Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
File: AS16589.roa (raw, json)
Hash identifier: 4FY6SFt2gVLL2Gv7qNjYfrbPoYLtGppN0HjZdEavuwY=
Subject key identifier: 98:82:71:93:BB:A5:4B:AA:FC:B8:02:06:B9:C4:90:C0:CF:F5:87:5A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 579B64AD294BF40781656F58C382D57B0F678785
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
Signing time: Fri 15 Nov 2024 12:21:37 +0000
ROA not before: Fri 15 Nov 2024 12:16:37 +0000
ROA not after: Fri 14 Nov 2025 12:21:37 +0000
asID: 16589
IP address blocks: 150.241.192.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 07:42:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9b:64:ad:29:4b:f4:07:81:65:6f:58:c3:82:d5:7b:0f:67:87:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 15 12:16:37 2024 GMT
Not After : Nov 14 12:21:37 2025 GMT
Subject: CN=98827193BBA54BAAFCB80206B9C490C0CFF5875A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:cb:ad:b5:73:f9:2e:de:ae:8b:b9:5e:d7:6f:
ad:a6:33:fc:cb:60:4c:84:f5:60:bc:4f:85:1e:b2:
11:57:0f:b2:4e:b9:3a:c9:d1:3e:ad:14:4a:e5:cf:
6c:33:91:3a:ea:0c:09:61:1d:80:ac:b7:0f:0e:a4:
d8:af:7c:8f:30:86:40:b1:88:a7:43:c8:ce:eb:34:
86:62:f4:ad:ec:e7:fc:a1:e7:5c:89:3c:81:26:c1:
d9:03:1f:c3:03:c8:02:7d:0b:23:93:f5:57:80:89:
45:ad:72:a6:ad:14:00:c9:68:d8:40:b8:e3:dd:fe:
73:a2:97:ce:ed:82:17:b0:72:09:1c:b8:2b:92:d4:
e6:bf:38:ef:b9:17:b7:e3:d8:b5:71:52:64:dd:e4:
75:8e:cc:3b:07:74:97:27:e3:85:09:7d:6e:2d:cd:
5c:f6:32:ed:cf:0a:0b:67:6f:6b:e2:ee:e6:23:ce:
39:61:36:fc:ec:b0:f3:2a:c9:75:9f:3c:0e:65:d5:
47:dc:e5:e5:8c:57:95:32:60:ec:e6:29:48:c1:7c:
c2:37:bb:d6:a2:f2:2c:68:b9:e7:19:67:62:a9:7d:
d8:28:3d:30:30:7d:a0:27:16:d4:7b:5e:f9:fe:b0:
02:ab:35:55:2e:1e:df:ef:92:f3:6e:8c:13:19:db:
43:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:82:71:93:BB:A5:4B:AA:FC:B8:02:06:B9:C4:90:C0:CF:F5:87:5A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16589.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.192.0/18
Signature Algorithm: sha256WithRSAEncryption
af:18:b3:9e:9a:90:4a:4f:b3:37:92:9e:00:f9:b6:69:a0:fc:
84:a9:84:b3:bc:81:63:a2:3d:c2:1e:d7:2e:9d:a6:7e:b6:3f:
19:2f:12:a2:c4:b1:01:62:9a:88:84:29:1d:9f:5a:19:36:32:
e7:14:6e:13:4f:73:17:91:0a:65:42:f0:6d:61:f2:79:2e:e3:
28:57:2a:55:bd:5f:6b:9c:3b:ca:99:6f:41:2c:78:70:fa:1d:
10:c1:0a:ce:0c:bf:a3:b8:30:2e:a0:63:af:bc:b7:86:be:15:
5f:74:0b:c0:7b:20:a0:66:40:a8:bb:04:2d:4d:b5:ef:7d:49:
92:aa:c0:ac:e1:24:a6:85:e7:33:3a:b0:d9:9b:ce:37:77:1e:
24:a5:38:ed:8b:a1:26:7b:89:b0:b8:f8:87:e1:64:02:44:c7:
45:bc:13:2e:49:41:ca:cd:9b:35:71:6b:e5:e1:4b:aa:6d:f6:
bb:69:cf:ac:0d:0c:6e:c0:21:03:c4:2a:70:5c:23:b7:a9:4b:
d0:99:db:90:d5:7d:d9:d2:7b:97:5d:8e:fe:cb:3d:63:ae:79:
01:a3:0a:f9:ed:9e:a3:0a:49:bc:ab:4a:00:22:39:11:95:5e:
55:6c:71:4b:5b:5e:5e:fe:fb:fe:5d:47:16:c4:eb:6e:7b:97:
0e:a3:56:ee
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUV5tkrSlL9AeBZW9Yw4LVew9nh4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMTUxMjE2MzdaFw0yNTExMTQxMjIxMzdaMDMxMTAvBgNV
BAMTKDk4ODI3MTkzQkJBNTRCQUFGQ0I4MDIwNkI5QzQ5MEMwQ0ZGNTg3NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpy621c/ku3q6LuV7Xb62mM/zL
YEyE9WC8T4UeshFXD7JOuTrJ0T6tFErlz2wzkTrqDAlhHYCstw8OpNivfI8whkCx
iKdDyM7rNIZi9K3s5/yh51yJPIEmwdkDH8MDyAJ9CyOT9VeAiUWtcqatFADJaNhA
uOPd/nOil87tghewcgkcuCuS1Oa/OO+5F7fj2LVxUmTd5HWOzDsHdJcn44UJfW4t
zVz2Mu3PCgtnb2vi7uYjzjlhNvzssPMqyXWfPA5l1Ufc5eWMV5UyYOzmKUjBfMI3
u9ai8ixouecZZ2KpfdgoPTAwfaAnFtR7Xvn+sAKrNVUuHt/vkvNujBMZ20P3AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUmIJxk7ulS6r8uAIGucSQwM/1h1owHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1ODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAaW8cAw
DQYJKoZIhvcNAQELBQADggEBAK8Ys56akEpPszeSngD5tmmg/ISphLO8gWOiPcIe
1y6dpn62PxkvEqLEsQFimoiEKR2fWhk2MucUbhNPcxeRCmVC8G1h8nku4yhXKlW9
X2ucO8qZb0EseHD6HRDBCs4Mv6O4MC6gY6+8t4a+FV90C8B7IKBmQKi7BC1Nte99
SZKqwKzhJKaF5zM6sNmbzjd3HiSlOO2LoSZ7ibC4+IfhZAJEx0W8Ey5JQcrNmzVx
a+XhS6pt9rtpz6wNDG7AIQPEKnBcI7epS9CZ25DVfdnSe5ddjv7LPWOueQGjCvnt
nqMKSbyrSgAiORGVXlVscUtbXl7++/5dRxbE6257lw6jVu4=
-----END CERTIFICATE-----
Generated at Mon Nov 18 10:07:14 2024 by rpki-client on console-fra.rpki-client.org