Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33362e302f32342d3332203d3e20313336373837.roa
File: 38312e32322e33362e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: dEDlndpiFRDZw9ZhAEqed8oR7x9NNJ3bhScZJEwlfA4=
Subject key identifier: E8:C3:02:F4:B6:D0:26:BB:D5:AC:71:74:B9:15:6B:45:6A:73:A0:12
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 496316135E3C743620FADD2DBE5FEFE3625029AB
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33362e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:46 +0000
ROA not before: Mon 26 Feb 2024 08:48:46 +0000
ROA not after: Mon 24 Feb 2025 08:53:46 +0000
asID: 136787
IP address blocks: 81.22.36.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 20 Mar 2024 08:23:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:63:16:13:5e:3c:74:36:20:fa:dd:2d:be:5f:ef:e3:62:50:29:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Feb 26 08:48:46 2024 GMT
Not After : Feb 24 08:53:46 2025 GMT
Subject: CN=E8C302F4B6D026BBD5AC7174B9156B456A73A012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:64:c8:b0:01:d7:72:ab:3b:e7:52:4a:fe:
6f:ca:99:e5:85:1f:7c:d8:4d:53:86:26:57:fa:8e:
90:71:96:43:7d:c0:11:3a:88:7f:e1:90:ba:a6:72:
19:c4:d5:1e:3d:f7:54:e2:9f:86:92:48:b4:22:ed:
3e:d3:86:ff:22:5b:48:54:3d:b8:c9:52:6f:22:d3:
21:70:6a:e8:00:c8:42:9e:36:19:d9:34:80:63:5c:
1b:9e:b6:d0:72:e3:53:47:a2:4c:62:96:1b:e6:8c:
52:0d:1e:76:01:3d:a8:1f:14:59:5f:39:b0:c1:c2:
84:f2:87:5f:0f:a9:32:5f:ce:fd:f6:a1:39:51:a9:
a6:6e:bf:e1:78:0d:71:42:30:1b:f5:0a:ec:63:1f:
be:a0:43:f8:b1:de:61:03:c9:0a:9f:3a:51:58:1c:
79:bf:1b:37:cc:0f:9a:a6:9d:7d:33:2b:14:b1:4f:
f8:e6:2a:62:d7:46:38:c9:2e:d7:aa:c0:67:36:be:
65:ea:72:98:85:e3:c1:4c:ab:71:0a:b6:86:09:92:
dd:85:cb:aa:94:22:84:fd:53:ae:ba:dd:17:bb:37:
c1:31:2f:ab:d8:0f:1f:bc:4f:03:c6:49:47:a9:f3:
d3:99:73:3f:93:f4:61:b3:b5:46:4e:e6:10:51:87:
2c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C3:02:F4:B6:D0:26:BB:D5:AC:71:74:B9:15:6B:45:6A:73:A0:12
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33362e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.36.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:44:e9:b3:a5:24:71:a3:bf:dc:a6:3c:14:fe:58:fd:91:45:
f8:8c:77:67:c8:87:35:86:15:35:3e:69:34:78:8f:4f:cc:c4:
5c:71:b9:d2:7b:e1:70:e9:7a:2d:cb:1f:0e:90:09:a1:4d:19:
66:56:9b:3c:8c:c0:9e:7e:6f:d2:93:d6:a6:09:bd:8d:c9:03:
b7:73:f7:98:fb:ee:3e:d7:73:c7:50:e5:3b:05:7b:e7:2a:41:
16:9b:cb:a6:b3:c1:84:97:a1:18:a3:a7:77:8f:69:be:8d:ec:
80:9a:f0:cf:79:f3:f1:29:07:b5:83:e8:96:fd:c1:5d:fd:64:
7a:31:bd:79:7f:3e:30:b1:6f:25:02:e3:52:26:e5:44:09:a7:
40:2f:b4:d5:bf:24:e8:5a:5b:be:b2:b8:08:ed:85:a8:b4:92:
99:83:b7:46:be:a2:ba:d7:89:fa:91:f2:2d:fb:12:35:fb:f7:
ac:5a:0e:e8:37:3b:93:11:19:43:b2:5d:1c:a5:e5:32:4a:c6:
80:77:37:e2:bd:c3:df:25:b5:f7:ba:5b:0f:65:30:5e:b2:49:
4d:7c:94:f4:4c:1d:bf:e0:57:25:5c:db:f6:eb:c6:1a:ce:e1:
ce:11:d8:5c:5e:61:b0:e3:04:d0:26:10:94:25:f8:31:8a:87:
8f:fb:e2:56
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSWMWE148dDYg+t0tvl/v42JQKaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yNDAyMjYwODQ4NDZaFw0yNTAyMjQwODUzNDZaMDMxMTAvBgNV
BAMTKEU4QzMwMkY0QjZEMDI2QkJENUFDNzE3NEI5MTU2QjQ1NkE3M0EwMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7XmTIsAHXcqs751JK/m/KmeWF
H3zYTVOGJlf6jpBxlkN9wBE6iH/hkLqmchnE1R4991Tin4aSSLQi7T7Thv8iW0hU
PbjJUm8i0yFwaugAyEKeNhnZNIBjXBuettBy41NHokxilhvmjFINHnYBPagfFFlf
ObDBwoTyh18PqTJfzv32oTlRqaZuv+F4DXFCMBv1CuxjH76gQ/ix3mEDyQqfOlFY
HHm/GzfMD5qmnX0zKxSxT/jmKmLXRjjJLteqwGc2vmXqcpiF48FMq3EKtoYJkt2F
y6qUIoT9U6663Re7N8ExL6vYDx+8TwPGSUep89OZcz+T9GGztUZO5hBRhyxBAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU6MMC9LbQJrvVrHF0uRVrRWpzoBIwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzMTJlMzIzMjJlMzMzNjJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFEW
JDANBgkqhkiG9w0BAQsFAAOCAQEAP0Tps6UkcaO/3KY8FP5Y/ZFF+Ix3Z8iHNYYV
NT5pNHiPT8zEXHG50nvhcOl6LcsfDpAJoU0ZZlabPIzAnn5v0pPWpgm9jckDt3P3
mPvuPtdzx1DlOwV75ypBFpvLprPBhJehGKOnd49pvo3sgJrwz3nz8SkHtYPolv3B
Xf1kejG9eX8+MLFvJQLjUiblRAmnQC+01b8k6FpbvrK4CO2FqLSSmYO3Rr6iuteJ
+pHyLfsSNfv3rFoO6Dc7kxEZQ7JdHKXlMkrGgHc34r3D3yW197pbD2UwXrJJTXyU
9Ewdv+BXJVzb9uvGGs7hzhHYXF5hsOME0CYQlCX4MYqHj/viVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org