Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
File: AS16589.roa (raw, json)
Hash identifier: ITTqKwaTbnzKVjyf+hebT+HjxSYDFgqFnfyzbrucuBw=
Subject key identifier: 70:F5:6F:4B:BA:89:4E:A5:52:67:71:ED:3E:54:3A:A1:B2:9D:78:57
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 725515B9A0122C43340507EA1A46A00971F4B698
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
Signing time: Tue 03 Jun 2025 12:15:06 +0000
ROA not before: Tue 03 Jun 2025 12:10:06 +0000
ROA not after: Tue 02 Jun 2026 12:15:06 +0000
asID: 16589
IP address blocks: 143.14.255.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:55:15:b9:a0:12:2c:43:34:05:07:ea:1a:46:a0:09:71:f4:b6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 3 12:10:06 2025 GMT
Not After : Jun 2 12:15:06 2026 GMT
Subject: CN=70F56F4BBA894EA5526771ED3E543AA1B29D7857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:d4:df:e5:e6:97:5e:28:83:2a:1d:d4:a6:
42:46:a8:89:ac:8e:ae:32:f4:92:b2:cc:ba:bf:39:
2c:f1:8d:cb:24:1f:a5:c2:de:f7:bb:73:78:7b:64:
41:f8:fe:36:96:a8:e4:d0:4c:5c:e1:23:13:4b:b5:
2c:29:cd:19:5a:1c:65:e5:a2:fc:3f:d9:22:db:1f:
94:ef:d7:d2:32:07:a7:09:90:2a:05:87:ae:34:42:
c1:d0:93:fc:22:50:3f:28:d5:26:f4:d2:bc:4e:8e:
8b:e5:4e:f4:3a:36:72:9d:85:d7:22:83:1a:91:6d:
89:fa:1c:90:04:58:f0:6b:2f:83:c4:d8:6f:0d:3d:
b9:03:85:47:6a:01:a0:79:c9:41:d8:b0:b2:82:79:
f4:57:bf:d8:8b:b4:20:82:b1:db:09:4e:12:44:b9:
10:ee:be:25:f0:a5:36:3f:41:d1:49:07:97:3b:f1:
88:f3:b1:8b:c2:76:f9:96:b0:7d:a5:92:b4:18:46:
26:79:6e:29:10:71:f1:23:48:b5:b7:2d:84:cc:ac:
73:97:8c:c2:82:99:11:82:e5:ce:cb:47:1c:1c:73:
3c:0c:af:02:88:0e:f3:a1:03:e1:21:0b:34:88:07:
48:39:06:07:7f:9b:28:64:58:4f:17:4c:7f:39:32:
5c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F5:6F:4B:BA:89:4E:A5:52:67:71:ED:3E:54:3A:A1:B2:9D:78:57
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.255.0/24
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:20:bb:d1:64:db:8c:72:be:64:6e:4d:bf:46:2d:71:c8:ff:
1c:53:1c:d8:9e:4d:f0:f1:fc:ee:5a:0e:ec:e6:83:22:7a:cb:
16:7b:12:13:48:71:33:15:39:81:af:5e:06:96:6f:d1:0e:7a:
c5:55:65:31:31:99:47:4c:43:f3:2b:69:48:46:64:3d:c9:80:
79:59:99:11:98:93:df:95:13:81:9f:4e:79:29:5a:d2:78:40:
d2:cf:7f:54:4c:3f:66:0d:fa:c2:9f:df:d2:1f:7a:96:43:38:
ca:2d:11:d5:92:65:58:ee:c1:9d:81:42:73:ff:a1:a5:cb:cb:
85:b8:34:8d:d1:27:7d:6f:8c:00:0a:de:e3:15:13:04:fe:a3:
4e:e4:74:02:87:cb:3a:55:37:d7:88:01:ab:14:8e:bc:ae:62:
61:38:1e:d5:23:c6:cf:00:66:16:13:f7:8b:9f:08:ae:0e:03:
46:97:09:5a:f8:ca:2c:72:de:92:8a:f9:7b:dd:9c:9f:bc:9a:
93:cf:11:0c:33:92:12:ef:12:5e:96:b4:b9:42:ab:12:d6:c6:
e3:71:8d:88:a1:03:eb:ea:d7:e5:f5:7a:6b:3e:44:e6:4e:e0:
8a:78:f2:e3:ba:d5:42:bf:5a:7a:c8:d2:fa:4c:f8:9f:99:a1:
62:61:04:19
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUclUVuaASLEM0BQfqGkagCXH0tpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDMxMjEwMDZaFw0yNjA2MDIxMjE1MDZaMDMxMTAvBgNV
BAMTKDcwRjU2RjRCQkE4OTRFQTU1MjY3NzFFRDNFNTQzQUExQjI5RDc4NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChytTf5eaXXiiDKh3UpkJGqIms
jq4y9JKyzLq/OSzxjcskH6XC3ve7c3h7ZEH4/jaWqOTQTFzhIxNLtSwpzRlaHGXl
ovw/2SLbH5Tv19IyB6cJkCoFh640QsHQk/wiUD8o1Sb00rxOjovlTvQ6NnKdhdci
gxqRbYn6HJAEWPBrL4PE2G8NPbkDhUdqAaB5yUHYsLKCefRXv9iLtCCCsdsJThJE
uRDuviXwpTY/QdFJB5c78YjzsYvCdvmWsH2lkrQYRiZ5bikQcfEjSLW3LYTMrHOX
jMKCmRGC5c7LRxwcczwMrwKIDvOhA+EhCzSIB0g5Bgd/myhkWE8XTH85MlzrAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUcPVvS7qJTqVSZ3HtPlQ6obKdeFcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACPDv8D
BACbdfcwDQYJKoZIhvcNAQELBQADggEBAK0gu9Fk24xyvmRuTb9GLXHI/xxTHNie
TfDx/O5aDuzmgyJ6yxZ7EhNIcTMVOYGvXgaWb9EOesVVZTExmUdMQ/MraUhGZD3J
gHlZmRGYk9+VE4GfTnkpWtJ4QNLPf1RMP2YN+sKf39IfepZDOMotEdWSZVjuwZ2B
QnP/oaXLy4W4NI3RJ31vjAAK3uMVEwT+o07kdAKHyzpVN9eIAasUjryuYmE4HtUj
xs8AZhYT94ufCK4OA0aXCVr4yixy3pKK+XvdnJ+8mpPPEQwzkhLvEl6WtLlCqxLW
xuNxjYihA+vq1+X1ems+ROZO4Ip48uO61UK/WnrI0vpM+J+ZoWJhBBk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:52:56 2025 by rpki-client