Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232312e302f32342d3234203d3e20313336373837.roa
File: 3138352e3230392e3232312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: qeafjEUShvWdJZNGZrymK2VXkY+HZi9heNwyIqcXgc4=
Subject key identifier: 21:CF:09:91:8D:21:9B:60:6F:F4:5A:71:99:15:D1:6B:A4:AC:83:DF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6D45A6AF912CAAC66665C253EDDA207B46E9073B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232312e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 20 Oct 2023 13:41:54 +0000
ROA not before: Fri 20 Oct 2023 13:36:54 +0000
ROA not after: Fri 18 Oct 2024 13:41:54 +0000
asID: 136787
IP address blocks: 185.209.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 09:28:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:45:a6:af:91:2c:aa:c6:66:65:c2:53:ed:da:20:7b:46:e9:07:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:54 2023 GMT
Not After : Oct 18 13:41:54 2024 GMT
Subject: CN=21CF09918D219B606FF45A719915D16BA4AC83DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f5:e5:14:9e:9e:2b:e8:63:65:25:10:f7:df:
01:aa:ec:9a:2f:55:5f:be:bc:b3:b4:c9:5e:bd:91:
20:38:6d:4e:8f:12:2a:a7:d5:f3:0e:34:c4:a3:64:
2e:c9:25:9b:88:d9:65:77:cb:4f:bc:6f:dd:d3:35:
35:63:20:5b:c5:3b:0f:7d:76:9e:95:86:b6:2e:2a:
b6:18:72:bd:b9:41:11:25:a0:fb:51:40:2a:f5:b8:
2d:ce:2c:77:33:10:c3:55:6f:15:ae:c8:6f:c6:c2:
c2:19:e2:2a:13:0c:a9:4c:fb:f2:ba:f6:fd:e2:9a:
ee:af:05:29:9f:79:4e:23:05:28:17:70:f9:7c:d6:
79:33:39:25:be:f5:ec:08:0c:07:e6:5e:54:cc:a1:
a5:47:e4:ce:93:ec:6b:6b:c5:96:3d:aa:0a:0c:a7:
5a:6f:57:97:13:c3:0f:15:a5:88:01:8f:5c:95:e5:
97:70:60:1a:ee:e7:8c:f1:54:cd:a6:56:84:10:96:
48:8e:92:c2:c3:89:8c:4b:42:f9:91:fe:03:ce:d8:
d2:7e:e0:02:5a:11:6b:45:8a:02:ee:ea:74:08:90:
83:2e:05:4d:d4:74:26:37:b3:e9:9a:26:a0:30:e5:
39:0a:2a:91:c3:56:06:fe:7e:32:39:10:47:d4:ac:
d8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CF:09:91:8D:21:9B:60:6F:F4:5A:71:99:15:D1:6B:A4:AC:83:DF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.221.0/24
Signature Algorithm: sha256WithRSAEncryption
14:99:38:db:0b:ca:4f:1e:c8:f1:47:c6:e8:aa:f1:b6:9a:cf:
fa:80:56:25:be:92:32:be:8f:b6:58:9d:96:eb:91:a7:fc:d9:
75:8a:1f:2c:90:d5:83:77:a4:15:5d:c6:4e:d4:58:ca:61:b5:
08:06:ad:3e:64:bb:4e:fb:39:59:03:27:42:bc:91:67:f8:4a:
8b:76:92:33:69:57:5c:d9:b1:74:ef:5c:98:2a:ee:d0:37:de:
19:06:20:11:f8:b1:d5:f2:59:ff:10:de:ab:1c:65:d0:1b:c6:
81:cd:f7:2d:9b:9f:bc:81:3c:b3:22:c0:65:85:90:00:73:0d:
f2:b3:70:b5:df:c0:68:9a:26:22:ed:fb:30:65:17:14:e5:75:
25:31:e8:77:11:83:ba:73:6d:cb:b2:48:b9:e1:01:e5:0a:0e:
98:69:44:c3:6a:d5:c6:2e:26:ef:25:96:18:06:33:5e:5b:20:
fd:7d:fc:73:a0:a8:69:77:e0:13:43:ce:e3:3c:62:bc:0d:95:
41:57:1f:82:22:b1:65:84:1d:e6:7f:72:b6:4c:90:8f:d4:21:
76:0f:d2:62:81:c0:fe:22:fb:9c:cd:a3:cd:5e:0e:cf:4f:71:
c0:cc:34:f3:06:b0:59:a3:01:1e:fa:e4:a7:67:6c:33:89:a2:
a7:a6:04:c8
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbUWmr5EsqsZmZcJT7doge0bpBzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTRaFw0yNDEwMTgxMzQxNTRaMDMxMTAvBgNV
BAMTKDIxQ0YwOTkxOEQyMTlCNjA2RkY0NUE3MTk5MTVEMTZCQTRBQzgzREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb9eUUnp4r6GNlJRD33wGq7Jov
VV++vLO0yV69kSA4bU6PEiqn1fMONMSjZC7JJZuI2WV3y0+8b93TNTVjIFvFOw99
dp6VhrYuKrYYcr25QREloPtRQCr1uC3OLHczEMNVbxWuyG/GwsIZ4ioTDKlM+/K6
9v3imu6vBSmfeU4jBSgXcPl81nkzOSW+9ewIDAfmXlTMoaVH5M6T7GtrxZY9qgoM
p1pvV5cTww8VpYgBj1yV5ZdwYBru54zxVM2mVoQQlkiOksLDiYxLQvmR/gPO2NJ+
4AJaEWtFigLu6nQIkIMuBU3UdCY3s+maJqAw5TkKKpHDVgb+fjI5EEfUrNidAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUIc8JkY0hm2Bv9FpxmRXRa6Ssg98wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3TANBgkqhkiG9w0BAQsFAAOCAQEAFJk42wvKTx7I8UfG6KrxtprP+oBW
Jb6SMr6PtlidluuRp/zZdYofLJDVg3ekFV3GTtRYymG1CAatPmS7Tvs5WQMnQryR
Z/hKi3aSM2lXXNmxdO9cmCru0DfeGQYgEfix1fJZ/xDeqxxl0BvGgc33LZufvIE8
syLAZYWQAHMN8rNwtd/AaJomIu37MGUXFOV1JTHodxGDunNty7JIueEB5QoOmGlE
w2rVxi4m7yWWGAYzXlsg/X38c6CoaXfgE0PO4zxivA2VQVcfgiKxZYQd5n9ytkyQ
j9Qhdg/SYoHA/iL7nM2jzV4Oz09xwMw08wawWaMBHvrkp2dsM4mip6YEyA==
-----END CERTIFICATE-----
Generated at Mon Mar 4 11:57:01 2024 by rpki-client on console-fra.rpki-client.org