Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e33312e3232342e302f32312d3231203d3e203437353833.roa
File: 38352e33312e3232342e302f32312d3231203d3e203437353833.roa (raw, json)
Hash identifier: mBlu9z+SSv/WePuh9rTrjscSFcA8naPOLMHGKnY9zM0=
Subject key identifier: B3:89:56:5D:2B:76:71:BF:0F:61:20:D9:0B:29:6D:98:76:83:E0:C2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7AE63642B9D8799E88D59F0F2FF7C04A9B5152CE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e33312e3232342e302f32312d3231203d3e203437353833.roa
Signing time: Tue 09 Jul 2024 08:04:11 +0000
ROA not before: Tue 09 Jul 2024 07:59:11 +0000
ROA not after: Tue 08 Jul 2025 08:04:11 +0000
asID: 47583
IP address blocks: 85.31.224.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 09 Jul 2024 12:27:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:e6:36:42:b9:d8:79:9e:88:d5:9f:0f:2f:f7:c0:4a:9b:51:52:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 9 07:59:11 2024 GMT
Not After : Jul 8 08:04:11 2025 GMT
Subject: CN=B389565D2B7671BF0F6120D90B296D987683E0C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e4:eb:60:b1:ab:84:d1:11:2f:6e:6c:76:24:
ea:16:2f:0b:e0:12:c1:ca:da:db:af:db:08:ab:7a:
f3:7b:35:26:b3:5a:b7:7e:75:06:69:50:61:79:0a:
36:ac:20:05:86:f3:21:b0:8e:38:8f:b9:09:02:e2:
76:24:23:74:54:c4:32:57:8a:76:df:3d:5e:1f:6f:
c7:5d:d8:bb:42:c4:ce:1e:06:77:5a:ea:12:02:21:
d2:88:47:7b:33:21:1d:50:7d:5d:76:eb:40:f3:bc:
c5:c4:ee:27:80:30:38:66:0b:6e:60:e6:ad:d0:32:
56:72:12:0b:8d:40:a6:ca:d6:24:34:2b:37:be:17:
a5:24:d8:bc:d4:9b:d6:c4:ac:17:51:08:78:4a:8a:
2f:c4:54:10:d6:9d:88:45:3d:9f:b6:85:47:7c:c4:
82:dc:b0:f1:8d:79:78:d3:d4:72:bc:dc:90:e9:ff:
8b:e9:dc:b1:d7:20:83:f0:40:9d:cd:9c:4e:c0:16:
b9:a7:f1:30:47:53:18:55:3e:89:49:98:c8:ff:50:
c7:c6:a2:3a:33:84:a2:ae:fb:6e:0a:bc:37:cd:a6:
09:1d:1d:ef:b3:31:f1:2c:39:7e:c1:7a:68:6c:7f:
0d:90:a3:bb:16:cd:00:34:20:68:24:be:95:fb:8b:
c4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:89:56:5D:2B:76:71:BF:0F:61:20:D9:0B:29:6D:98:76:83:E0:C2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e33312e3232342e302f32312d3231203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.224.0/21
Signature Algorithm: sha256WithRSAEncryption
66:56:cf:00:8c:43:f5:e6:bf:e7:59:7b:fe:94:74:f3:da:54:
8a:89:05:88:00:56:80:02:4f:71:6e:50:a6:49:6e:43:22:53:
94:7d:97:3e:62:47:97:7d:18:d0:58:4c:1d:99:56:3a:a7:bc:
f8:77:e6:66:4b:45:f8:30:e6:49:ae:cb:d0:17:01:fa:e3:c8:
40:f1:40:a4:ab:ec:88:13:b0:0c:2a:20:06:f7:a3:bf:66:90:
58:c1:fa:9a:56:77:51:80:33:56:cd:0d:48:33:4e:51:b9:ad:
35:04:20:46:98:83:dd:d9:21:7b:ab:5f:29:4e:d7:60:05:d1:
25:f0:b4:92:da:33:97:ff:50:7c:90:27:13:28:b9:a8:00:18:
16:c4:6d:7f:5d:2c:9c:f5:98:9c:09:40:79:ac:d6:52:e9:3c:
cf:19:b9:52:5b:be:c8:24:47:8e:fc:46:6b:c3:ef:c4:8a:2c:
20:41:0d:ae:81:49:d0:46:2e:a7:e2:6a:4b:fc:69:df:01:32:
09:51:3f:f2:d9:f9:bb:3d:db:b8:c6:8c:cf:bf:a1:5e:7e:72:
26:58:f4:5f:fa:e0:69:45:24:de:2e:4f:d2:c4:55:4c:d6:15:
4b:e0:01:b3:1b:fa:66:05:04:43:e1:d8:9f:30:36:c7:e5:f1:
39:c9:86:09
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeuY2QrnYeZ6I1Z8PL/fASptRUs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MDkwNzU5MTFaFw0yNTA3MDgwODA0MTFaMDMxMTAvBgNV
BAMTKEIzODk1NjVEMkI3NjcxQkYwRjYxMjBEOTBCMjk2RDk4NzY4M0UwQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC25OtgsauE0REvbmx2JOoWLwvg
EsHK2tuv2wirevN7NSazWrd+dQZpUGF5CjasIAWG8yGwjjiPuQkC4nYkI3RUxDJX
inbfPV4fb8dd2LtCxM4eBnda6hICIdKIR3szIR1QfV1260DzvMXE7ieAMDhmC25g
5q3QMlZyEguNQKbK1iQ0Kze+F6Uk2LzUm9bErBdRCHhKii/EVBDWnYhFPZ+2hUd8
xILcsPGNeXjT1HK83JDp/4vp3LHXIIPwQJ3NnE7AFrmn8TBHUxhVPolJmMj/UMfG
ojozhKKu+24KvDfNpgkdHe+zMfEsOX7Bemhsfw2Qo7sWzQA0IGgkvpX7i8QlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUs4lWXSt2cb8PYSDZCyltmHaD4MIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzMzMTJlMzIzMjM0
MmUzMDJmMzIzMTJkMzIzMTIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1Uf
4DANBgkqhkiG9w0BAQsFAAOCAQEAZlbPAIxD9ea/51l7/pR089pUiokFiABWgAJP
cW5QpkluQyJTlH2XPmJHl30Y0FhMHZlWOqe8+HfmZktF+DDmSa7L0BcB+uPIQPFA
pKvsiBOwDCogBvejv2aQWMH6mlZ3UYAzVs0NSDNOUbmtNQQgRpiD3dkhe6tfKU7X
YAXRJfC0ktozl/9QfJAnEyi5qAAYFsRtf10snPWYnAlAeazWUuk8zxm5Ulu+yCRH
jvxGa8PvxIosIEENroFJ0EYup+JqS/xp3wEyCVE/8tn5uz3buMaMz7+hXn5yJlj0
X/rgaUUk3i5P0sRVTNYVS+ABsxv6ZgUEQ+HYnzA2x+XxOcmGCQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:38 2025 by rpki-client