Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS13876.roa
File: AS13876.roa (raw, json)
Hash identifier: rVKJK6wfmAe/Unlr/Gz2RKAiVXMMmbLUPjj9LgFC1O8=
Subject key identifier: E3:4D:9D:64:9E:39:6D:76:C6:F2:AF:68:8C:4C:6A:0B:FB:48:7B:6D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 47BF25483DD6881EB070BC6E884F4F4A949FBF8F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS13876.roa
Signing time: Wed 02 Oct 2024 00:00:39 +0000
ROA not before: Tue 01 Oct 2024 23:55:39 +0000
ROA not after: Wed 01 Oct 2025 00:00:39 +0000
asID: 13876
IP address blocks: 191.96.105.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 00:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:bf:25:48:3d:d6:88:1e:b0:70:bc:6e:88:4f:4f:4a:94:9f:bf:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 1 23:55:39 2024 GMT
Not After : Oct 1 00:00:39 2025 GMT
Subject: CN=E34D9D649E396D76C6F2AF688C4C6A0BFB487B6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:42:b6:b3:66:f7:76:c7:eb:20:3a:fa:43:
df:c8:27:f2:23:6b:b1:e5:a4:e5:fe:ed:48:e1:ad:
d1:20:10:22:7e:8a:0d:26:3a:bc:9e:fa:7a:04:fb:
be:2a:08:ca:cb:be:05:96:78:c6:20:31:2f:bd:43:
09:ab:d7:e6:1d:c8:26:7e:2a:ec:a9:92:7f:56:21:
27:85:ef:b5:81:b1:84:f3:c1:83:32:c1:a0:b0:dd:
91:24:4d:88:57:73:fd:81:2b:4d:12:1d:cd:af:bb:
42:58:c3:dc:cf:96:c4:9d:38:ab:11:9a:20:0f:ed:
21:1c:f2:45:4c:22:be:db:1c:a3:51:c4:d0:e7:92:
60:fa:a2:ec:3b:ab:b1:73:99:d4:e6:ca:ed:d5:99:
48:7e:39:74:aa:e5:74:bf:fa:cc:ba:05:04:13:39:
4b:71:07:61:19:e6:4a:32:aa:35:30:8e:3f:ac:46:
88:2b:aa:03:0f:ff:69:8f:eb:29:ef:cc:4e:0b:32:
70:6e:7f:b0:35:4f:05:55:b7:5d:94:ef:9c:51:a9:
4f:0c:8b:57:dd:17:28:6e:a9:f2:65:73:2e:cb:7b:
a6:e5:9b:43:af:bb:b6:52:51:c6:fd:e3:f8:3c:67:
e7:50:4f:ae:95:f2:6d:7e:41:d4:b8:fe:2e:2a:d3:
71:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4D:9D:64:9E:39:6D:76:C6:F2:AF:68:8C:4C:6A:0B:FB:48:7B:6D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS13876.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.105.0/24
191.101.120.0/24
191.101.253.0/24
Signature Algorithm: sha256WithRSAEncryption
25:e3:91:91:e0:d4:c7:e3:b8:1c:41:f9:a2:a7:d5:99:b7:56:
b8:85:42:2b:9e:83:81:22:59:90:fd:d0:7d:77:fc:4f:9d:47:
c9:8d:56:43:b8:66:e2:6f:5f:d2:41:ec:96:aa:59:a9:2c:11:
a3:55:77:0d:3f:e7:39:f8:f5:6e:b5:f4:17:53:92:ef:9e:ee:
01:9b:13:ce:cf:21:7d:6c:5b:af:d6:90:74:6e:a0:0f:5b:08:
42:ca:55:67:b7:6a:86:50:51:8b:10:a3:cc:70:a2:e3:71:b5:
b5:59:f4:02:af:96:f6:8b:80:c3:e3:aa:f2:1d:46:84:42:7c:
f9:b2:f2:62:48:3d:28:94:4f:e4:b4:7e:35:34:fc:7e:62:c8:
b4:b8:0c:aa:f0:06:f3:a0:36:e1:4a:49:cd:55:5d:75:d9:d3:
78:5c:78:84:1d:46:c1:ac:c9:d0:47:b7:18:af:bf:cb:b4:48:
8e:bd:40:23:3e:8f:39:4e:38:79:b7:78:71:98:df:0b:31:6f:
fd:70:08:70:93:51:05:91:9c:fe:2e:0f:5b:fd:1a:7f:ba:16:
f8:5c:58:1d:78:c3:10:9d:69:d8:c1:2d:25:96:db:2b:77:ee:
5a:dc:8d:3a:30:e2:d0:cd:66:5c:ec:e9:5a:eb:8b:fb:1e:d6:
43:90:e4:2b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUR78lSD3WiB6wcLxuiE9PSpSfv48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMDEyMzU1MzlaFw0yNTEwMDEwMDAwMzlaMDMxMTAvBgNV
BAMTKEUzNEQ5RDY0OUUzOTZENzZDNkYyQUY2ODhDNEM2QTBCRkI0ODdCNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnMEK2s2b3dsfrIDr6Q9/IJ/Ij
a7HlpOX+7UjhrdEgECJ+ig0mOrye+noE+74qCMrLvgWWeMYgMS+9Qwmr1+YdyCZ+
Kuypkn9WISeF77WBsYTzwYMywaCw3ZEkTYhXc/2BK00SHc2vu0JYw9zPlsSdOKsR
miAP7SEc8kVMIr7bHKNRxNDnkmD6ouw7q7FzmdTmyu3VmUh+OXSq5XS/+sy6BQQT
OUtxB2EZ5koyqjUwjj+sRogrqgMP/2mP6ynvzE4LMnBuf7A1TwVVt12U75xRqU8M
i1fdFyhuqfJlcy7Le6blm0Ovu7ZSUcb94/g8Z+dQT66V8m1+QdS4/i4q03EfAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQU402dZJ45bXbG8q9ojExqC/tIe20wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM4NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAC/YGkD
BAC/ZXgDBAC/Zf0wDQYJKoZIhvcNAQELBQADggEBACXjkZHg1MfjuBxB+aKn1Zm3
VriFQiueg4EiWZD90H13/E+dR8mNVkO4ZuJvX9JB7JaqWaksEaNVdw0/5zn49W61
9BdTku+e7gGbE87PIX1sW6/WkHRuoA9bCELKVWe3aoZQUYsQo8xwouNxtbVZ9AKv
lvaLgMPjqvIdRoRCfPmy8mJIPSiUT+S0fjU0/H5iyLS4DKrwBvOgNuFKSc1VXXXZ
03hceIQdRsGsydBHtxivv8u0SI69QCM+jzlOOHm3eHGY3wsxb/1wCHCTUQWRnP4u
D1v9Gn+6FvhcWB14wxCdadjBLSWW2yt37lrcjTow4tDNZlzs6Vrri/se1kOQ5Cs=
-----END CERTIFICATE-----
Generated at Sat Nov 2 01:44:21 2024 by rpki-client on console-fra.rpki-client.org