Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS1239.roa
File: AS1239.roa (raw, json)
Hash identifier: Ci45exeuWC6elAuhw0RRWEiaVTotqrGHpGJyVkOzt3M=
Subject key identifier: 50:61:2C:32:31:C9:34:6C:6F:A0:A7:39:72:17:22:C6:A7:AB:9E:47
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1B11A75F0F3D4D2D6E09D8CF9D5C83356CE3ACAE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS1239.roa
Signing time: Wed 10 Jul 2024 14:05:39 +0000
ROA not before: Wed 10 Jul 2024 14:00:39 +0000
ROA not after: Wed 09 Jul 2025 14:05:39 +0000
asID: 1239
IP address blocks: 181.214.39.0/24 maxlen: 24
191.96.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 27 Nov 2024 09:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:11:a7:5f:0f:3d:4d:2d:6e:09:d8:cf:9d:5c:83:35:6c:e3:ac:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 10 14:00:39 2024 GMT
Not After : Jul 9 14:05:39 2025 GMT
Subject: CN=50612C3231C9346C6FA0A739721722C6A7AB9E47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:00:ea:d9:55:e6:7d:76:ff:07:70:d3:5e:b5:
1d:dc:50:88:69:90:e9:2f:16:81:a0:5b:6d:a2:2e:
5d:77:73:48:c2:8f:71:00:23:7d:2f:9f:a2:cf:66:
68:b5:92:d2:8c:52:28:31:3c:c0:fd:23:63:df:e2:
28:19:56:d4:47:7f:3b:ea:bb:63:2d:3f:0d:2b:1c:
f3:7e:89:ae:ec:4e:45:b1:28:8a:0f:78:6f:7b:fa:
fa:c3:b7:e7:ba:c0:3b:3f:88:99:d8:82:ef:61:65:
90:37:6d:58:89:88:aa:d5:76:24:37:47:f5:aa:a3:
95:8b:ba:ff:9f:3e:c5:ad:81:e6:60:07:3e:e2:d2:
3d:2a:05:d5:9a:bb:56:92:b5:35:63:3b:d5:60:4f:
fa:fc:4c:c5:39:a7:01:87:be:c3:5f:0c:ae:49:cf:
f2:81:88:ef:21:6a:fe:83:65:73:6c:f2:86:a0:fc:
a0:f0:86:9f:10:51:5f:51:64:a7:b0:98:70:c0:31:
3c:ba:72:f2:03:74:68:f5:28:01:ce:3b:ac:9b:fe:
5d:28:b6:78:02:aa:df:c5:bc:64:0c:8f:ab:0a:db:
e9:23:5a:2c:cf:75:c6:23:27:ce:ed:4e:6c:8a:fe:
ae:e0:31:23:e6:29:7d:ba:43:cb:7d:f8:05:7a:5c:
28:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:61:2C:32:31:C9:34:6C:6F:A0:A7:39:72:17:22:C6:A7:AB:9E:47
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS1239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.39.0/24
191.96.27.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:bc:6f:1a:9a:58:01:fe:bf:61:68:ad:85:c6:f2:31:95:a2:
2b:8d:ed:3e:67:87:a9:2c:b3:ff:4e:1e:1d:e4:d6:82:bc:00:
2a:76:13:78:b2:5d:eb:49:5b:8f:fb:e5:00:be:e2:ae:ce:b9:
e5:43:3e:e7:7e:c1:33:31:95:a2:1e:a2:51:80:d7:10:53:0b:
0c:b7:9d:92:42:a9:27:dc:b2:01:85:da:f9:c5:1f:cd:6a:b4:
db:77:aa:80:1d:26:57:4c:1b:3c:5e:81:19:d6:ea:de:58:d5:
a1:28:53:37:2b:74:ae:a1:80:32:d8:12:91:a8:98:7d:ca:6e:
a8:2b:74:86:51:94:91:1b:cd:9e:04:80:17:b0:4f:18:9e:8e:
5e:09:b0:01:6f:3a:a8:f8:68:67:0d:ca:19:6d:3c:d5:8f:4d:
f7:02:ff:df:49:cc:6f:46:ba:40:65:12:72:bc:92:9e:b7:f6:
a5:98:79:f7:8d:e3:c0:dd:94:05:05:25:65:29:cf:32:3f:ed:
14:13:f2:6b:6c:d1:a4:8b:88:b1:f8:a1:26:64:f1:37:1c:6b:
3e:ad:5e:b6:8c:0c:97:4c:d6:e8:96:24:d2:6a:67:0a:6d:62:
b9:71:5b:32:42:7c:12:28:c0:78:4d:97:4d:bd:4c:62:09:d9:
63:01:01:9f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIUGxGnXw89TS1uCdjPnVyDNWzjrK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA3MTAxNDAwMzlaFw0yNTA3MDkxNDA1MzlaMDMxMTAvBgNV
BAMTKDUwNjEyQzMyMzFDOTM0NkM2RkEwQTczOTcyMTcyMkM2QTdBQjlFNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2AOrZVeZ9dv8HcNNetR3cUIhp
kOkvFoGgW22iLl13c0jCj3EAI30vn6LPZmi1ktKMUigxPMD9I2Pf4igZVtRHfzvq
u2MtPw0rHPN+ia7sTkWxKIoPeG97+vrDt+e6wDs/iJnYgu9hZZA3bViJiKrVdiQ3
R/Wqo5WLuv+fPsWtgeZgBz7i0j0qBdWau1aStTVjO9VgT/r8TMU5pwGHvsNfDK5J
z/KBiO8hav6DZXNs8oag/KDwhp8QUV9RZKewmHDAMTy6cvIDdGj1KAHOO6yb/l0o
tngCqt/FvGQMj6sK2+kjWizPdcYjJ87tTmyK/q7gMSPmKX26Q8t9+AV6XCiZAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQUUGEsMjHJNGxvoKc5chcixqernkcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTIzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALXWJwME
AL9gGzANBgkqhkiG9w0BAQsFAAOCAQEAo7xvGppYAf6/YWithcbyMZWiK43tPmeH
qSyz/04eHeTWgrwAKnYTeLJd60lbj/vlAL7irs655UM+537BMzGVoh6iUYDXEFML
DLedkkKpJ9yyAYXa+cUfzWq023eqgB0mV0wbPF6BGdbq3ljVoShTNyt0rqGAMtgS
kaiYfcpuqCt0hlGUkRvNngSAF7BPGJ6OXgmwAW86qPhoZw3KGW081Y9N9wL/30nM
b0a6QGUScrySnrf2pZh5943jwN2UBQUlZSnPMj/tFBPya2zRpIuIsfihJmTxNxxr
Pq1etowMl0zW6JYk0mpnCm1iuXFbMkJ8EijAeE2XTb1MYgnZYwEBnw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:31 2025 by rpki-client