Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: 8/1aj0v4jwlokYO+CmxKx1tAgdGGKF2CkR3sLVQFqXI=
Subject key identifier: 1D:8C:6E:04:B9:A9:31:61:BA:69:08:94:8F:69:F3:23:FE:17:0C:D2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1C7F107B63C4AACAF2CBF03216E666AC6C8C64AC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
Signing time: Wed 03 Jul 2024 03:44:55 +0000
ROA not before: Wed 03 Jul 2024 03:39:55 +0000
ROA not after: Wed 02 Jul 2025 03:44:55 +0000
asID: 20473
IP address blocks: 147.79.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Aug 2024 00:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:7f:10:7b:63:c4:aa:ca:f2:cb:f0:32:16:e6:66:ac:6c:8c:64:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 3 03:39:55 2024 GMT
Not After : Jul 2 03:44:55 2025 GMT
Subject: CN=1D8C6E04B9A93161BA6908948F69F323FE170CD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:93:52:5d:a4:c0:9b:3f:7b:9f:36:22:a0:
ec:3c:4f:3f:9f:f0:f3:b8:20:7e:c2:cd:5b:b5:dd:
f4:5d:3c:61:7a:8f:11:b2:07:e8:23:16:57:fd:93:
4f:e7:37:c8:77:9d:25:37:87:86:51:5f:92:2f:e5:
f6:62:48:28:9e:45:f0:35:2d:f4:04:48:5f:db:a3:
f6:de:97:e1:84:95:f9:50:85:b9:c5:15:85:9f:a5:
e2:72:a4:fa:5a:c2:16:13:e5:b0:c9:df:74:1b:1a:
3e:fc:28:8d:f5:b8:60:d4:2c:4e:5b:e3:74:2b:9d:
a4:b1:11:f1:3d:0f:2a:9a:96:3a:22:9a:fe:a1:ed:
49:39:79:a0:7c:20:66:01:d4:d3:65:db:65:c7:02:
c4:39:98:fd:4a:4c:c1:a4:40:e2:f0:29:cf:dc:cc:
63:3b:ff:1b:76:eb:02:42:5f:bc:ee:7a:06:7d:9b:
28:c2:a1:be:0e:d2:e0:15:0a:b5:53:14:c4:c2:ad:
68:44:3a:cc:91:f5:29:09:38:84:94:e1:f5:28:c0:
de:fd:c5:bc:ca:c4:7b:9a:34:ff:61:a9:56:46:5a:
e7:3e:31:06:9d:c3:4b:82:82:df:3d:6d:28:f1:76:
9f:32:aa:3b:e5:93:de:e2:8b:9a:c5:c5:ad:ca:a9:
11:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8C:6E:04:B9:A9:31:61:BA:69:08:94:8F:69:F3:23:FE:17:0C:D2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.79.52.0/22
Signature Algorithm: sha256WithRSAEncryption
67:bc:2c:c2:50:f9:f2:ea:2d:9c:69:7a:da:4a:30:1a:5d:f9:
5d:55:db:b1:e4:65:a8:10:09:b2:b3:ee:d7:c0:10:02:77:f7:
7b:cc:88:e4:d6:fd:7f:82:a8:01:55:33:57:71:48:9a:0a:5b:
9b:03:3d:49:3f:f2:2b:cf:49:e9:ee:dd:e6:9c:42:b3:61:63:
7a:17:4b:df:b1:d9:0b:7c:af:0a:be:1d:d3:d0:2f:8d:03:18:
5a:80:fa:e7:89:4f:67:29:36:10:ac:a3:40:bf:0a:ed:b5:0a:
04:fb:0c:d6:65:3c:25:d0:e8:6d:de:a9:7f:b6:ee:a8:74:2a:
77:4b:43:c1:a7:a7:ae:99:05:40:4c:66:cd:fd:d9:3e:13:d3:
49:ee:fc:4f:ce:88:8a:8c:85:8b:d1:75:93:6b:59:4d:a8:a7:
6c:dc:e0:e3:28:66:26:0e:aa:8b:89:7a:72:70:ce:94:18:b6:
f1:f0:8d:ac:ed:de:7a:11:8d:e6:82:f5:2a:86:80:71:56:64:
38:91:5a:1e:11:12:31:7a:00:87:67:7c:4f:7d:71:60:91:67:
09:ef:21:c1:b3:df:8f:6c:64:a9:c4:eb:cf:cf:9e:bf:3c:38:
8c:c9:a6:e6:30:ce:af:e3:c8:14:3a:cd:73:e3:5e:f8:b6:63:
e3:00:ff:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUHH8Qe2PEqsryy/AyFuZmrGyMZKwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA3MDMwMzM5NTVaFw0yNTA3MDIwMzQ0NTVaMDMxMTAvBgNV
BAMTKDFEOEM2RTA0QjlBOTMxNjFCQTY5MDg5NDhGNjlGMzIzRkUxNzBDRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy65NSXaTAmz97nzYioOw8Tz+f
8PO4IH7CzVu13fRdPGF6jxGyB+gjFlf9k0/nN8h3nSU3h4ZRX5Iv5fZiSCieRfA1
LfQESF/bo/bel+GElflQhbnFFYWfpeJypPpawhYT5bDJ33QbGj78KI31uGDULE5b
43QrnaSxEfE9Dyqaljoimv6h7Uk5eaB8IGYB1NNl22XHAsQ5mP1KTMGkQOLwKc/c
zGM7/xt26wJCX7zuegZ9myjCob4O0uAVCrVTFMTCrWhEOsyR9SkJOISU4fUowN79
xbzKxHuaNP9hqVZGWuc+MQadw0uCgt89bSjxdp8yqjvlk97ii5rFxa3KqRHPAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUHYxuBLmpMWG6aQiUj2nzI/4XDNIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKTTzQw
DQYJKoZIhvcNAQELBQADggEBAGe8LMJQ+fLqLZxpetpKMBpd+V1V27HkZagQCbKz
7tfAEAJ393vMiOTW/X+CqAFVM1dxSJoKW5sDPUk/8ivPSenu3eacQrNhY3oXS9+x
2Qt8rwq+HdPQL40DGFqA+ueJT2cpNhCso0C/Cu21CgT7DNZlPCXQ6G3eqX+27qh0
KndLQ8Gnp66ZBUBMZs392T4T00nu/E/OiIqMhYvRdZNrWU2op2zc4OMoZiYOqouJ
enJwzpQYtvHwjazt3noRjeaC9SqGgHFWZDiRWh4REjF6AIdnfE99cWCRZwnvIcGz
349sZKnE68/Pnr88OIzJpuYwzq/jyBQ6zXPjXvi2Y+MA/xg=
-----END CERTIFICATE-----
Generated at Tue Aug 13 03:10:47 2024 by rpki-client on console-fra.rpki-client.org