Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20383334.roa
File: 322e35392e35382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: Qv7qJns0CBlz+E4Yz1P6fFOa5ty4NbzvYD7sYwFfX14=
Subject key identifier: A1:B0:88:F8:38:0E:8E:1E:A5:9B:3B:7A:72:E5:A7:9C:36:76:06:E2
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6A870DBCFA6E63A761CE40BD24BAF4FE0EE04D64
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20383334.roa
Signing time: Fri 05 Jan 2024 00:00:05 +0000
ROA not before: Thu 04 Jan 2024 23:55:05 +0000
ROA not after: Fri 03 Jan 2025 00:00:05 +0000
asID: 834
IP address blocks: 2.59.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 18:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:87:0d:bc:fa:6e:63:a7:61:ce:40:bd:24:ba:f4:fe:0e:e0:4d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 4 23:55:05 2024 GMT
Not After : Jan 3 00:00:05 2025 GMT
Subject: CN=A1B088F8380E8E1EA59B3B7A72E5A79C367606E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:91:7a:32:f8:c0:5b:af:c3:99:99:e8:54:
a3:b9:e6:ba:37:e3:82:06:c8:33:7a:0f:df:1c:d2:
e8:59:45:6c:a9:9a:f2:1f:63:03:3e:e2:1a:cb:5d:
df:41:6c:ef:b3:19:02:2f:06:24:1e:6d:b7:60:1a:
08:ca:11:ff:c1:b1:76:d1:f5:1f:2f:d1:91:0d:60:
37:28:c6:06:fe:f7:d7:dc:6c:02:a9:dc:da:2f:f7:
f8:f7:e0:28:a6:dd:e4:15:27:82:3b:20:d5:47:f9:
74:9e:26:65:08:c6:11:bc:56:48:4d:46:a0:b3:66:
15:a8:99:25:df:24:0e:4d:33:55:57:63:34:7a:6c:
5b:4a:17:63:d2:4f:af:9a:30:e2:9c:e7:3b:ca:06:
d5:ad:a3:d4:0d:05:7e:e2:be:c2:fe:05:7a:ca:77:
fb:9f:c8:57:77:9b:3f:f1:89:bc:55:07:83:b4:44:
e5:24:75:24:df:68:1e:9d:02:db:c3:1f:3c:62:65:
31:f0:af:2d:fe:fb:d2:92:91:fc:57:96:75:86:44:
3c:ec:22:b0:6c:08:57:83:a2:d6:d2:f4:e8:06:eb:
63:a0:17:74:30:b0:02:38:58:83:4b:8d:7a:41:aa:
1b:02:4d:03:99:4a:25:af:f5:1e:d8:34:98:3b:4f:
3a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B0:88:F8:38:0E:8E:1E:A5:9B:3B:7A:72:E5:A7:9C:36:76:06:E2
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.58.0/24
Signature Algorithm: sha256WithRSAEncryption
19:05:73:7b:ae:5e:42:76:bc:c7:e9:d6:08:56:81:75:39:74:
71:ba:74:82:ad:2c:1d:d8:09:36:f1:de:f1:32:7f:ee:07:80:
9d:5f:ff:a8:1c:3a:86:1a:3d:bc:35:64:89:e3:96:17:06:e0:
36:fc:04:16:be:44:d4:a8:0e:61:78:e7:f8:05:b5:c4:d9:b4:
25:0a:9d:97:86:2e:53:6c:47:7c:6d:6a:0b:ee:45:d4:36:c3:
9b:6f:31:e3:3b:2e:a9:2b:4c:b2:08:42:22:43:43:6f:8e:e3:
57:8e:d6:48:f4:0e:e6:a5:bb:3a:e3:b7:56:65:ef:21:70:08:
e5:6f:8f:ba:b7:12:74:ad:41:1d:bd:53:ae:cb:f9:1a:df:a8:
7b:87:4b:41:6f:ac:2f:b7:b9:a8:1a:85:a1:49:ea:60:ac:85:
93:28:50:18:56:82:3d:35:ee:55:a7:8b:fd:41:c5:22:8b:35:
ab:31:93:f5:44:4a:82:6e:c8:d3:e9:86:2e:6e:6d:bc:17:d5:
39:50:94:39:68:f4:50:34:b1:cf:e0:83:fd:dd:13:26:fb:73:
d5:62:d5:8e:ca:ac:de:1a:9d:27:a6:6c:56:43:1a:34:0f:db:
99:a0:c1:22:45:b8:e2:11:4f:75:1e:ef:69:b8:6d:8c:7e:17:
f1:2f:6f:6f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUaocNvPpuY6dhzkC9JLr0/g7gTWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDAxMDQyMzU1MDVaFw0yNTAxMDMwMDAwMDVaMDMxMTAvBgNV
BAMTKEExQjA4OEY4MzgwRThFMUVBNTlCM0I3QTcyRTVBNzlDMzY3NjA2RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHR5F6MvjAW6/DmZnoVKO55ro3
44IGyDN6D98c0uhZRWypmvIfYwM+4hrLXd9BbO+zGQIvBiQebbdgGgjKEf/BsXbR
9R8v0ZENYDcoxgb+99fcbAKp3Nov9/j34Cim3eQVJ4I7INVH+XSeJmUIxhG8VkhN
RqCzZhWomSXfJA5NM1VXYzR6bFtKF2PST6+aMOKc5zvKBtWto9QNBX7ivsL+BXrK
d/ufyFd3mz/xibxVB4O0ROUkdSTfaB6dAtvDHzxiZTHwry3++9KSkfxXlnWGRDzs
IrBsCFeDotbS9OgG62OgF3QwsAI4WINLjXpBqhsCTQOZSiWv9R7YNJg7Tzq7AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUobCI+DgOjh6lmzt6cuWnnDZ2BuIwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzowDQYJKoZI
hvcNAQELBQADggEBABkFc3uuXkJ2vMfp1ghWgXU5dHG6dIKtLB3YCTbx3vEyf+4H
gJ1f/6gcOoYaPbw1ZInjlhcG4Db8BBa+RNSoDmF45/gFtcTZtCUKnZeGLlNsR3xt
agvuRdQ2w5tvMeM7LqkrTLIIQiJDQ2+O41eO1kj0Dualuzrjt1Zl7yFwCOVvj7q3
EnStQR29U67L+RrfqHuHS0FvrC+3uagahaFJ6mCshZMoUBhWgj017lWni/1BxSKL
Nasxk/VESoJuyNPphi5ubbwX1TlQlDlo9FA0sc/gg/3dEyb7c9Vi1Y7KrN4anSem
bFZDGjQP25mgwSJFuOIRT3Ue72m4bYx+F/Evb28=
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:55 2024 by rpki-client on console.sobornost.net