Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215287.roa
File: AS215287.roa (raw, json)
Hash identifier: wfTi2jBSHAywSa0OHUBKiASnRSCCfhVEMPHq5zPMTuo=
Subject key identifier: 59:43:12:37:E5:0C:9A:E0:54:CA:ED:3F:82:1E:49:94:1C:4D:C4:3A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0E4D27706CCB9E3C50CEBA5E957EEC7BF5E78105
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215287.roa
Signing time: Thu 08 May 2025 00:00:10 +0000
ROA not before: Wed 07 May 2025 23:55:10 +0000
ROA not after: Thu 07 May 2026 00:00:10 +0000
asID: 215287
IP address blocks: 140.150.232.0/24 maxlen: 24
140.150.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 00:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:4d:27:70:6c:cb:9e:3c:50:ce:ba:5e:95:7e:ec:7b:f5:e7:81:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 7 23:55:10 2025 GMT
Not After : May 7 00:00:10 2026 GMT
Subject: CN=59431237E50C9AE054CAED3F821E49941C4DC43A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2e:c6:06:61:9b:45:b7:dd:b7:7c:9d:17:92:
dc:6a:94:2d:33:40:de:84:ea:59:ed:29:79:bc:41:
fe:76:75:c4:0c:70:2f:9c:f0:35:12:e2:72:86:44:
a1:d8:8c:3d:6f:e8:fe:c2:62:39:74:78:4e:3f:15:
c1:27:10:0f:4e:6f:c8:e3:d9:bd:67:af:d3:f9:43:
b6:36:aa:c3:cb:27:5e:6b:fd:cf:7f:c3:1a:96:47:
59:45:34:4e:4b:c8:0a:5a:af:2f:08:5b:b6:b3:19:
03:e4:f5:8e:f4:c8:73:05:a7:c8:b8:65:9c:1a:86:
a8:57:72:2d:f6:4a:c0:60:6c:9c:a4:02:0a:3d:ac:
8a:d0:92:d4:2f:78:94:ec:65:4b:b2:a4:ae:cd:c9:
0d:db:8e:5b:14:49:47:6e:fd:e8:dc:bd:c7:fc:73:
fb:d1:f1:44:40:48:06:b1:da:64:21:86:a5:28:cd:
df:09:72:52:16:d5:a2:79:7b:c6:40:d4:62:0c:1d:
a7:b5:e4:79:64:58:7e:3b:fb:5c:f1:ad:d2:4d:5c:
df:f8:39:9b:07:23:5f:dc:fe:23:13:a0:0c:72:b6:
fa:0a:d8:11:84:97:63:ff:08:9d:fb:96:b8:85:40:
5b:a0:d8:dd:32:bb:6b:89:ed:3b:36:40:a1:2c:36:
67:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:43:12:37:E5:0C:9A:E0:54:CA:ED:3F:82:1E:49:94:1C:4D:C4:3A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215287.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.232.0/23
Signature Algorithm: sha256WithRSAEncryption
01:2e:53:9c:b6:91:43:16:15:51:fa:60:ef:f0:2a:95:df:64:
47:0d:b5:1b:28:5d:aa:da:cf:8a:c0:18:5c:42:03:31:bc:69:
ae:a8:8d:33:11:bc:fc:9f:60:c7:77:d2:15:f6:b5:ca:71:e5:
d8:db:84:da:f6:39:c3:22:e0:00:b9:94:c4:de:16:12:86:15:
fb:c1:0a:a4:70:c6:f4:b7:ed:de:f7:b0:5e:7e:c7:d9:7d:23:
2b:d1:60:ae:29:00:18:51:5f:50:a6:15:64:02:fd:69:e3:e3:
8a:5e:c4:31:a9:14:f9:4b:0e:20:9d:ac:25:42:a1:35:40:e2:
e2:73:bd:6d:be:e7:a8:d1:fd:41:39:bb:2d:bc:fc:9a:18:57:
f3:de:e8:5c:34:1b:a3:99:75:8e:29:3c:1a:3b:78:37:cd:79:
d1:15:02:b7:fb:e6:31:19:d6:54:c9:e5:bc:89:60:6e:d8:17:
75:05:df:d0:ac:63:f7:08:08:02:00:44:f9:85:0d:62:fd:44:
17:a0:68:d5:3e:ce:1e:f0:f6:6b:bf:90:cb:d9:9e:a4:1d:76:
18:f5:a2:e6:aa:7c:ce:5e:47:1b:ef:90:79:d7:14:ba:f0:a3:
10:9a:f8:75:75:d8:23:2a:33:e0:bf:bb:e1:1c:a5:fa:31:6c:
68:b3:05:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUDk0ncGzLnjxQzrpelX7se/XngQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDcyMzU1MTBaFw0yNjA1MDcwMDAwMTBaMDMxMTAvBgNV
BAMTKDU5NDMxMjM3RTUwQzlBRTA1NENBRUQzRjgyMUU0OTk0MUM0REM0M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXLsYGYZtFt923fJ0XktxqlC0z
QN6E6lntKXm8Qf52dcQMcC+c8DUS4nKGRKHYjD1v6P7CYjl0eE4/FcEnEA9Ob8jj
2b1nr9P5Q7Y2qsPLJ15r/c9/wxqWR1lFNE5LyApary8IW7azGQPk9Y70yHMFp8i4
ZZwahqhXci32SsBgbJykAgo9rIrQktQveJTsZUuypK7NyQ3bjlsUSUdu/ejcvcf8
c/vR8URASAax2mQhhqUozd8JclIW1aJ5e8ZA1GIMHae15HlkWH47+1zxrdJNXN/4
OZsHI1/c/iMToAxytvoK2BGEl2P/CJ37lriFQFug2N0yu2uJ7Ts2QKEsNmfNAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUWUMSN+UMmuBUyu0/gh5JlBxNxDowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1Mjg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjJbo
MA0GCSqGSIb3DQEBCwUAA4IBAQABLlOctpFDFhVR+mDv8CqV32RHDbUbKF2q2s+K
wBhcQgMxvGmuqI0zEbz8n2DHd9IV9rXKceXY24Ta9jnDIuAAuZTE3hYShhX7wQqk
cMb0t+3e97BefsfZfSMr0WCuKQAYUV9QphVkAv1p4+OKXsQxqRT5Sw4gnawlQqE1
QOLic71tvueo0f1BObstvPyaGFfz3uhcNBujmXWOKTwaO3g3zXnRFQK3++YxGdZU
yeW8iWBu2Bd1Bd/QrGP3CAgCAET5hQ1i/UQXoGjVPs4e8PZrv5DL2Z6kHXYY9aLm
qnzOXkcb75B51xS68KMQmvh1ddgjKjPgv7vhHKX6MWxoswVT
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:49:41 2025 by rpki-client