Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/322e35362e3235342e302f32342d3234203d3e203330363434.roa
File: 322e35362e3235342e302f32342d3234203d3e203330363434.roa (raw, json)
Hash identifier: O2aEjn+jDYHfeZuGwIjtRS8ckz317Zt2sWJW/JNcMdc=
Subject key identifier: 58:07:47:E0:CD:AA:AF:27:1F:AF:D0:17:77:44:DC:94:63:62:28:CD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7DE9D64C080F5EDCAC7EDFFF35FFCDD51050FC15
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/322e35362e3235342e302f32342d3234203d3e203330363434.roa
Signing time: Mon 06 May 2024 11:03:35 +0000
ROA not before: Mon 06 May 2024 10:58:35 +0000
ROA not after: Mon 05 May 2025 11:03:35 +0000
asID: 30644
IP address blocks: 2.56.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 06:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:e9:d6:4c:08:0f:5e:dc:ac:7e:df:ff:35:ff:cd:d5:10:50:fc:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 6 10:58:35 2024 GMT
Not After : May 5 11:03:35 2025 GMT
Subject: CN=580747E0CDAAAF271FAFD0177744DC94636228CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:18:af:e8:fb:7e:0a:07:5f:6f:eb:63:50:39:
46:5f:5d:30:ae:c1:b6:8f:db:57:1b:43:06:a8:66:
84:ba:b5:6a:b9:de:07:ed:57:29:fa:2a:85:bb:09:
12:56:2b:d4:10:77:87:eb:31:95:dd:71:5f:b9:98:
b1:2a:c4:9a:d1:1e:11:69:36:c8:0b:76:13:28:68:
e8:4e:23:61:de:d7:20:b9:49:f3:c2:be:ab:8d:0f:
69:2a:fa:75:bc:84:41:14:a3:9d:75:60:69:b0:0a:
e8:f6:c7:ac:4e:e3:63:5c:ef:14:4a:e5:ea:3b:6b:
41:e4:35:0a:14:c6:12:ac:7d:32:49:b5:c9:58:74:
1a:86:b7:49:cf:03:67:9c:d6:6b:42:a5:1f:8b:1e:
22:8e:ca:92:a1:a6:0e:17:88:5e:40:92:70:63:ef:
80:87:65:15:35:7d:80:e8:b6:25:16:9d:c9:5d:58:
44:41:69:fd:0c:77:14:7c:2a:66:5a:5c:48:56:e9:
3d:cc:11:f5:87:df:e2:78:ed:cd:00:5e:f6:27:3e:
f4:a2:b3:6e:43:5f:69:8f:0c:55:25:73:11:42:ba:
cb:02:a7:89:08:09:c1:33:15:1d:94:c1:19:b0:ff:
0b:5e:1a:55:a0:e6:24:a6:b2:b0:91:fc:fc:bd:46:
70:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:07:47:E0:CD:AA:AF:27:1F:AF:D0:17:77:44:DC:94:63:62:28:CD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/322e35362e3235342e302f32342d3234203d3e203330363434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.254.0/24
Signature Algorithm: sha256WithRSAEncryption
78:fe:5b:81:60:3b:8e:e0:b4:57:8d:b2:7c:55:98:67:d4:52:
71:e9:25:47:57:e6:fa:5f:e0:5a:38:bb:34:0d:88:9e:89:f1:
eb:b8:49:65:aa:59:f8:f7:cc:a2:97:e9:12:39:a6:68:09:64:
70:b8:60:86:b5:a3:9c:8a:cf:5a:c6:33:41:ff:ad:0b:89:9a:
74:a8:13:25:d7:5b:75:b4:65:21:d8:53:5d:b3:91:9d:cf:c0:
9f:94:17:eb:59:61:0a:e3:3d:09:e0:01:59:a4:3b:66:d3:18:
58:76:22:ec:37:f7:f4:9d:dc:b4:47:b7:53:83:6b:21:d9:db:
50:f7:be:bc:48:93:ac:d1:2b:52:c4:ee:f0:7c:52:91:55:de:
e4:dd:78:66:7a:6d:f0:be:9b:69:25:59:ef:7f:12:76:ff:36:
9e:d6:a0:58:a2:dc:31:b4:19:be:ee:9a:74:42:dd:30:c3:3a:
cd:86:3f:a5:be:f5:1d:b6:26:ce:39:dc:7e:e8:8c:b0:be:49:
d9:be:00:9e:e4:3d:c4:2c:39:95:ad:ee:9e:51:bb:fb:5e:9d:
dc:7a:58:c7:2c:50:f1:d5:38:43:f6:99:60:e9:f1:72:8b:cc:
07:8f:07:34:d8:00:06:21:0d:38:4b:37:c6:1e:a3:44:22:21:
83:bf:0f:80
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUfenWTAgPXtysft//Nf/N1RBQ/BUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MDYxMDU4MzVaFw0yNTA1MDUxMTAzMzVaMDMxMTAvBgNV
BAMTKDU4MDc0N0UwQ0RBQUFGMjcxRkFGRDAxNzc3NDREQzk0NjM2MjI4Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfGK/o+34KB19v62NQOUZfXTCu
wbaP21cbQwaoZoS6tWq53gftVyn6KoW7CRJWK9QQd4frMZXdcV+5mLEqxJrRHhFp
NsgLdhMoaOhOI2He1yC5SfPCvquND2kq+nW8hEEUo511YGmwCuj2x6xO42Nc7xRK
5eo7a0HkNQoUxhKsfTJJtclYdBqGt0nPA2ec1mtCpR+LHiKOypKhpg4XiF5AknBj
74CHZRU1fYDotiUWncldWERBaf0MdxR8KmZaXEhW6T3MEfWH3+J47c0AXvYnPvSi
s25DX2mPDFUlcxFCussCp4kICcEzFR2UwRmw/wteGlWg5iSmsrCR/Py9RnBdAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWAdH4M2qrycfr9AXd0TclGNiKM0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIyZTM1MzYyZTMyMzUzNDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzAzNjM0MzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOP4w
DQYJKoZIhvcNAQELBQADggEBAHj+W4FgO47gtFeNsnxVmGfUUnHpJUdX5vpf4Fo4
uzQNiJ6J8eu4SWWqWfj3zKKX6RI5pmgJZHC4YIa1o5yKz1rGM0H/rQuJmnSoEyXX
W3W0ZSHYU12zkZ3PwJ+UF+tZYQrjPQngAVmkO2bTGFh2Iuw39/Sd3LRHt1ODayHZ
21D3vrxIk6zRK1LE7vB8UpFV3uTdeGZ6bfC+m2klWe9/Enb/Np7WoFii3DG0Gb7u
mnRC3TDDOs2GP6W+9R22Js453H7ojLC+Sdm+AJ7kPcQsOZWt7p5Ru/tendx6WMcs
UPHVOEP2mWDp8XKLzAePBzTYAAYhDThLN8Yeo0QiIYO/D4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org