Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS6939.roa
File: AS6939.roa (raw, json)
Hash identifier: qAJXlCPnaZp7lDIXFVZuumfLhYfBrzTkmZBlWB+lwBE=
Subject key identifier: 86:CE:66:C6:2D:69:EB:47:B9:F2:1E:04:0F:E1:62:DE:FA:69:F8:0E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5FF664870C902A0C9B20C0306CF9E7525E6699AF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS6939.roa
Signing time: Tue 17 Dec 2024 13:42:04 +0000
ROA not before: Tue 17 Dec 2024 13:37:04 +0000
ROA not after: Tue 16 Dec 2025 13:42:04 +0000
asID: 6939
IP address blocks: 96.62.134.0/23 maxlen: 24
96.62.148.0/23 maxlen: 24
96.62.166.0/23 maxlen: 24
96.62.244.0/23 maxlen: 24
96.62.252.0/23 maxlen: 24
145.223.68.0/23 maxlen: 24
145.223.70.0/23 maxlen: 24
150.241.162.0/23 maxlen: 24
150.241.164.0/23 maxlen: 24
150.241.166.0/23 maxlen: 24
150.241.168.0/23 maxlen: 24
150.241.170.0/23 maxlen: 24
150.241.172.0/23 maxlen: 24
150.241.176.0/23 maxlen: 24
150.241.178.0/23 maxlen: 24
150.241.180.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 13:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:f6:64:87:0c:90:2a:0c:9b:20:c0:30:6c:f9:e7:52:5e:66:99:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Dec 17 13:37:04 2024 GMT
Not After : Dec 16 13:42:04 2025 GMT
Subject: CN=86CE66C62D69EB47B9F21E040FE162DEFA69F80E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:56:4c:74:2e:5a:85:18:21:71:f3:3f:50:cb:
60:29:7c:38:fc:36:46:d3:4b:d7:6c:a5:9a:5c:6b:
ad:ea:4f:05:e7:ab:a0:1d:8d:82:44:32:a5:5d:8c:
59:36:06:c4:83:a7:70:c1:24:0b:1b:47:7b:56:f3:
3c:54:b9:61:7a:74:d5:f1:af:82:50:c4:17:92:4c:
41:bd:10:82:2e:84:45:b9:85:1e:54:e5:93:b4:72:
51:03:73:65:ea:da:94:f1:45:8a:fb:59:64:07:47:
cf:0d:7a:e5:0e:78:55:a9:54:5e:0b:2c:4f:a7:e7:
65:4c:3d:8c:49:87:97:8f:08:f7:a1:17:42:cd:7a:
d4:b8:e3:d2:64:12:16:e6:42:29:57:9e:6a:76:00:
62:55:9c:2f:d3:27:b3:cb:01:8b:d2:63:f3:98:4b:
43:ac:99:e9:17:46:f0:2a:71:73:6c:16:ed:3a:91:
77:2c:76:8f:6f:4a:bf:a8:1c:5d:41:cf:25:2a:2e:
cc:39:08:c1:67:23:91:9a:73:5e:a4:7d:36:08:51:
82:b8:be:da:c1:3d:3f:42:72:58:70:c5:ec:ae:d3:
ec:15:90:82:1d:8b:15:7b:03:c3:17:6e:63:cc:76:
2d:08:d3:48:73:ad:db:97:04:b3:32:b9:1f:f5:2a:
a7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CE:66:C6:2D:69:EB:47:B9:F2:1E:04:0F:E1:62:DE:FA:69:F8:0E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS6939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.134.0/23
