Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e20313939333334.roa
File: 38352e3230392e3232332e302f32342d3234203d3e20313939333334.roa (raw, json)
Hash identifier: xYbVFHdxYFc0/TroGYAo/6YLGhu1D+yMEXimWPRRdnM=
Subject key identifier: F5:9D:49:CA:A4:96:D5:22:AD:8F:A3:86:D3:94:7F:28:E9:70:09:FA
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 34DC8CFAB455A111827BF75EF26A540B3B3B5B18
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e20313939333334.roa
Signing time: Thu 23 Mar 2023 21:58:16 +0000
ROA not before: Thu 23 Mar 2023 21:53:16 +0000
ROA not after: Thu 21 Mar 2024 21:58:16 +0000
asID: 199334
IP address blocks: 85.209.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 22:05:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:dc:8c:fa:b4:55:a1:11:82:7b:f7:5e:f2:6a:54:0b:3b:3b:5b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 23 21:53:16 2023 GMT
Not After : Mar 21 21:58:16 2024 GMT
Subject: CN=F59D49CAA496D522AD8FA386D3947F28E97009FA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:08:c0:83:c4:59:18:e7:3a:5c:f4:a9:bf:b2:
99:b3:60:4d:28:66:f4:8c:28:57:c6:5c:fc:5f:d4:
68:2d:80:99:ce:91:a4:b1:f5:3e:a3:18:45:52:cb:
ee:3c:18:7f:78:b6:70:12:13:e4:78:22:38:bd:35:
b5:9d:95:ab:ce:a2:91:67:f2:0a:f3:99:36:1a:98:
a6:d1:43:6d:3b:99:ba:f0:83:70:15:63:87:e0:7b:
9e:a4:2f:2f:0f:96:2c:ab:67:e9:e8:f0:7d:0c:f7:
d6:05:bf:52:d6:24:dd:84:1b:f0:e6:2c:70:77:d3:
38:0d:f3:4c:4d:73:b1:a7:b1:5d:29:88:f8:31:8c:
0b:45:d1:d5:29:95:1f:74:90:1d:be:5d:ef:58:e0:
f1:b8:59:17:3a:97:da:f6:e1:bd:8b:4b:ae:e1:58:
51:39:69:ee:d1:c8:41:33:88:c6:03:b7:68:f8:a4:
9c:46:a9:b6:ba:06:31:f6:31:c5:8b:21:68:86:1a:
09:fb:f7:e9:32:0d:5f:d9:41:49:41:a7:03:98:91:
dc:6b:15:89:ec:76:f2:9f:3a:52:01:0b:b4:ae:b0:
fd:40:c0:0a:47:4f:56:6d:f1:29:38:ae:a1:af:01:
28:d6:92:4f:14:c6:66:0e:7f:57:f9:de:5b:e0:0a:
bc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9D:49:CA:A4:96:D5:22:AD:8F:A3:86:D3:94:7F:28:E9:70:09:FA
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e20313939333334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
65:91:9c:c3:46:47:bb:b2:eb:49:3a:d6:b9:e9:0d:15:dc:8a:
29:0c:a4:33:08:02:12:5c:e0:1b:25:1a:4d:33:bc:c7:e1:0b:
bb:e1:ff:56:45:fe:e3:d4:09:cf:a2:56:89:c5:97:4a:6d:7d:
88:96:26:b8:5c:88:7a:8b:58:0d:8a:24:06:86:91:10:5a:01:
ad:7a:de:82:4a:9a:bc:9d:79:81:6c:f1:dc:11:17:d6:72:42:
7a:f4:de:d1:83:02:40:bb:69:40:df:cd:11:80:a2:c2:cf:94:
5a:1b:24:a6:a2:27:8b:76:c3:d3:59:eb:32:b7:64:87:9b:4c:
09:7f:0a:f8:01:07:b0:c3:da:5c:19:d0:83:41:37:c6:fb:80:
4f:8c:b5:fd:b8:f4:32:50:1e:b5:23:bd:ea:a1:9d:ed:4a:3f:
99:c7:d8:42:e8:bc:3a:e0:54:16:03:9c:8b:40:b3:ef:21:a4:
7a:77:83:a7:3b:2a:b1:b4:6e:e7:4b:cb:f9:60:c7:70:26:06:
19:73:96:8d:2c:5a:b5:4d:d6:6f:39:ff:55:7f:12:dc:5b:ed:
61:2c:1e:56:34:08:4c:aa:d4:8f:d6:32:29:4e:ed:9e:f5:ea:
fd:50:25:c4:df:ab:f6:7f:1f:c1:c9:76:c9:f0:d7:73:6a:79:
f0:f9:24:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNNyM+rRVoRGCe/de8mpUCzs7WxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjMyMTUzMTZaFw0yNDAzMjEyMTU4MTZaMDMxMTAvBgNV
BAMTKEY1OUQ0OUNBQTQ5NkQ1MjJBRDhGQTM4NkQzOTQ3RjI4RTk3MDA5RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgCMCDxFkY5zpc9Km/spmzYE0o
ZvSMKFfGXPxf1GgtgJnOkaSx9T6jGEVSy+48GH94tnASE+R4Iji9NbWdlavOopFn
8grzmTYamKbRQ207mbrwg3AVY4fge56kLy8PliyrZ+no8H0M99YFv1LWJN2EG/Dm
LHB30zgN80xNc7GnsV0piPgxjAtF0dUplR90kB2+Xe9Y4PG4WRc6l9r24b2LS67h
WFE5ae7RyEEziMYDt2j4pJxGqba6BjH2McWLIWiGGgn79+kyDV/ZQUlBpwOYkdxr
FYnsdvKfOlIBC7SusP1AwApHT1Zt8Sk4rqGvASjWkk8UxmYOf1f53lvgCrybAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU9Z1JyqSW1SKtj6OG05R/KOlwCfowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzkzMzMzMzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0d8wDQYJKoZIhvcNAQELBQADggEBAGWRnMNGR7uy60k61rnpDRXciikMpDMI
AhJc4BslGk0zvMfhC7vh/1ZF/uPUCc+iVonFl0ptfYiWJrhciHqLWA2KJAaGkRBa
Aa163oJKmrydeYFs8dwRF9ZyQnr03tGDAkC7aUDfzRGAosLPlFobJKaiJ4t2w9NZ
6zK3ZIebTAl/CvgBB7DD2lwZ0INBN8b7gE+Mtf249DJQHrUjveqhne1KP5nH2ELo
vDrgVBYDnItAs+8hpHp3g6c7KrG0budLy/lgx3AmBhlzlo0sWrVN1m85/1V/Etxb
7WEsHlY0CEyq1I/WMilO7Z716v1QJcTfq/Z/H8HJdsnw13NqefD5JDw=
-----END CERTIFICATE-----
Generated at Tue Feb 27 01:01:55 2024 by rpki-client on console.sobornost.net