Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e20383334.roa
File: 33312e3231372e3235302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: m051wdFZMRRGQut7ctEk9W9h0yNWV/WFnbfAbZzs+UQ=
Subject key identifier: 52:2F:2C:77:D7:C6:DE:85:6F:51:E2:EC:09:AE:58:5D:74:F4:42:7A
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 1AB75BCEC5624A25C775F75A18D8A1A2708AC43E
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e20383334.roa
Signing time: Fri 22 Dec 2023 07:45:31 +0000
ROA not before: Fri 22 Dec 2023 07:40:31 +0000
ROA not after: Fri 20 Dec 2024 07:45:31 +0000
asID: 834
IP address blocks: 31.217.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:b7:5b:ce:c5:62:4a:25:c7:75:f7:5a:18:d8:a1:a2:70:8a:c4:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Dec 22 07:40:31 2023 GMT
Not After : Dec 20 07:45:31 2024 GMT
Subject: CN=522F2C77D7C6DE856F51E2EC09AE585D74F4427A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fe:9f:6a:87:17:40:32:68:53:8e:56:7a:2e:
73:17:11:87:59:a1:b3:de:14:fc:43:a5:3e:ce:4a:
43:91:c9:65:2f:45:54:d2:80:ae:90:e9:c7:17:e2:
5a:ea:73:c1:ba:7a:33:48:bf:2a:8b:18:8f:c0:c2:
cf:3a:f3:91:7d:09:34:08:30:8a:d9:7e:94:65:be:
0a:9c:04:a2:e6:34:b6:74:1a:35:cc:c1:4b:a0:34:
d0:ae:28:08:51:ef:22:d1:c0:03:31:8a:b7:8c:6c:
80:16:ca:c1:bb:1b:f8:37:95:bd:b8:0a:d6:1d:65:
ce:02:8f:b0:f3:c8:e6:76:2e:a1:9e:d4:24:af:61:
d6:dc:e1:66:f1:04:64:17:83:fb:38:28:c9:1f:2d:
fa:7e:c0:e7:53:96:3b:c2:86:2c:8b:b6:04:e8:98:
2b:00:6d:b6:1a:91:44:48:48:f1:df:47:47:9c:c6:
18:1e:05:5a:2f:61:7b:51:a2:7b:fe:b1:02:23:68:
95:21:4b:fc:03:25:dc:8b:00:7e:84:6b:02:0a:75:
33:e3:b1:48:30:50:d5:19:de:78:b5:3d:0f:74:31:
c3:10:3d:0e:13:be:f1:67:1a:82:93:83:5c:40:53:
f2:13:54:bd:8b:6d:56:22:df:48:1e:60:1c:6e:f5:
1f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:2F:2C:77:D7:C6:DE:85:6F:51:E2:EC:09:AE:58:5D:74:F4:42:7A
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/33312e3231372e3235302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.250.0/24
Signature Algorithm: sha256WithRSAEncryption
86:99:58:6c:82:88:c1:a2:24:68:1c:e4:6c:53:50:6d:77:14:
69:0d:86:ee:cd:e3:cc:72:a8:8d:2c:b4:44:fb:4b:cd:d3:84:
aa:89:72:59:ba:43:fa:dc:5b:54:6b:0f:f3:20:39:7a:48:49:
d5:4a:e4:02:22:ed:a8:97:0e:ea:e5:37:4c:2c:d5:84:9f:50:
15:46:ef:b5:dc:8f:c7:62:35:ee:67:1a:67:fa:4c:2b:1a:cb:
a2:03:03:0c:6a:1e:79:1d:2d:c5:47:44:a4:11:a1:b0:79:06:
59:82:f5:90:15:a4:57:79:9a:ab:c2:4b:cb:26:e2:3a:12:fc:
20:d9:81:37:f1:8a:17:7a:6b:f6:ee:ed:67:57:f3:27:61:c9:
ab:a5:eb:cf:81:dd:df:cc:01:3c:d1:ae:5c:f3:be:d6:ff:0a:
97:cd:11:95:9f:02:a3:8f:61:44:19:70:f7:7f:fa:f6:47:3e:
7d:88:a6:d2:ff:78:6b:9b:8b:3c:0c:95:d4:e7:49:f3:1b:e1:
fb:ac:ea:5e:a4:38:f3:95:f1:5c:8a:25:61:8f:d2:c9:c9:04:
77:1c:27:9a:70:17:d3:7c:2f:61:95:29:7f:30:ae:42:cc:f5:
75:8e:e6:a5:06:ad:36:f2:9e:b0:1f:b5:3d:d4:ab:fa:4e:be:
5d:f8:52:10
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUGrdbzsViSiXHdfdaGNihonCKxD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yMzEyMjIwNzQwMzFaFw0yNDEyMjAwNzQ1MzFaMDMxMTAvBgNV
BAMTKDUyMkYyQzc3RDdDNkRFODU2RjUxRTJFQzA5QUU1ODVENzRGNDQyN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV/p9qhxdAMmhTjlZ6LnMXEYdZ
obPeFPxDpT7OSkORyWUvRVTSgK6Q6ccX4lrqc8G6ejNIvyqLGI/Aws8685F9CTQI
MIrZfpRlvgqcBKLmNLZ0GjXMwUugNNCuKAhR7yLRwAMxireMbIAWysG7G/g3lb24
CtYdZc4Cj7DzyOZ2LqGe1CSvYdbc4WbxBGQXg/s4KMkfLfp+wOdTljvChiyLtgTo
mCsAbbYakURISPHfR0ecxhgeBVovYXtRonv+sQIjaJUhS/wDJdyLAH6EawIKdTPj
sUgwUNUZ3ni1PQ90McMQPQ4TvvFnGoKTg1xAU/ITVL2LbVYi30geYBxu9R+XAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUUi8sd9fG3oVvUeLsCa5YXXT0QnowHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzMzMTJlMzIzMTM3MmUzMjM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAf2fow
DQYJKoZIhvcNAQELBQADggEBAIaZWGyCiMGiJGgc5GxTUG13FGkNhu7N48xyqI0s
tET7S83ThKqJclm6Q/rcW1RrD/MgOXpISdVK5AIi7aiXDurlN0ws1YSfUBVG77Xc
j8diNe5nGmf6TCsay6IDAwxqHnkdLcVHRKQRobB5BlmC9ZAVpFd5mqvCS8sm4joS
/CDZgTfxihd6a/bu7WdX8ydhyaul68+B3d/MATzRrlzzvtb/CpfNEZWfAqOPYUQZ
cPd/+vZHPn2IptL/eGubizwMldTnSfMb4fus6l6kOPOV8VyKJWGP0snJBHccJ5pw
F9N8L2GVKX8wrkLM9XWO5qUGrTbynrAftT3Uq/pOvl34UhA=
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:15:19 2024 by rpki-client on console.sobornost.net