96.62.148.0/23
96.62.166.0/23
96.62.244.0/23
96.62.252.0/23
145.223.68.0/22
150.241.162.0-150.241.173.255
150.241.176.0-150.241.181.255
Signature Algorithm: sha256WithRSAEncryption
5a:84:d5:b8:a8:d6:9c:49:c4:58:57:fc:57:fc:e4:51:70:a9:
c8:60:06:d1:65:63:26:44:82:d2:53:8f:a4:f9:fe:87:96:c2:
a4:a1:e3:5e:19:77:b8:3b:ca:1b:05:5f:a1:b0:48:90:0a:65:
a0:e3:e1:87:a8:eb:73:05:76:40:11:ab:6f:75:03:6b:09:c3:
00:f1:2f:12:cb:3b:fa:c1:f3:3c:a3:41:08:f9:c2:0f:24:65:
33:71:1f:6a:42:02:8d:0d:30:dd:bf:8b:31:99:ab:16:5f:cf:
c2:36:2b:53:72:4d:1b:72:0d:e7:d1:66:29:35:2c:7e:98:cd:
55:52:59:0b:0f:cf:28:37:31:92:9d:11:70:1a:ad:0f:03:d1:
31:f6:d9:7b:e8:16:d4:65:6b:cb:a0:01:f4:39:27:88:41:fe:
6f:d8:b0:58:88:70:ee:1b:6b:c3:f1:88:e6:cf:cf:36:c5:c1:
9b:5f:5c:23:2b:a5:0e:af:b3:74:c3:81:3e:63:b4:ac:cf:dd:
a0:cf:93:b6:65:62:e9:9c:35:c0:1c:32:11:9d:31:54:7d:3a:
2e:1a:6f:92:c2:02:b4:cb:4f:ca:54:8b:11:37:8c:5b:cd:4d:
78:02:ff:47:2a:2f:5c:8a:f2:25:3e:0d:1e:f5:21:8b:fb:bf:
24:e3:7d:80
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUX/ZkhwyQKgybIMAwbPnnUl5mma8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEyMTcxMzM3MDRaFw0yNTEyMTYxMzQyMDRaMDMxMTAvBgNV
BAMTKDg2Q0U2NkM2MkQ2OUVCNDdCOUYyMUUwNDBGRTE2MkRFRkE2OUY4MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKVkx0LlqFGCFx8z9Qy2ApfDj8
NkbTS9dspZpca63qTwXnq6AdjYJEMqVdjFk2BsSDp3DBJAsbR3tW8zxUuWF6dNXx
r4JQxBeSTEG9EIIuhEW5hR5U5ZO0clEDc2Xq2pTxRYr7WWQHR88NeuUOeFWpVF4L
LE+n52VMPYxJh5ePCPehF0LNetS449JkEhbmQilXnmp2AGJVnC/TJ7PLAYvSY/OY
S0OsmekXRvAqcXNsFu06kXcsdo9vSr+oHF1BzyUqLsw5CMFnI5Gac16kfTYIUYK4
vtrBPT9Cclhwxeyu0+wVkIIdixV7A8MXbmPMdi0I00hzrduXBLMyuR/1Kqf5AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUhs5mxi1p60e58h4ED+Fi3vpp+A4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBZBggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAWA+hgME
AWA+lAMEAWA+pgMEAWA+9AMEAWA+/AMEApHfRDAMAwQBlvGiAwQBlvGsMAwDBASW
8bADBAGW8bQwDQYJKoZIhvcNAQELBQADggEBAFqE1bio1pxJxFhX/Ff85FFwqchg
BtFlYyZEgtJTj6T5/oeWwqSh414Zd7g7yhsFX6GwSJAKZaDj4Yeo63MFdkARq291
A2sJwwDxLxLLO/rB8zyjQQj5wg8kZTNxH2pCAo0NMN2/izGZqxZfz8I2K1NyTRty
DefRZik1LH6YzVVSWQsPzyg3MZKdEXAarQ8D0TH22XvoFtRla8ugAfQ5J4hB/m/Y
sFiIcO4ba8PxiObPzzbFwZtfXCMrpQ6vs3TDgT5jtKzP3aDPk7ZlYumcNcAcMhGd
MVR9Oi4ab5LCArTLT8pUixE3jFvNTXgC/0cqL1yK8iU+DR71IYv7vyTjfYA=
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:48:30 2025 by rpki-client