Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215287.roa
File: AS215287.roa (raw, json)
Hash identifier: 64cwh2qV9ot8vb9GIfVht7PNa9B9/v9Tsz6SO3SZNbc=
Subject key identifier: 96:47:43:A5:E5:F2:CB:C2:A1:2E:3F:E2:39:38:BA:61:D9:61:44:80
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 55BF6C3FD65FEF753BB06D668813CDC9E1CF706A
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215287.roa
Signing time: Sun 02 Mar 2025 19:01:25 +0000
ROA not before: Sun 02 Mar 2025 18:56:25 +0000
ROA not after: Sun 01 Mar 2026 19:01:25 +0000
asID: 215287
IP address blocks: 145.223.66.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 00:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:bf:6c:3f:d6:5f:ef:75:3b:b0:6d:66:88:13:cd:c9:e1:cf:70:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 2 18:56:25 2025 GMT
Not After : Mar 1 19:01:25 2026 GMT
Subject: CN=964743A5E5F2CBC2A12E3FE23938BA61D9614480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b8:62:f6:99:09:6b:b1:48:84:b6:77:e5:17:
b0:2e:0f:66:51:a5:ca:c6:09:b2:97:88:35:5d:a7:
93:e9:2b:1d:13:a8:4a:65:27:da:51:cd:ad:71:6b:
9a:d1:d9:79:3c:76:35:bd:27:9b:6d:9b:46:18:3a:
e3:2c:73:c9:af:64:e5:39:b1:c3:8d:90:b4:99:f4:
91:24:b0:94:0a:11:0c:66:2c:f8:00:d2:4a:b3:bf:
60:e2:98:ce:5d:aa:96:8b:62:27:a5:be:ec:cc:e0:
34:3b:fe:83:a7:30:57:5c:4a:70:65:78:e2:4f:43:
dd:c9:04:c6:60:da:24:9a:3c:1e:f1:0e:ef:f9:80:
eb:e7:4f:f7:6c:b6:fe:6c:7c:6f:29:8a:f4:b7:e9:
da:1c:7e:b7:65:d2:97:f0:d5:d2:6f:34:6a:0c:44:
c8:d3:4d:fa:24:e6:f9:62:2a:d8:7e:f9:a3:03:1e:
26:d8:ec:f5:3a:98:02:42:c6:b9:bb:ba:73:d7:0d:
d4:f7:df:5a:9b:67:55:18:da:fc:e9:b3:df:6a:aa:
04:45:61:00:44:99:87:12:46:07:89:08:5e:12:d4:
2d:83:a0:fc:86:c9:f1:ca:38:d4:4e:85:f3:61:97:
98:fc:54:a0:d2:f6:47:49:98:64:38:96:9b:2f:c4:
71:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:47:43:A5:E5:F2:CB:C2:A1:2E:3F:E2:39:38:BA:61:D9:61:44:80
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215287.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.66.0/24
Signature Algorithm: sha256WithRSAEncryption
99:eb:2d:2c:44:a5:11:63:ce:ca:02:5f:7c:38:af:5c:b4:ef:
19:33:f5:63:c2:52:09:a4:c3:e7:fe:29:ae:6f:bb:e0:1f:20:
b4:c2:63:a2:bd:3f:48:84:86:e2:b8:55:9e:58:30:ce:8d:5e:
81:11:67:0e:42:9b:ec:56:68:34:c6:b2:1e:e7:01:0b:69:2b:
33:f7:81:7c:ad:0c:29:ba:5c:52:f8:89:36:84:bd:f4:ad:e8:
cf:47:51:3d:d1:7a:78:9a:a5:6e:d0:66:6a:bc:4e:36:d2:b5:
8a:fa:56:09:e3:68:a3:cb:ba:ca:47:f3:2d:88:34:60:53:09:
af:72:a8:a0:d5:78:8a:39:4b:2c:e6:60:88:d2:f4:e8:77:54:
a8:2d:84:b5:b5:b3:d5:0c:28:d9:dd:dc:bb:68:ff:b5:5f:c2:
85:a1:8b:b9:7d:bf:1e:f3:bc:e3:25:4c:2f:6d:ab:34:cd:0b:
21:a8:94:78:47:c2:15:a6:fe:76:78:8f:b9:33:e9:94:ff:76:
d0:c7:5b:24:51:46:51:3c:3c:7b:f2:d5:c7:d1:50:34:81:b7:
c6:cf:8d:7c:d1:03:e3:45:5b:46:6a:1f:42:62:9e:ab:eb:fd:
60:86:e3:7f:ee:98:88:32:37:48:3e:df:79:5b:df:b4:81:ec:
b0:f2:4e:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUVb9sP9Zf73U7sG1miBPNyeHPcGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMDIxODU2MjVaFw0yNjAzMDExOTAxMjVaMDMxMTAvBgNV
BAMTKDk2NDc0M0E1RTVGMkNCQzJBMTJFM0ZFMjM5MzhCQTYxRDk2MTQ0ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1uGL2mQlrsUiEtnflF7AuD2ZR
pcrGCbKXiDVdp5PpKx0TqEplJ9pRza1xa5rR2Xk8djW9J5ttm0YYOuMsc8mvZOU5
scONkLSZ9JEksJQKEQxmLPgA0kqzv2DimM5dqpaLYielvuzM4DQ7/oOnMFdcSnBl
eOJPQ93JBMZg2iSaPB7xDu/5gOvnT/dstv5sfG8pivS36docfrdl0pfw1dJvNGoM
RMjTTfok5vliKth++aMDHibY7PU6mAJCxrm7unPXDdT331qbZ1UY2vzps99qqgRF
YQBEmYcSRgeJCF4S1C2DoPyGyfHKONROhfNhl5j8VKDS9kdJmGQ4lpsvxHGJAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUlkdDpeXyy8KhLj/iOTi6YdlhRIAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1Mjg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkd9C
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ6y0sRKURY87KAl98OK9ctO8ZM/VjwlIJpMPn
/imub7vgHyC0wmOivT9IhIbiuFWeWDDOjV6BEWcOQpvsVmg0xrIe5wELaSsz94F8
rQwpulxS+Ik2hL30rejPR1E90Xp4mqVu0GZqvE420rWK+lYJ42ijy7rKR/MtiDRg
Uwmvcqig1XiKOUss5mCI0vTod1SoLYS1tbPVDCjZ3dy7aP+1X8KFoYu5fb8e87zj
JUwvbas0zQshqJR4R8IVpv52eI+5M+mU/3bQx1skUUZRPDx78tXH0VA0gbfGz418
0QPjRVtGah9CYp6r6/1ghuN/7piIMjdIPt95W9+0geyw8k67
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:00 2025 by rpki-client