Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS134143.roa
File: AS134143.roa (raw, json)
Hash identifier: NnYa7z1Z66+Y2pXEzSd1pgeDGyLzRz64nw9mr33nF+k=
Subject key identifier: 4A:A2:A2:FA:FA:82:64:50:E3:A1:68:16:15:83:24:4C:F6:97:D0:DE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6486D71C946096C1FEA17947665C85FA0469739D
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS134143.roa
Signing time: Tue 02 Jul 2024 04:55:26 +0000
ROA not before: Tue 02 Jul 2024 04:50:26 +0000
ROA not after: Tue 01 Jul 2025 04:55:26 +0000
asID: 134143
IP address blocks: 147.79.80.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Aug 2024 09:10:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:86:d7:1c:94:60:96:c1:fe:a1:79:47:66:5c:85:fa:04:69:73:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 2 04:50:26 2024 GMT
Not After : Jul 1 04:55:26 2025 GMT
Subject: CN=4AA2A2FAFA826450E3A168161583244CF697D0DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:73:e9:42:93:bd:c4:6d:12:5e:b5:55:a1:
81:21:9e:f3:70:bf:60:9e:71:80:23:99:35:6c:64:
fb:93:e2:92:dc:70:b8:12:73:f7:ca:64:05:30:3a:
df:db:cb:85:ef:71:dc:14:b8:eb:b4:1d:2e:4e:cd:
38:08:b1:a7:e2:5d:01:67:83:b4:13:da:ce:a2:ba:
44:11:ca:f7:7f:67:f5:b8:74:9f:1a:c9:b5:73:27:
6e:d0:69:40:54:33:e5:67:fd:5a:cd:3f:e5:44:47:
93:bc:9a:61:7f:9a:20:bb:ba:f5:b1:d6:3d:3d:a6:
4c:2b:e0:a4:c2:12:d7:28:c3:2d:90:36:ef:af:a6:
29:6a:55:d7:ae:f3:a4:f6:ee:45:0f:ce:6e:e7:f1:
c9:0f:4c:ee:98:78:c2:49:36:89:ad:fb:0b:52:86:
7a:03:52:02:0a:bd:5f:f1:6d:cf:07:29:8a:a7:22:
0f:3f:b4:77:ac:f3:0c:27:47:38:9a:7b:17:1a:80:
f7:76:8b:32:c4:60:50:74:2c:cc:23:22:ed:bc:da:
ae:a9:ae:27:31:63:1f:4a:82:65:f2:96:8d:cc:b9:
c7:99:64:dc:d6:da:b9:aa:a9:38:12:89:ca:3d:78:
17:63:b0:65:d4:23:ff:91:e7:c5:4b:70:e6:b5:67:
41:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A2:A2:FA:FA:82:64:50:E3:A1:68:16:15:83:24:4C:F6:97:D0:DE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS134143.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.80.0/20
Signature Algorithm: sha256WithRSAEncryption
ba:6a:3a:04:62:68:f5:a6:bc:87:42:eb:2f:49:94:a3:c9:09:
8d:44:46:43:c7:65:03:a1:47:2e:f7:52:96:a4:72:be:b7:b6:
0c:70:0e:ce:df:b8:cf:4e:6a:12:97:8e:3a:e5:05:97:bb:b1:
37:90:cb:c8:47:e8:9a:05:58:2f:a4:65:f7:75:06:e2:18:40:
54:de:1b:19:4a:50:7a:63:51:0d:12:83:4d:82:ab:cf:44:ba:
d2:d4:cf:f3:e3:cc:8a:af:bd:97:ba:d6:dc:9c:14:59:09:f2:
63:85:f1:97:b8:71:67:f8:10:59:1b:5f:af:d7:d7:b8:e1:15:
f5:b4:f3:f1:1f:c4:91:30:62:84:cd:4d:a6:8e:80:4e:d0:db:
b5:fe:c9:c6:33:8f:75:f1:6c:04:cf:5e:5c:b1:0c:38:f7:da:
5f:0f:9d:df:4d:06:4a:72:18:a9:7f:f6:58:a7:5c:6d:44:52:
34:d0:2a:d5:0a:ad:6d:46:ed:2a:e3:f7:7b:9c:40:c4:29:ff:
31:e6:da:5d:57:8a:c9:d7:c1:f9:c9:16:ec:92:70:dd:3a:ac:
cc:21:31:d6:f6:bf:0c:5b:ae:8d:27:01:1b:ba:c6:4e:27:0a:
cc:64:d8:54:df:5e:e0:32:0a:76:e4:ae:af:1b:e4:ce:bc:12:
52:bc:ef:4f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZIbXHJRglsH+oXlHZlyF+gRpc50wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA3MDIwNDUwMjZaFw0yNTA3MDEwNDU1MjZaMDMxMTAvBgNV
BAMTKDRBQTJBMkZBRkE4MjY0NTBFM0ExNjgxNjE1ODMyNDRDRjY5N0QwREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNvHPpQpO9xG0SXrVVoYEhnvNw
v2CecYAjmTVsZPuT4pLccLgSc/fKZAUwOt/by4XvcdwUuOu0HS5OzTgIsafiXQFn
g7QT2s6iukQRyvd/Z/W4dJ8aybVzJ27QaUBUM+Vn/VrNP+VER5O8mmF/miC7uvWx
1j09pkwr4KTCEtcowy2QNu+vpilqVdeu86T27kUPzm7n8ckPTO6YeMJJNomt+wtS
hnoDUgIKvV/xbc8HKYqnIg8/tHes8wwnRziaexcagPd2izLEYFB0LMwjIu282q6p
ricxYx9KgmXylo3MuceZZNzW2rmqqTgSico9eBdjsGXUI/+R58VLcOa1Z0HvAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUSqKi+vqCZFDjoWgWFYMkTPaX0N4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM0MTQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEk09Q
MA0GCSqGSIb3DQEBCwUAA4IBAQC6ajoEYmj1pryHQusvSZSjyQmNREZDx2UDoUcu
91KWpHK+t7YMcA7O37jPTmoSl4465QWXu7E3kMvIR+iaBVgvpGX3dQbiGEBU3hsZ
SlB6Y1ENEoNNgqvPRLrS1M/z48yKr72XutbcnBRZCfJjhfGXuHFn+BBZG1+v19e4
4RX1tPPxH8SRMGKEzU2mjoBO0Nu1/snGM4918WwEz15csQw499pfD53fTQZKchip
f/ZYp1xtRFI00CrVCq1tRu0q4/d7nEDEKf8x5tpdV4rJ18H5yRbsknDdOqzMITHW
9r8MW66NJwEbusZOJwrMZNhU317gMgp25K6vG+TOvBJSvO9P
-----END CERTIFICATE-----
Generated at Sun Aug 25 11:46:20 2024 by rpki-client on console-fra.rpki-client.org