Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e203432333636.roa
File: 38352e3139302e3233352e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: BBHiwYtRmjdsOVokvG/dHETIPCBC0mi4jLVizRyH5VQ=
Subject key identifier: D4:F2:A4:09:97:66:BB:F8:FE:B1:21:35:CB:A2:FE:5E:98:04:C1:6E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 586BFB3132783D5D41E3222805B50CD39F09B0F1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e203432333636.roa
Signing time: Tue 25 Apr 2023 17:57:14 +0000
ROA not before: Tue 25 Apr 2023 17:52:14 +0000
ROA not after: Tue 23 Apr 2024 17:57:14 +0000
asID: 42366
IP address blocks: 85.190.235.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:6b:fb:31:32:78:3d:5d:41:e3:22:28:05:b5:0c:d3:9f:09:b0:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 25 17:52:14 2023 GMT
Not After : Apr 23 17:57:14 2024 GMT
Subject: CN=D4F2A4099766BBF8FEB12135CBA2FE5E9804C16E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:54:bb:17:14:d6:3f:f8:f0:29:3a:e0:73:56:
1b:cb:69:ae:e1:4b:80:eb:2b:b0:54:ed:09:79:78:
3b:c3:09:43:0c:7a:04:fb:7a:d6:31:af:ac:7d:6a:
bb:68:07:24:2e:2f:48:28:86:e6:39:43:80:7d:59:
6a:23:a2:73:bf:4f:f4:4c:5d:db:8f:83:22:dc:f1:
32:a2:97:9e:88:a0:0c:9b:d2:74:42:67:08:f5:ed:
bf:86:db:43:19:38:b8:b5:b9:74:7e:fc:9d:c4:7a:
18:9a:8a:52:f3:f5:0a:bd:b5:f2:91:c7:33:c9:56:
13:21:c6:9d:e4:d2:ca:7c:07:e9:b7:74:e5:c4:f3:
95:47:f9:0e:06:79:c4:71:6e:65:11:49:62:95:5a:
b2:7a:da:60:aa:9a:74:ee:95:a0:41:b3:8c:55:5a:
7e:0b:74:a6:bc:f7:80:ca:df:8d:27:c8:17:48:3b:
97:f9:d5:63:4d:ed:a1:31:b2:c6:b4:4d:79:e4:1d:
09:b3:4a:c2:b5:86:7e:2b:67:6b:99:9d:af:26:5c:
a6:f7:65:7c:4f:6e:46:d3:e5:fc:38:e9:7e:bc:15:
af:9c:4a:3b:bf:4d:1c:98:ca:d4:9a:8a:f7:20:41:
3c:c3:80:b7:0e:6a:57:cb:cf:b2:51:49:a6:ae:a3:
6c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:F2:A4:09:97:66:BB:F8:FE:B1:21:35:CB:A2:FE:5E:98:04:C1:6E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233352e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.235.0/24
Signature Algorithm: sha256WithRSAEncryption
05:ad:be:0c:7f:4c:02:82:7c:24:3d:3f:e2:f1:97:16:6a:50:
91:4a:6d:5e:45:5e:94:21:f7:87:55:cb:a6:b0:4e:e5:04:94:
13:2a:f2:f3:8d:94:65:74:91:39:7c:ca:e2:4f:a2:d1:cc:53:
af:37:e4:2d:4b:23:41:0e:97:3f:b0:7d:f4:e8:90:90:09:6d:
5f:ed:45:e6:cf:00:99:ee:ea:51:aa:77:bc:98:7a:98:ba:d2:
0b:97:41:ab:59:93:71:9f:0e:a5:02:5e:d8:b3:bd:b4:6f:49:
ee:51:ca:02:12:c2:be:cb:51:6f:90:f7:88:0f:d7:a0:3e:9a:
da:e8:84:4d:14:ed:67:db:6c:ff:5f:2b:91:9c:09:2d:cb:e3:
9f:92:72:9a:59:18:44:c5:1c:be:1a:c7:e9:6c:80:b9:ba:34:
9d:b1:56:e0:88:78:c8:27:d5:78:2a:83:ce:a5:d9:a7:6b:f6:
d4:71:85:87:21:c7:6c:23:b3:ef:43:8e:ef:cc:6b:8b:d8:91:
36:5a:30:ee:d4:74:d7:a9:3f:0d:d0:80:67:16:70:27:2c:d2:
b2:b3:42:a2:33:3a:31:9f:2b:85:79:6d:d0:cf:ec:31:ac:3c:
fd:b6:1f:3e:9f:18:82:be:0f:97:ef:2a:a2:c0:72:be:e2:53:
2b:90:fe:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWGv7MTJ4PV1B4yIoBbUM058JsPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA0MjUxNzUyMTRaFw0yNDA0MjMxNzU3MTRaMDMxMTAvBgNV
BAMTKEQ0RjJBNDA5OTc2NkJCRjhGRUIxMjEzNUNCQTJGRTVFOTgwNEMxNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7VLsXFNY/+PApOuBzVhvLaa7h
S4DrK7BU7Ql5eDvDCUMMegT7etYxr6x9artoByQuL0gohuY5Q4B9WWojonO/T/RM
XduPgyLc8TKil56IoAyb0nRCZwj17b+G20MZOLi1uXR+/J3EehiailLz9Qq9tfKR
xzPJVhMhxp3k0sp8B+m3dOXE85VH+Q4GecRxbmURSWKVWrJ62mCqmnTulaBBs4xV
Wn4LdKa894DK340nyBdIO5f51WNN7aExssa0TXnkHQmzSsK1hn4rZ2uZna8mXKb3
ZXxPbkbT5fw46X68Fa+cSju/TRyYytSaivcgQTzDgLcOalfLz7JRSaauo2zVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1PKkCZdmu/j+sSE1y6L+XpgEwW4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Vb7rMA0GCSqGSIb3DQEBCwUAA4IBAQAFrb4Mf0wCgnwkPT/i8ZcWalCRSm1eRV6U
IfeHVcumsE7lBJQTKvLzjZRldJE5fMriT6LRzFOvN+QtSyNBDpc/sH306JCQCW1f
7UXmzwCZ7upRqne8mHqYutILl0GrWZNxnw6lAl7Ys720b0nuUcoCEsK+y1FvkPeI
D9egPpra6IRNFO1n22z/XyuRnAkty+OfknKaWRhExRy+GsfpbIC5ujSdsVbgiHjI
J9V4KoPOpdmna/bUcYWHIcdsI7PvQ47vzGuL2JE2WjDu1HTXqT8N0IBnFnAnLNKy
s0KiMzoxnyuFeW3Qz+wxrDz9th8+nxiCvg+X7yqiwHK+4lMrkP6I
-----END CERTIFICATE-----
Generated at Sun Nov 26 20:57:27 2023 by rpki-client on console-fra.rpki-client.org