Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216221.roa
File: AS216221.roa (raw, json)
Hash identifier: MoWvcFv3dGwLmT6gFuttS32vtLu3rR089YUEXnsyPLE=
Subject key identifier: 39:E8:76:AD:23:08:17:C5:16:E0:DB:62:D2:20:76:4D:A9:2E:D7:48
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 34161EAEA10EC0B79D7898146A3040B1496F9331
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216221.roa
Signing time: Sat 03 May 2025 17:51:55 +0000
ROA not before: Sat 03 May 2025 17:46:55 +0000
ROA not after: Sat 02 May 2026 17:51:55 +0000
asID: 216221
IP address blocks: 155.117.24.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 00:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:16:1e:ae:a1:0e:c0:b7:9d:78:98:14:6a:30:40:b1:49:6f:93:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 3 17:46:55 2025 GMT
Not After : May 2 17:51:55 2026 GMT
Subject: CN=39E876AD230817C516E0DB62D220764DA92ED748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8d:9b:79:ab:b4:06:82:37:3c:0f:79:a0:60:
c0:3f:58:f8:c7:3a:0a:9e:5c:e8:65:f0:59:8a:13:
79:62:4f:e0:f5:27:88:3a:c0:95:f7:4d:4c:29:9e:
74:d4:d2:ae:e9:b2:6b:7f:db:68:27:aa:a3:52:bf:
10:4b:8a:1e:d1:58:01:d8:ef:94:12:9b:d4:7c:34:
8b:de:81:d7:3b:8c:3b:83:15:57:92:a6:70:99:55:
4a:91:8c:f0:f0:1a:18:4b:4e:3e:07:ff:60:88:54:
ac:ba:0f:e4:14:c4:4d:5f:e4:09:19:00:92:8e:6e:
c6:cc:7e:7c:aa:ed:25:07:24:5a:83:9d:8b:7e:45:
2d:7a:8f:1f:44:59:f2:43:84:85:d9:b4:0f:95:83:
f3:a1:3e:51:f3:27:89:c5:be:5f:f9:86:2d:22:1e:
97:c4:42:27:ea:9e:49:37:f2:3e:e7:3d:c1:e5:b4:
d6:63:0b:9c:e1:a9:76:2d:99:ba:80:4e:d1:4b:85:
04:af:e7:65:95:b1:62:76:e4:d2:a2:95:a8:5e:ff:
2f:09:ba:82:ed:08:3c:3d:9d:ad:d8:16:c1:02:e6:
d7:d4:0a:2c:78:75:fa:e3:87:e1:8f:e6:96:b8:a1:
2d:0e:ff:ea:b6:f3:a5:33:00:10:ce:43:65:50:23:
95:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E8:76:AD:23:08:17:C5:16:E0:DB:62:D2:20:76:4D:A9:2E:D7:48
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS216221.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.24.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:88:9c:5a:ac:d1:00:e2:0c:89:be:fa:20:0c:bb:64:64:b4:
c0:87:97:a2:44:99:de:a1:16:6a:e4:76:28:b8:aa:c9:1c:33:
02:5e:a1:22:97:aa:02:fe:e0:c3:02:f6:8e:e2:d5:16:31:5e:
04:6b:48:52:82:52:09:8d:36:6b:05:d9:8b:5e:87:63:d2:95:
d4:4d:54:98:3e:aa:49:b4:11:6f:df:7e:9f:fa:a4:87:fe:d9:
ae:13:c0:89:43:4f:38:68:23:ab:d8:66:fa:a4:75:e0:a7:44:
56:82:21:09:93:51:d3:93:05:51:00:0e:e0:00:7f:47:96:1d:
be:0a:32:67:96:40:3f:19:5b:03:cd:c2:09:00:9d:c6:24:ac:
a3:ca:be:54:4c:1d:7d:c6:df:50:ff:5f:a4:e1:e9:69:e7:88:
c7:cf:04:d0:2c:e5:05:15:e0:82:5a:75:84:d0:be:6b:be:ce:
af:12:b8:e3:e2:1a:de:15:ce:44:f6:02:32:c7:9e:68:da:55:
07:e9:f2:25:92:3e:86:9a:fa:09:b4:96:f6:e0:24:2c:89:37:
90:b0:5f:ec:59:fd:bb:3d:4f:6a:20:79:4b:c0:86:b5:7c:f1:
5e:99:37:a5:cd:e6:9b:b3:69:9d:84:c1:48:00:d9:93:d6:27:
28:36:ed:f7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUNBYerqEOwLedeJgUajBAsUlvkzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDMxNzQ2NTVaFw0yNjA1MDIxNzUxNTVaMDMxMTAvBgNV
BAMTKDM5RTg3NkFEMjMwODE3QzUxNkUwREI2MkQyMjA3NjREQTkyRUQ3NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjZt5q7QGgjc8D3mgYMA/WPjH
OgqeXOhl8FmKE3liT+D1J4g6wJX3TUwpnnTU0q7psmt/22gnqqNSvxBLih7RWAHY
75QSm9R8NIvegdc7jDuDFVeSpnCZVUqRjPDwGhhLTj4H/2CIVKy6D+QUxE1f5AkZ
AJKObsbMfnyq7SUHJFqDnYt+RS16jx9EWfJDhIXZtA+Vg/OhPlHzJ4nFvl/5hi0i
HpfEQifqnkk38j7nPcHltNZjC5zhqXYtmbqATtFLhQSv52WVsWJ25NKilahe/y8J
uoLtCDw9na3YFsEC5tfUCix4dfrjh+GP5pa4oS0O/+q286UzABDOQ2VQI5XxAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUOeh2rSMIF8UW4Nti0iB2Taku10gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE2MjIxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDm3UY
MA0GCSqGSIb3DQEBCwUAA4IBAQBtiJxarNEA4gyJvvogDLtkZLTAh5eiRJneoRZq
5HYouKrJHDMCXqEil6oC/uDDAvaO4tUWMV4Ea0hSglIJjTZrBdmLXodj0pXUTVSY
PqpJtBFv336f+qSH/tmuE8CJQ084aCOr2Gb6pHXgp0RWgiEJk1HTkwVRAA7gAH9H
lh2+CjJnlkA/GVsDzcIJAJ3GJKyjyr5UTB19xt9Q/1+k4elp54jHzwTQLOUFFeCC
WnWE0L5rvs6vErjj4hreFc5E9gIyx55o2lUH6fIlkj6GmvoJtJb24CQsiTeQsF/s
Wf27PU9qIHlLwIa1fPFemTelzeabs2mdhMFIANmT1icoNu33
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:53:48 2025 by rpki-client