03:5f:f8:a8:
e6:61:59:0f:77:03:e1:99:e3:b7:78:0e:14:d3:39:
9d:14:3b:50:91:70:01:2f:83:7a:82:78:f4:f1:d2:
cc:3d:0b:b3:30:7b:c2:fd:7d:41:78:67:2b:3f:16:
a7:d3:6f:fb:71:a9:4a:75:00:d7:ee:be:e2:33:aa:
a0:8b:17:32:5a:e6:9d:84:2f:6a:95:a9:70:c3:7a:
df:0d:20:df:29:2b:9a:54:ce:13:28:76:ff:0d:36:
8a:a1:95:6d:84:3d:51:18:42:69:ac:2c:36:5c:04:
43:9c:bd:3e:c4:5c:e0:f0:8b:de:3d:c8:bf:ad:e8:
92:d8:7b:9b:b5:55:41:a5:33:95:1a:b9:e0:68:d9:
da:bf:4c:04:28:39:36:04:66:a9:45:7b:3d:0a:57:
7b:a8:86:ac:67:42:f5:42:f6:6c:1b:39:7e:10:19:
e8:cf:3c:74:1f:26:a3:f2:9c:88:dd:f3:c5:be:19:
92:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:45:3B:10:E6:D3:F7:CB:02:50:9E:40:A4:8A:37:1C:B0:4B:C3:65
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137362e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.176.0/22
Signature Algorithm: sha256WithRSAEncryption
39:60:02:62:07:9b:4b:1b:de:d3:f3:7c:dc:69:99:a7:12:26:
b4:bb:5a:3c:24:50:56:0c:0e:d9:d7:51:3c:6f:1c:39:3d:dc:
a4:88:c6:70:67:1e:70:0d:a3:ba:0a:47:e0:f9:98:c0:f7:63:
db:f7:eb:dd:df:f2:ed:a5:ca:5f:8f:5b:06:8f:2e:65:ab:1d:
f5:4a:ff:61:6b:1a:e7:84:cb:26:43:2b:f0:db:bf:f2:52:9d:
b5:d8:59:25:d9:53:95:8b:61:b7:6d:73:e2:87:c4:e5:74:c9:
8f:03:8a:b6:64:a6:6e:f4:ae:96:f2:e8:69:7f:20:9f:37:2f:
72:18:77:96:9b:9d:0d:b1:04:bf:ae:0b:23:76:5e:31:23:4d:
cd:54:d6:7d:99:bb:0d:65:02:95:7f:a4:57:0a:41:04:28:50:
d1:3a:12:85:82:c1:da:81:ef:46:8e:ed:1a:6a:e2:8d:3c:b0:
1a:78:3a:01:97:d2:37:76:6f:a5:55:18:89:e1:c8:85:3f:87:
9f:ef:11:a6:36:39:6f:1d:64:99:1f:0e:90:84:74:1b:7a:af:
75:8a:f7:d3:21:b7:c4:9b:6b:06:4d:59:eb:72:da:ca:04:83:
ab:0b:18:0e:62:bb:c4:53:ef:46:b7:4d:77:b2:d0:b3:02:d8:
c8:88:9d:4d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUadcvEBSfom5t7vCtnOcB9moVga0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTVaFw0yNDEwMTgxMzQxNTVaMDMxMTAvBgNV
BAMTKDExNDUzQjEwRTZEM0Y3Q0IwMjUwOUU0MEE0OEEzNzFDQjA0QkMzNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3YGmvO7V6vvpBpJHcqH2YfSmf
ZKDzziz5CpAENRBFhsZLSFxIfFcY9Jy3/QQ4Z/fhPbhU+MjqhK1Y+mzJ71HWoosw
LxqTA1/4qOZhWQ93A+GZ47d4DhTTOZ0UO1CRcAEvg3qCePTx0sw9C7Mwe8L9fUF4
Zys/FqfTb/txqUp1ANfuvuIzqqCLFzJa5p2EL2qVqXDDet8NIN8pK5pUzhModv8N
NoqhlW2EPVEYQmmsLDZcBEOcvT7EXODwi949yL+t6JLYe5u1VUGlM5UaueBo2dq/
TAQoOTYEZqlFez0KV3uohqxnQvVC9mwbOX4QGejPPHQfJqPynIjd88W+GZJtAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUEUU7EObT98sCUJ5ApIo3HLBLw2UwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzNTMzMmUzMTM3
MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArA1sDANBgkq
hkiG9w0BAQsFAAOCAQEAOWACYgebSxve0/N83GmZpxImtLtaPCRQVgwO2ddRPG8c
OT3cpIjGcGcecA2jugpH4PmYwPdj2/fr3d/y7aXKX49bBo8uZasd9Ur/YWsa54TL
JkMr8Nu/8lKdtdhZJdlTlYtht21z4ofE5XTJjwOKtmSmbvSulvLoaX8gnzcvchh3
lpudDbEEv64LI3ZeMSNNzVTWfZm7DWUClX+kVwpBBChQ0ToShYLB2oHvRo7tGmri
jTywGng6AZfSN3ZvpVUYieHIhT+Hn+8RpjY5bx1kmR8OkIR0G3qvdYr30yG3xJtr
Bk1Z63LaygSDqwsYDmK7xFPvRrdNd7LQswLYyIidTQ==
-----END CERTIFICATE-----
Generated at Fri Jan 26 23:50:01 2024 by rpki-client on console-fra.rpki-client.org