Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e20383334.roa
File: 38352e3230392e3232322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: mraSlj4rOStz30z+koXjD836EHBTp6HMBd5/P3LDhec=
Subject key identifier: AA:9C:5B:DF:D0:21:8D:5A:E6:0F:21:4F:D5:9A:54:CA:60:F5:91:FD
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0F212FF2DBFB5818349E92C8608E6F6DC2457748
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e20383334.roa
Signing time: Fri 30 Jun 2023 00:00:04 +0000
ROA not before: Thu 29 Jun 2023 23:55:04 +0000
ROA not after: Fri 28 Jun 2024 00:00:04 +0000
asID: 834
IP address blocks: 85.209.222.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:21:2f:f2:db:fb:58:18:34:9e:92:c8:60:8e:6f:6d:c2:45:77:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 29 23:55:04 2023 GMT
Not After : Jun 28 00:00:04 2024 GMT
Subject: CN=AA9C5BDFD0218D5AE60F214FD59A54CA60F591FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:50:fc:0a:b7:49:9b:9c:37:9d:fc:b5:de:37:
83:39:6b:d6:d2:ca:60:e9:9b:57:31:74:7f:df:80:
4d:10:0a:a8:d6:52:3e:a0:3c:73:d5:44:94:25:f7:
43:5f:29:15:74:e7:e0:49:34:74:01:ad:bb:38:cc:
7e:01:74:fe:53:d6:d5:6c:cb:d1:bf:e8:18:b1:9b:
2a:3e:33:58:17:7f:46:5c:ec:d5:3a:f5:e7:96:84:
e1:00:0d:68:56:8d:e7:c0:49:da:ca:fb:a3:04:94:
c6:fe:0c:fe:da:26:6f:84:7d:4e:ec:68:ab:a6:ec:
03:ed:62:cc:df:45:65:d4:6b:0d:2b:94:a5:9c:00:
6c:ee:45:6d:f3:cf:70:c5:ed:f1:05:54:89:ab:b7:
88:94:2f:b4:cc:26:63:8b:69:8e:25:88:52:6c:05:
03:ae:a8:5f:04:bb:88:b4:10:7c:7b:0e:b4:22:a1:
2b:b2:9a:8c:de:97:51:f5:93:cf:03:86:bd:be:9d:
17:44:93:9b:77:57:2d:6f:75:84:1b:70:a4:02:6c:
45:7e:c2:ca:39:07:b8:e7:05:91:9b:fc:b0:4e:d9:
a4:59:49:b5:2c:71:98:e8:c4:af:3f:71:4a:b4:52:
44:f1:30:a4:05:f8:19:7d:52:7e:c9:1b:cc:10:47:
01:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:9C:5B:DF:D0:21:8D:5A:E6:0F:21:4F:D5:9A:54:CA:60:F5:91:FD
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
55:77:db:c9:ce:ad:0b:af:0f:db:27:a6:75:54:a7:39:82:be:
32:47:26:28:34:55:fb:7c:a0:b3:6a:77:19:98:40:92:d3:35:
1e:33:f0:6b:89:40:87:b6:2f:5b:90:c5:02:4b:6c:0b:b9:90:
1a:ff:99:02:24:59:81:9a:27:b5:72:be:dc:b0:e8:91:62:2c:
25:56:1b:83:73:8c:eb:f4:05:af:98:c5:66:d3:a3:1f:35:41:
8c:d0:37:3b:8b:4f:34:57:21:49:fb:f0:b9:82:4f:95:91:bb:
bb:c6:03:16:cf:30:95:63:40:d0:c9:0a:cb:4d:ca:a8:2d:70:
92:5f:d7:e7:d6:51:c2:c4:5f:6b:f2:e1:d6:bc:9d:65:ac:0a:
5f:5f:49:e7:16:8c:fc:6b:c0:0a:6c:11:91:07:6b:b6:df:9b:
f6:12:52:e7:31:7f:73:bd:f9:21:26:79:40:96:69:30:23:26:
55:e6:c8:07:46:b9:62:5e:a5:4e:fe:b9:ad:fd:71:fc:4a:35:
a5:81:0d:99:af:17:e0:26:c1:8f:70:9b:4b:b1:bd:da:93:d8:
13:fb:ca:37:d6:79:a2:47:1d:31:11:6c:ea:9a:e4:71:ad:be:
e0:19:e8:e4:39:3e:f1:cc:f6:5e:a7:23:b6:85:79:0e:c6:6f:
a3:e2:61:c9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDyEv8tv7WBg0npLIYI5vbcJFd0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA2MjkyMzU1MDRaFw0yNDA2MjgwMDAwMDRaMDMxMTAvBgNV
BAMTKEFBOUM1QkRGRDAyMThENUFFNjBGMjE0RkQ1OUE1NENBNjBGNTkxRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcUPwKt0mbnDed/LXeN4M5a9bS
ymDpm1cxdH/fgE0QCqjWUj6gPHPVRJQl90NfKRV05+BJNHQBrbs4zH4BdP5T1tVs
y9G/6Bixmyo+M1gXf0Zc7NU69eeWhOEADWhWjefASdrK+6MElMb+DP7aJm+EfU7s
aKum7APtYszfRWXUaw0rlKWcAGzuRW3zz3DF7fEFVImrt4iUL7TMJmOLaY4liFJs
BQOuqF8Eu4i0EHx7DrQioSuymozel1H1k88Dhr2+nRdEk5t3Vy1vdYQbcKQCbEV+
wso5B7jnBZGb/LBO2aRZSbUscZjoxK8/cUq0UkTxMKQF+Bl9Un7JG8wQRwGPAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUqpxb39AhjVrmDyFP1ZpUymD1kf0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0d4w
DQYJKoZIhvcNAQELBQADggEBAFV328nOrQuvD9snpnVUpzmCvjJHJig0Vft8oLNq
dxmYQJLTNR4z8GuJQIe2L1uQxQJLbAu5kBr/mQIkWYGaJ7Vyvtyw6JFiLCVWG4Nz
jOv0Ba+YxWbTox81QYzQNzuLTzRXIUn78LmCT5WRu7vGAxbPMJVjQNDJCstNyqgt
cJJf1+fWUcLEX2vy4da8nWWsCl9fSecWjPxrwApsEZEHa7bfm/YSUucxf3O9+SEm
eUCWaTAjJlXmyAdGuWJepU7+ua39cfxKNaWBDZmvF+AmwY9wm0uxvdqT2BP7yjfW
eaJHHTERbOqa5HGtvuAZ6OQ5PvHM9l6nI7aFeQ7Gb6PiYck=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:43:09 2023 by rpki-client on console.sobornost.net