Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: fhoI8jEs8a16yobBWGLNgDnZz0PcNKRwwGjRCkBUu5U=
Subject key identifier: C5:A9:F0:C4:26:EC:85:C6:C0:F3:39:D5:A2:70:1B:67:3E:15:05:5D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2CE67E495BF11DFDEF78093D8F4E5EF370708971
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
Signing time: Thu 03 Oct 2024 00:01:56 +0000
ROA not before: Wed 02 Oct 2024 23:56:56 +0000
ROA not after: Thu 02 Oct 2025 00:01:56 +0000
asID: 21859
IP address blocks: 140.233.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 00:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e6:7e:49:5b:f1:1d:fd:ef:78:09:3d:8f:4e:5e:f3:70:70:89:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 2 23:56:56 2024 GMT
Not After : Oct 2 00:01:56 2025 GMT
Subject: CN=C5A9F0C426EC85C6C0F339D5A2701B673E15055D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:20:53:1e:ea:a0:69:01:e1:6f:1c:87:13:de:
0f:ff:ae:74:7d:06:7d:f3:2b:54:b1:41:75:44:85:
29:d2:89:c6:b0:d3:e2:73:81:97:10:86:9a:1a:f9:
0d:7d:8c:c5:0e:60:79:de:88:d3:c7:36:f5:d8:e8:
fb:2a:90:64:e6:b9:b8:da:0e:34:e8:46:a4:6c:7a:
64:76:b1:23:bd:37:52:f4:d6:4f:da:a6:ba:c7:3b:
cf:ee:05:b2:93:5a:06:af:96:e3:c7:f5:5b:6f:3b:
22:70:b0:5d:9e:4b:06:8a:10:a6:1e:19:44:2d:56:
38:32:0b:4c:8a:19:d9:1c:63:cb:e5:44:9c:3a:82:
38:6a:6d:61:3f:40:74:30:93:37:90:e9:c2:ed:5a:
4b:fd:4b:6f:b0:5f:01:9e:19:ae:43:c8:dd:88:b8:
db:ea:06:50:03:63:d2:13:a3:dd:7c:1f:d1:77:32:
5a:79:0c:f8:e6:0c:dd:e8:4b:b0:d4:c8:e4:0a:bb:
ff:52:ab:4d:bb:84:28:1a:db:25:ae:80:fb:9c:b2:
cd:9a:46:9c:f4:0e:52:62:f9:a0:54:4a:41:28:64:
32:3e:c8:0b:f8:b8:43:b9:71:d5:bd:f0:b6:ee:94:
cf:56:93:30:6a:ab:bc:71:16:88:86:d6:fc:5a:f0:
76:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A9:F0:C4:26:EC:85:C6:C0:F3:39:D5:A2:70:1B:67:3E:15:05:5D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.185.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b1:b1:ae:3d:88:ed:b7:0c:39:61:03:22:48:22:52:8d:e5:
57:f0:98:e5:f6:76:9b:b8:74:c1:d7:78:cb:88:e2:ac:7c:14:
c6:ba:f5:9f:0c:45:8d:be:c4:05:16:c3:a7:cf:07:fe:4b:41:
cb:63:f0:93:58:ba:df:d5:ce:d7:94:a5:fe:54:f9:74:d8:7c:
7e:4a:aa:b9:7d:f1:83:0c:90:3f:c1:e1:fd:36:01:77:10:75:
aa:99:99:db:f4:0e:83:95:a5:5d:15:f6:1d:35:61:1c:aa:b8:
b2:9c:75:7c:a3:00:fd:60:47:b6:95:2a:69:79:c6:e0:ae:41:
db:fb:e6:27:0d:61:08:6b:f1:cf:4e:36:33:d8:56:53:13:10:
3d:43:da:d1:f2:80:e9:4a:bb:b4:9c:75:b6:3b:41:84:80:b6:
9c:7d:15:9c:ef:06:95:fa:2a:59:98:f8:2e:10:cd:c5:ab:2a:
2a:d1:f7:18:82:35:8b:ba:6d:9c:38:4d:b7:88:c5:a0:3f:7b:
ca:a9:0d:0e:13:f0:ed:8a:e4:06:6c:c6:ce:87:ce:f7:b3:ed:
e7:f4:5c:86:72:66:cb:f4:50:aa:8b:28:fc:9b:d8:29:fe:40:
a7:bb:eb:ba:15:32:1e:14:f2:4a:92:3e:af:ef:58:89:68:83:
c2:b3:2b:e4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIULOZ+SVvxHf3veAk9j05e83BwiXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEwMDIyMzU2NTZaFw0yNTEwMDIwMDAxNTZaMDMxMTAvBgNV
BAMTKEM1QTlGMEM0MjZFQzg1QzZDMEYzMzlENUEyNzAxQjY3M0UxNTA1NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsIFMe6qBpAeFvHIcT3g//rnR9
Bn3zK1SxQXVEhSnSicaw0+JzgZcQhpoa+Q19jMUOYHneiNPHNvXY6PsqkGTmubja
DjToRqRsemR2sSO9N1L01k/aprrHO8/uBbKTWgavluPH9VtvOyJwsF2eSwaKEKYe
GUQtVjgyC0yKGdkcY8vlRJw6gjhqbWE/QHQwkzeQ6cLtWkv9S2+wXwGeGa5DyN2I
uNvqBlADY9ITo918H9F3Mlp5DPjmDN3oS7DUyOQKu/9Sq027hCga2yWugPucss2a
Rpz0DlJi+aBUSkEoZDI+yAv4uEO5cdW98LbulM9WkzBqq7xxFoiG1vxa8HahAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUxanwxCbshcbA8znVonAbZz4VBV0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACM6bkw
DQYJKoZIhvcNAQELBQADggEBACKxsa49iO23DDlhAyJIIlKN5VfwmOX2dpu4dMHX
eMuI4qx8FMa69Z8MRY2+xAUWw6fPB/5LQctj8JNYut/VzteUpf5U+XTYfH5Kqrl9
8YMMkD/B4f02AXcQdaqZmdv0DoOVpV0V9h01YRyquLKcdXyjAP1gR7aVKml5xuCu
Qdv75icNYQhr8c9ONjPYVlMTED1D2tHygOlKu7ScdbY7QYSAtpx9FZzvBpX6KlmY
+C4QzcWrKirR9xiCNYu6bZw4TbeIxaA/e8qpDQ4T8O2K5AZsxs6Hzvez7ef0XIZy
Zsv0UKqLKPyb2Cn+QKe767oVMh4U8kqSPq/vWIlog8KzK+Q=
-----END CERTIFICATE-----
Generated at Mon Oct 28 01:30:50 2024 by rpki-client on console-fra.rpki-client.org