Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398355.roa
File: AS398355.roa (raw, json)
Hash identifier: vcXn3lRwLD+QvKIiASB/LZves6ieUPs/f8rMers3ElQ=
Subject key identifier: 89:6F:0D:58:23:AB:3C:3E:10:D7:BC:65:0D:F1:5C:F7:B1:D1:FC:B6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6D7649AA0EC50B1ED76B543D5220AA6EDCCD61B3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398355.roa
Signing time: Tue 09 Jul 2024 00:49:18 +0000
ROA not before: Tue 09 Jul 2024 00:44:18 +0000
ROA not after: Tue 08 Jul 2025 00:49:18 +0000
asID: 398355
IP address blocks: 146.103.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 00:36:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:76:49:aa:0e:c5:0b:1e:d7:6b:54:3d:52:20:aa:6e:dc:cd:61:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 9 00:44:18 2024 GMT
Not After : Jul 8 00:49:18 2025 GMT
Subject: CN=896F0D5823AB3C3E10D7BC650DF15CF7B1D1FCB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:40:9b:ca:7e:65:79:07:df:87:29:1d:2d:36:
d3:76:5c:b3:9a:5b:4f:73:cb:88:84:78:75:ad:9f:
cb:e8:b2:1b:1c:40:21:4e:ca:21:b3:5b:fa:79:24:
de:33:da:19:e2:63:a8:e0:5e:3b:ce:35:ef:9b:ae:
c0:11:c9:03:79:de:7e:47:63:39:3b:f8:76:00:5a:
f6:da:82:7e:99:93:73:26:55:88:75:1e:2a:fb:38:
33:16:c0:4c:ba:a4:db:9e:11:e7:70:2b:d2:19:8b:
3a:f3:e6:08:d7:dd:6b:11:0b:ca:df:75:db:3c:44:
33:12:86:24:a2:4c:82:35:22:3f:3f:a7:43:eb:6a:
ac:4f:b8:1a:bf:74:09:80:e5:e4:49:f0:66:38:8e:
5d:bc:85:f0:b1:25:67:3a:51:f2:99:e1:83:1e:40:
b4:d1:cd:e1:69:41:0f:6c:e1:4c:6d:34:0b:7b:22:
f6:6f:b9:0c:66:f6:45:8b:50:3d:8e:4e:fb:d0:3f:
a9:3c:e8:56:f4:99:77:e5:2c:b3:60:69:18:8f:57:
c2:e6:99:2e:7e:12:b5:41:1d:94:b4:93:3a:d6:1f:
50:b1:59:4d:41:25:c8:0e:c3:18:fd:b1:18:80:ba:
4e:5b:89:52:fb:8a:06:b3:0b:54:9f:f2:6b:15:c6:
47:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:6F:0D:58:23:AB:3C:3E:10:D7:BC:65:0D:F1:5C:F7:B1:D1:FC:B6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS398355.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.22.0/24
Signature Algorithm: sha256WithRSAEncryption
75:07:ef:c3:ef:fc:05:32:16:e0:fb:8c:43:30:b3:c2:62:f4:
e6:ec:ca:85:ce:6e:41:48:59:79:dd:05:9c:03:ab:67:42:91:
4d:f4:ea:cb:a6:bc:b7:6b:90:b2:8d:c6:c8:1b:05:8b:fc:da:
1c:30:3c:ec:81:f6:98:4e:a7:fc:e1:0b:63:16:7b:eb:36:05:
f0:76:96:2d:80:b7:91:17:7b:41:26:43:b8:0c:27:5f:2f:41:
5e:ea:3b:6f:72:70:31:67:1e:7c:34:79:1b:18:c0:5d:0f:ab:
35:63:46:a2:b5:6d:d8:e1:b8:ea:15:09:11:11:02:a9:2b:c0:
e1:92:32:8d:bc:65:c6:e8:79:52:bd:54:9e:41:78:4e:ba:24:
e5:18:db:ac:2e:9f:6b:bd:6c:9c:f3:ef:d0:22:4b:6b:32:c9:
76:61:65:cc:49:12:1a:83:df:a4:33:b3:1b:92:be:72:e0:91:
19:d4:51:bc:19:b1:b5:7e:a9:57:89:c7:b7:48:e7:96:ae:fe:
71:e7:fe:96:48:b7:cb:1a:fc:cf:3d:ef:4e:53:97:55:96:fc:
45:c3:d3:89:d0:f4:cd:8b:8d:b4:93:63:3c:27:c8:2a:88:18:
fd:f4:1a:18:30:e8:03:aa:aa:c2:14:59:ca:a4:df:2e:6c:2d:
83:77:d5:49
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUbXZJqg7FCx7Xa1Q9UiCqbtzNYbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA3MDkwMDQ0MThaFw0yNTA3MDgwMDQ5MThaMDMxMTAvBgNV
BAMTKDg5NkYwRDU4MjNBQjNDM0UxMEQ3QkM2NTBERjE1Q0Y3QjFEMUZDQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfQJvKfmV5B9+HKR0tNtN2XLOa
W09zy4iEeHWtn8voshscQCFOyiGzW/p5JN4z2hniY6jgXjvONe+brsARyQN53n5H
Yzk7+HYAWvbagn6Zk3MmVYh1Hir7ODMWwEy6pNueEedwK9IZizrz5gjX3WsRC8rf
dds8RDMShiSiTII1Ij8/p0PraqxPuBq/dAmA5eRJ8GY4jl28hfCxJWc6UfKZ4YMe
QLTRzeFpQQ9s4UxtNAt7IvZvuQxm9kWLUD2OTvvQP6k86Fb0mXflLLNgaRiPV8Lm
mS5+ErVBHZS0kzrWH1CxWU1BJcgOwxj9sRiAuk5biVL7igazC1Sf8msVxke7AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUiW8NWCOrPD4Q17xlDfFc97HR/LYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk4MzU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkmcW
MA0GCSqGSIb3DQEBCwUAA4IBAQB1B+/D7/wFMhbg+4xDMLPCYvTm7MqFzm5BSFl5
3QWcA6tnQpFN9OrLpry3a5CyjcbIGwWL/NocMDzsgfaYTqf84QtjFnvrNgXwdpYt
gLeRF3tBJkO4DCdfL0Fe6jtvcnAxZx58NHkbGMBdD6s1Y0aitW3Y4bjqFQkREQKp
K8DhkjKNvGXG6HlSvVSeQXhOuiTlGNusLp9rvWyc8+/QIktrMsl2YWXMSRIag9+k
M7Mbkr5y4JEZ1FG8GbG1fqlXice3SOeWrv5x5/6WSLfLGvzPPe9OU5dVlvxFw9OJ
0PTNi420k2M8J8gqiBj99BoYMOgDqqrCFFnKpN8ubC2Dd9VJ
-----END CERTIFICATE-----
Generated at Fri Jul 12 03:08:14 2024 by rpki-client on console-fra.rpki-client.org