Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212235.roa
File: AS212235.roa (raw, json)
Hash identifier: qxqnl/nDRBKFeK83C8MtDjafi0w+5pYU9xGkjoa5jZw=
Subject key identifier: 76:1E:EA:37:CB:54:00:92:9F:45:B5:AF:5A:93:BB:2D:22:1C:26:A2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 327D466B0DAA38CCD164B00DFD2FCBA7812D73DC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212235.roa
Signing time: Tue 29 Aug 2023 08:24:01 +0000
ROA not before: Tue 29 Aug 2023 08:19:01 +0000
ROA not after: Tue 27 Aug 2024 08:24:01 +0000
asID: 212235
IP address blocks: 191.101.201.0/24 maxlen: 24
191.101.221.0/24 maxlen: 24
191.101.222.0/24 maxlen: 24
191.101.245.0/24 maxlen: 24
191.101.249.0/24 maxlen: 24
191.101.251.0/24 maxlen: 24
193.7.201.0/24 maxlen: 24
193.31.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 08:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:7d:46:6b:0d:aa:38:cc:d1:64:b0:0d:fd:2f:cb:a7:81:2d:73:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 29 08:19:01 2023 GMT
Not After : Aug 27 08:24:01 2024 GMT
Subject: CN=761EEA37CB5400929F45B5AF5A93BB2D221C26A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:28:28:30:25:ab:28:53:d7:fa:fa:05:32:55:
4b:22:e2:32:c3:82:44:b0:40:b8:24:6d:f9:9e:f8:
13:6b:f9:50:c6:82:9d:65:f7:5d:cc:49:ea:05:3e:
36:44:11:b7:d5:7f:1f:16:13:0a:67:3c:2c:54:69:
8a:3a:18:25:68:d2:ad:05:7d:69:ef:c9:57:2f:5d:
e1:30:14:f7:d0:b6:51:09:57:bc:80:b5:fa:13:ff:
1d:c3:34:a5:b2:3e:38:0d:85:e9:b5:ae:c1:2a:0e:
bb:b8:bc:22:a8:48:b8:d1:06:47:54:1b:58:e8:6e:
eb:44:6b:f4:33:e7:a7:b4:f4:86:27:1f:72:0d:c9:
57:5a:c7:66:82:70:79:d1:6b:a3:45:a4:d9:31:db:
4b:97:0c:95:90:6e:a7:95:e2:80:f2:0f:d0:9e:47:
77:a5:0f:d7:a4:c6:32:c6:08:31:73:a2:08:00:98:
7b:6b:46:14:a4:bf:ce:55:92:89:36:e9:90:9c:b8:
02:70:3a:c7:22:24:ec:c3:5f:df:2e:68:35:c5:07:
52:f7:fc:ca:d5:a4:e9:35:b7:c1:7e:5d:55:ed:d6:
75:83:45:12:69:90:3b:24:71:c2:33:3c:b0:0f:7a:
21:02:44:d8:2d:07:3d:ce:69:27:ce:d1:5a:d7:dc:
0d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1E:EA:37:CB:54:00:92:9F:45:B5:AF:5A:93:BB:2D:22:1C:26:A2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS212235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.201.0/24
191.101.221.0-191.101.222.255
191.101.245.0/24
191.101.249.0/24
191.101.251.0/24
193.7.201.0/24
193.31.43.0/24
Signature Algorithm: sha256WithRSAEncryption
94:46:36:42:f2:e2:bf:be:ac:f2:12:b0:81:ca:fd:b2:d0:47:
ad:41:68:49:e5:bf:c0:f2:e2:dd:a1:16:30:1d:0f:ea:8d:39:
2b:b5:87:0a:41:84:bf:3b:b0:b9:c4:82:e1:87:24:2d:0e:79:
a4:b3:7f:fb:51:ae:78:ec:a9:d3:63:31:6c:79:cf:0e:b9:7d:
2d:ce:82:f5:31:dc:30:e0:86:0d:ff:c9:40:72:ee:e6:3c:9d:
a7:bc:b5:fb:7e:ac:b3:7f:7b:48:e2:db:6b:53:e9:f7:cf:cc:
9a:89:b4:84:b1:8f:f8:71:09:b2:ca:25:60:06:6a:30:15:70:
1a:3c:4e:88:74:55:61:d5:02:4d:1f:b4:b8:00:5b:df:e7:69:
a0:22:53:b6:f8:a0:6a:61:69:0c:fb:c1:b8:b7:c7:d3:b8:2f:
5d:ee:30:3b:ed:bc:9c:a7:81:41:54:51:ba:27:33:ee:90:13:
ca:73:3c:eb:6a:5a:5d:66:aa:e9:2e:0b:d1:b6:94:4b:b3:84:
ab:2b:fd:27:03:40:99:97:01:89:4e:d5:1b:3b:2f:15:12:d9:
cb:06:fc:26:9f:41:1e:a1:db:4a:be:12:53:ba:67:fa:38:5a:
ad:75:9a:ed:59:7a:4b:82:9a:7b:87:35:62:8d:7f:7b:70:88:
71:ed:ef:1f
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUMn1Gaw2qOMzRZLAN/S/Lp4Etc9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA4MjkwODE5MDFaFw0yNDA4MjcwODI0MDFaMDMxMTAvBgNV
BAMTKDc2MUVFQTM3Q0I1NDAwOTI5RjQ1QjVBRjVBOTNCQjJEMjIxQzI2QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3KCgwJasoU9f6+gUyVUsi4jLD
gkSwQLgkbfme+BNr+VDGgp1l913MSeoFPjZEEbfVfx8WEwpnPCxUaYo6GCVo0q0F
fWnvyVcvXeEwFPfQtlEJV7yAtfoT/x3DNKWyPjgNhem1rsEqDru4vCKoSLjRBkdU
G1jobutEa/Qz56e09IYnH3INyVdax2aCcHnRa6NFpNkx20uXDJWQbqeV4oDyD9Ce
R3elD9ekxjLGCDFzoggAmHtrRhSkv85Vkok26ZCcuAJwOsciJOzDX98uaDXFB1L3
/MrVpOk1t8F+XVXt1nWDRRJpkDskccIzPLAPeiECRNgtBz3OaSfO0VrX3A1rAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUdh7qN8tUAJKfRbWvWpO7LSIcJqIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEyMjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAv2XJ
MAwDBAC/Zd0DBAC/Zd4DBAC/ZfUDBAC/ZfkDBAC/ZfsDBADBB8kDBADBHyswDQYJ
KoZIhvcNAQELBQADggEBAJRGNkLy4r++rPISsIHK/bLQR61BaEnlv8Dy4t2hFjAd
D+qNOSu1hwpBhL87sLnEguGHJC0OeaSzf/tRrnjsqdNjMWx5zw65fS3OgvUx3DDg
hg3/yUBy7uY8nae8tft+rLN/e0ji22tT6ffPzJqJtISxj/hxCbLKJWAGajAVcBo8
Toh0VWHVAk0ftLgAW9/naaAiU7b4oGphaQz7wbi3x9O4L13uMDvtvJyngUFUUbon
M+6QE8pzPOtqWl1mqukuC9G2lEuzhKsr/ScDQJmXAYlO1Rs7LxUS2csG/CafQR6h
20q+ElO6Z/o4Wq11mu1ZekuCmnuHNWKNf3twiHHt7x8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org