Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37322e302f32332d3234203d3e203432333636.roa
File: 322e35382e37322e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: Q8qm7a7Svt8RX/NA24GfhmQ1mZ3mSZoiJiPnsq0b4co=
Subject key identifier: 85:52:52:3A:1C:4E:2B:2D:51:9C:FE:01:55:B3:20:C4:EC:55:CF:18
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 4776A5C0A67DA31346E2EE62467306423CCB3ACA
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37322e302f32332d3234203d3e203432333636.roa
Signing time: Mon 10 Apr 2023 08:20:09 +0000
ROA not before: Mon 10 Apr 2023 08:15:09 +0000
ROA not after: Mon 08 Apr 2024 08:20:09 +0000
asID: 42366
IP address blocks: 2.58.72.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:76:a5:c0:a6:7d:a3:13:46:e2:ee:62:46:73:06:42:3c:cb:3a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 10 08:15:09 2023 GMT
Not After : Apr 8 08:20:09 2024 GMT
Subject: CN=8552523A1C4E2B2D519CFE0155B320C4EC55CF18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d6:ba:de:5d:0a:31:b5:20:73:fb:56:e7:2f:
d0:4b:32:ce:e2:a2:74:d8:c8:3e:c5:9f:22:61:47:
6e:fa:51:c0:52:c6:7c:48:75:51:8f:72:80:78:57:
4e:90:c6:d1:f2:08:32:69:6d:11:47:83:12:24:5e:
9f:f2:32:00:7d:6e:d9:5f:2f:35:b9:f2:72:f4:6d:
c1:30:ad:16:6a:f1:c0:a2:5c:82:c9:5b:30:a0:a9:
fb:6e:0c:52:ca:5e:b6:8d:fd:cf:78:e3:e5:42:b8:
92:3c:fd:6a:c9:8f:7d:db:3e:19:c6:44:64:f1:89:
64:8d:93:75:26:17:17:22:14:ba:f0:7c:cc:b0:64:
42:3b:a7:be:6b:20:96:0d:d7:d5:54:2e:e3:13:70:
67:04:fe:7a:37:aa:9b:eb:b6:07:2f:d9:67:0f:45:
ad:85:48:1c:0f:73:56:e5:d3:e2:8a:f5:31:cf:8b:
f5:8a:9d:e4:6f:22:56:93:b1:47:e9:23:81:7f:e2:
cb:35:6d:19:b8:15:f9:08:a7:f8:0a:db:80:f2:17:
49:98:89:40:97:ac:6a:5d:76:25:7b:db:4f:2a:7e:
fa:ef:25:ac:ca:11:2d:d7:05:5b:95:a1:19:17:32:
7f:fa:9c:78:08:8f:1c:75:b8:fb:11:93:c2:1d:88:
8c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:52:52:3A:1C:4E:2B:2D:51:9C:FE:01:55:B3:20:C4:EC:55:CF:18
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37322e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.72.0/23
Signature Algorithm: sha256WithRSAEncryption
59:82:86:96:76:5b:30:8d:6a:8b:53:e1:14:fe:d5:23:27:3c:
73:d1:78:11:4b:61:b2:67:09:e8:d6:3f:b9:00:e5:82:1d:bc:
07:8b:de:ec:2a:df:06:45:ee:90:a7:05:d9:65:16:1b:7e:da:
b5:29:70:7a:57:4a:b8:eb:50:83:0e:4c:a0:35:6e:2e:7f:6e:
20:fc:af:c6:92:b6:ea:45:9a:40:45:cd:33:56:8e:c6:a4:68:
9e:c2:2d:ce:e1:da:fe:5b:ad:9c:e0:fc:09:c1:6e:68:e3:66:
65:7a:35:54:ba:7a:07:b2:f3:11:d9:3e:5c:7a:8f:74:88:28:
c4:aa:26:0c:00:33:ee:f3:98:51:e7:be:8e:78:76:a2:98:3f:
ae:61:80:cb:1c:31:57:4b:52:e4:8a:77:7f:be:d0:2f:01:29:
2d:bc:b9:0a:27:63:2c:52:3b:8f:a0:a3:3e:bd:c3:52:d4:5e:
01:de:7f:03:fd:34:3e:33:dc:73:35:b9:d7:0e:45:ed:e8:e1:
39:cc:b2:5c:83:c4:d0:7b:30:1d:0b:40:2b:1f:36:9d:aa:ce:
3a:13:0b:f3:4c:d5:2c:4b:4f:da:ee:af:8e:95:fb:aa:1d:ef:
3d:5f:7a:3e:a8:0f:dc:ee:9a:74:fb:72:d2:d0:a4:70:9c:a9:
c5:0a:1c:af
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUR3alwKZ9oxNG4u5iRnMGQjzLOsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MTAwODE1MDlaFw0yNDA0MDgwODIwMDlaMDMxMTAvBgNV
BAMTKDg1NTI1MjNBMUM0RTJCMkQ1MTlDRkUwMTU1QjMyMEM0RUM1NUNGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW1rreXQoxtSBz+1bnL9BLMs7i
onTYyD7FnyJhR276UcBSxnxIdVGPcoB4V06QxtHyCDJpbRFHgxIkXp/yMgB9btlf
LzW58nL0bcEwrRZq8cCiXILJWzCgqftuDFLKXraN/c944+VCuJI8/WrJj33bPhnG
RGTxiWSNk3UmFxciFLrwfMywZEI7p75rIJYN19VULuMTcGcE/no3qpvrtgcv2WcP
Ra2FSBwPc1bl0+KK9THPi/WKneRvIlaTsUfpI4F/4ss1bRm4FfkIp/gK24DyF0mY
iUCXrGpddiV7208qfvrvJazKES3XBVuVoRkXMn/6nHgIjxx1uPsRk8IdiIyrAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUhVJSOhxOKy1RnP4BVbMgxOxVzxgwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzIyZTM1MzgyZTM3MzIyZTMw
MmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBZgoaWdlswjWqLU+EU/tUjJzxz0XgRS2GyZwno1j+5
AOWCHbwHi97sKt8GRe6QpwXZZRYbftq1KXB6V0q461CDDkygNW4uf24g/K/Gkrbq
RZpARc0zVo7GpGiewi3O4dr+W62c4PwJwW5o42ZlejVUunoHsvMR2T5ceo90iCjE
qiYMADPu85hR576OeHaimD+uYYDLHDFXS1Lkind/vtAvASktvLkKJ2MsUjuPoKM+
vcNS1F4B3n8D/TQ+M9xzNbnXDkXt6OE5zLJcg8TQezAdC0ArHzadqs46EwvzTNUs
S0/a7q+OlfuqHe89X3o+qA/c7pp0+3LS0KRwnKnFChyv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:03 2023 by rpki-client on console-fra.rpki-client.org