Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: dsgbtXPMKqoaMQI9Jie5Vbb3gYFs/rKCY8FWEi0C8R0=
Subject key identifier: 89:E9:35:09:7E:29:9C:8A:7E:07:B1:59:EB:1B:9D:99:BD:F7:C3:6B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 31C562880F05E65FF4C71ECDE7F536A4B835C776
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa
Signing time: Tue 16 Apr 2024 08:10:05 +0000
ROA not before: Tue 16 Apr 2024 08:05:05 +0000
ROA not after: Tue 15 Apr 2025 08:10:05 +0000
asID: 39521
IP address blocks: 140.150.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 00:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:c5:62:88:0f:05:e6:5f:f4:c7:1e:cd:e7:f5:36:a4:b8:35:c7:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 16 08:05:05 2024 GMT
Not After : Apr 15 08:10:05 2025 GMT
Subject: CN=89E935097E299C8A7E07B159EB1B9D99BDF7C36B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2a:62:f2:ca:d3:11:42:23:d4:f9:29:89:6c:
39:95:6b:8c:2c:71:85:ae:2b:6d:94:49:2d:62:31:
3d:35:02:3a:dc:d1:f3:d7:8f:8f:1c:5d:ae:60:19:
19:f9:17:f3:01:1f:f6:d5:aa:7f:28:d9:eb:e1:a7:
05:a8:a7:91:76:36:f1:f1:ac:d9:bf:05:7c:0e:fd:
ac:e4:0d:42:89:e6:ae:d3:1f:9e:68:39:df:bc:18:
bc:49:ff:88:74:ca:99:f2:85:0a:c8:56:5f:fa:9e:
fe:b0:42:40:bb:c2:9c:7a:27:8d:28:85:9e:99:f2:
ef:2f:13:d3:ef:93:bb:17:0a:c1:7c:e0:76:c5:2d:
3b:5d:f9:47:17:89:5f:78:86:67:7b:8e:0f:3c:77:
6b:55:f7:f6:86:88:1f:6d:97:e3:85:51:60:71:ba:
78:0d:b6:c1:e4:e6:32:ce:65:5b:af:1b:e9:e5:6f:
7c:0a:0b:de:10:25:e6:8a:a5:74:a0:9f:8b:28:3d:
0d:8e:51:7b:40:3f:70:d7:71:0e:b0:4c:ed:57:04:
97:c4:87:ca:2a:d3:e5:45:0b:5e:2a:bf:e2:e8:a1:
c5:eb:37:0e:72:77:17:0f:89:60:09:82:73:f5:af:
57:9d:10:3a:3f:36:a8:69:0e:b9:bc:2b:31:a4:14:
b6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E9:35:09:7E:29:9C:8A:7E:07:B1:59:EB:1B:9D:99:BD:F7:C3:6B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.184.0/21
Signature Algorithm: sha256WithRSAEncryption
19:38:78:19:3d:b1:ed:99:cd:88:57:dc:78:c4:4b:2a:19:a5:
f8:dd:6d:ac:d4:be:e3:6e:6c:6c:7c:f3:13:7e:34:cf:00:72:
6f:6d:73:fc:8c:a2:d9:8f:c0:3f:cf:a7:fe:68:13:b4:4d:4e:
7b:60:52:28:88:28:f7:04:e5:68:f4:c0:10:1a:5d:36:1b:44:
90:57:77:f5:fe:39:2a:2b:bd:d4:6e:b2:da:c9:64:f5:58:94:
2c:32:83:76:65:6c:77:34:6b:60:d5:c2:d4:08:18:ca:56:da:
9c:b6:bf:c5:16:5a:d2:8d:26:fc:f4:a1:0b:5c:45:d5:f3:09:
e7:9c:82:30:43:b0:ad:5b:99:a0:df:d6:aa:1c:04:19:26:e3:
01:26:58:16:6c:84:11:4d:09:2b:9f:d0:be:1a:9b:90:26:13:
24:13:f2:01:fc:86:e4:51:0b:af:4e:cb:50:65:d3:94:73:8e:
04:d4:16:6c:08:47:d4:13:91:ef:0b:52:d9:7d:12:80:42:29:
6a:ef:1a:50:55:1d:c5:82:8a:22:9e:c6:18:1a:21:18:c5:49:
3c:fb:1a:43:15:4e:ea:ca:73:67:04:3b:91:6e:b4:1d:e3:c8:
82:d7:cb:42:01:e7:0b:1d:cc:51:06:f3:bc:59:73:f7:4a:f6:
18:a9:5c:b4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUMcViiA8F5l/0xx7N5/U2pLg1x3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MTYwODA1MDVaFw0yNTA0MTUwODEwMDVaMDMxMTAvBgNV
BAMTKDg5RTkzNTA5N0UyOTlDOEE3RTA3QjE1OUVCMUI5RDk5QkRGN0MzNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIKmLyytMRQiPU+SmJbDmVa4ws
cYWuK22USS1iMT01Ajrc0fPXj48cXa5gGRn5F/MBH/bVqn8o2evhpwWop5F2NvHx
rNm/BXwO/azkDUKJ5q7TH55oOd+8GLxJ/4h0ypnyhQrIVl/6nv6wQkC7wpx6J40o
hZ6Z8u8vE9Pvk7sXCsF84HbFLTtd+UcXiV94hmd7jg88d2tV9/aGiB9tl+OFUWBx
ungNtsHk5jLOZVuvG+nlb3wKC94QJeaKpXSgn4soPQ2OUXtAP3DXcQ6wTO1XBJfE
h8oq0+VFC14qv+LoocXrNw5ydxcPiWAJgnP1r1edEDo/NqhpDrm8KzGkFLZdAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUiek1CX4pnIp+B7FZ6xudmb33w2swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOMlrgw
DQYJKoZIhvcNAQELBQADggEBABk4eBk9se2ZzYhX3HjESyoZpfjdbazUvuNubGx8
8xN+NM8Acm9tc/yMotmPwD/Pp/5oE7RNTntgUiiIKPcE5Wj0wBAaXTYbRJBXd/X+
OSorvdRustrJZPVYlCwyg3ZlbHc0a2DVwtQIGMpW2py2v8UWWtKNJvz0oQtcRdXz
CeecgjBDsK1bmaDf1qocBBkm4wEmWBZshBFNCSuf0L4am5AmEyQT8gH8huRRC69O
y1Bl05RzjgTUFmwIR9QTke8LUtl9EoBCKWrvGlBVHcWCiiKexhgaIRjFSTz7GkMV
TurKc2cEO5FutB3jyILXy0IB5wsdzFEG87xZc/dK9hipXLQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org