Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS123.roa
File: AS123.roa (raw, json)
Hash identifier: oluDN/QMtU1iuRladFMXBsjlWp+0irsbLaP/l7nZK+g=
Subject key identifier: 9A:50:4F:33:0B:CA:AE:83:C6:EA:53:C8:BB:21:9E:F5:45:66:5B:6B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7FE62B4C5ED123C5B364E19F6C1BCFC1B40B1CE0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS123.roa
Signing time: Thu 07 Mar 2024 11:08:55 +0000
ROA not before: Thu 07 Mar 2024 11:03:55 +0000
ROA not after: Thu 06 Mar 2025 11:08:55 +0000
asID: 123
IP address blocks: 181.215.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 08:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e6:2b:4c:5e:d1:23:c5:b3:64:e1:9f:6c:1b:cf:c1:b4:0b:1c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 7 11:03:55 2024 GMT
Not After : Mar 6 11:08:55 2025 GMT
Subject: CN=9A504F330BCAAE83C6EA53C8BB219EF545665B6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:06:b4:60:71:11:32:c6:5b:18:13:f2:b9:d6:
78:5b:14:56:08:56:75:f2:fb:40:28:52:6d:55:39:
94:b2:a0:a6:2d:ec:6c:4b:26:09:02:c9:ff:a7:36:
25:eb:41:a9:e8:a6:8e:df:4d:b4:c4:16:80:0e:c6:
d0:3a:5a:a3:0d:4c:9f:fe:d5:63:12:1d:bd:4d:2a:
e7:1d:1b:a2:14:49:23:b1:89:7a:c6:30:22:cc:e8:
8f:75:c6:f1:da:e6:70:53:7e:78:5f:d8:b6:38:76:
e2:b0:8d:51:03:42:4f:36:bd:14:1a:1f:35:a8:b8:
20:da:a4:60:a8:a6:d0:55:a6:09:6e:f2:d4:85:ef:
cb:f5:56:2e:28:e0:6a:5f:06:5a:97:b1:f0:15:ba:
34:11:8c:92:4a:30:e4:9e:cc:a5:52:ef:4d:fb:1e:
bc:fb:c3:21:4a:4c:14:2c:ed:14:35:50:d0:9a:bb:
17:45:27:8c:ba:df:4b:07:be:10:f1:84:2e:6b:da:
b5:4a:c4:b4:0d:35:79:0b:11:61:1a:50:a3:19:63:
13:a3:4a:01:e1:7f:f5:89:c6:31:72:4f:b1:17:53:
d9:34:fa:64:b0:fd:38:03:97:fb:8c:e8:02:29:e7:
d4:5f:81:b1:29:66:41:92:b7:7c:1b:51:6a:d6:9f:
65:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:50:4F:33:0B:CA:AE:83:C6:EA:53:C8:BB:21:9E:F5:45:66:5B:6B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS123.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:80:19:25:56:9a:4d:95:99:7a:05:2c:ba:c5:a2:6b:f4:ec:
c8:db:5a:45:ae:55:5b:e5:fb:b1:0d:7e:10:fb:80:a0:03:d9:
74:d4:6f:e7:ee:2d:03:89:a6:ef:3b:82:64:47:1b:ea:6d:e4:
b5:c8:a2:7b:6a:1c:cb:c4:56:d2:e7:ce:1d:42:1f:72:ce:da:
23:65:5e:18:6a:b0:4a:d3:b4:8a:f5:78:56:e4:61:78:79:53:
b0:74:af:42:da:7e:6f:fb:3a:3d:7e:89:3e:86:07:81:18:ec:
50:9d:28:45:d1:dc:62:6c:b4:c2:3e:d1:ba:76:2f:29:d3:76:
84:ee:4e:0c:fc:01:55:7e:e2:52:39:c4:5d:4d:d3:c5:6b:ef:
c0:36:d4:bf:57:4e:e6:b2:ca:67:3d:0f:45:fe:f4:72:7b:a3:
a9:ed:10:0e:83:56:f9:4b:d6:9f:fe:ed:31:2a:67:58:40:29:
d8:85:55:97:91:bc:af:15:f7:9e:2e:45:02:64:11:37:56:d9:
95:44:7d:f8:53:b1:a9:53:32:9b:0f:14:b5:66:f7:6e:e1:ac:
37:e9:71:10:83:ef:bf:25:e5:ec:a4:da:f3:a5:89:ff:cc:9e:
4e:fc:7e:03:60:84:69:63:a9:e7:70:91:f1:77:75:c8:a5:d5:
94:45:88:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUf+YrTF7RI8WzZOGfbBvPwbQLHOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMDcxMTAzNTVaFw0yNTAzMDYxMTA4NTVaMDMxMTAvBgNV
BAMTKDlBNTA0RjMzMEJDQUFFODNDNkVBNTNDOEJCMjE5RUY1NDU2NjVCNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbBrRgcREyxlsYE/K51nhbFFYI
VnXy+0AoUm1VOZSyoKYt7GxLJgkCyf+nNiXrQanopo7fTbTEFoAOxtA6WqMNTJ/+
1WMSHb1NKucdG6IUSSOxiXrGMCLM6I91xvHa5nBTfnhf2LY4duKwjVEDQk82vRQa
HzWouCDapGCoptBVpglu8tSF78v1Vi4o4GpfBlqXsfAVujQRjJJKMOSezKVS7037
Hrz7wyFKTBQs7RQ1UNCauxdFJ4y630sHvhDxhC5r2rVKxLQNNXkLEWEaUKMZYxOj
SgHhf/WJxjFyT7EXU9k0+mSw/TgDl/uM6AIp59RfgbEpZkGSt3wbUWrWn2VzAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUmlBPMwvKroPG6lPIuyGe9UVmW2swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTIzLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdcXMA0G
CSqGSIb3DQEBCwUAA4IBAQAcgBklVppNlZl6BSy6xaJr9OzI21pFrlVb5fuxDX4Q
+4CgA9l01G/n7i0DiabvO4JkRxvqbeS1yKJ7ahzLxFbS584dQh9yztojZV4YarBK
07SK9XhW5GF4eVOwdK9C2n5v+zo9fok+hgeBGOxQnShF0dxibLTCPtG6di8p03aE
7k4M/AFVfuJSOcRdTdPFa+/ANtS/V07msspnPQ9F/vRye6Op7RAOg1b5S9af/u0x
KmdYQCnYhVWXkbyvFfeeLkUCZBE3VtmVRH34U7GpUzKbDxS1Zvdu4aw36XEQg++/
JeXspNrzpYn/zJ5O/H4DYIRpY6nncJHxd3XIpdWURYgM
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:01 2025 by rpki-client