Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS139660.roa
File: AS139660.roa (raw, json)
Hash identifier: WKRIGwZbQQx3MUfv1Uf5KvDXiP343ViN/kYBpXeV0p4=
Subject key identifier: 24:D3:D0:96:3C:FA:80:2A:E9:AA:67:69:E5:80:C6:C9:45:78:D8:EE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5C1F95AD17D3EDCA21FED0D84E9DD8E4575909EE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS139660.roa
Signing time: Thu 09 May 2024 15:05:28 +0000
ROA not before: Thu 09 May 2024 15:00:28 +0000
ROA not after: Thu 08 May 2025 15:05:28 +0000
asID: 139660
IP address blocks: 191.101.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 07:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:1f:95:ad:17:d3:ed:ca:21:fe:d0:d8:4e:9d:d8:e4:57:59:09:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 9 15:00:28 2024 GMT
Not After : May 8 15:05:28 2025 GMT
Subject: CN=24D3D0963CFA802AE9AA6769E580C6C94578D8EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cf:c4:d6:28:df:a3:6f:19:15:da:2f:04:29:
cc:da:55:c7:31:4d:39:1b:3c:36:1b:70:2b:74:de:
e8:96:bf:21:7d:4e:d1:81:42:4c:99:df:f8:62:ae:
85:0e:99:84:d3:c6:07:50:6c:db:86:b9:f8:8a:9b:
80:d6:88:79:42:e0:07:f7:33:23:22:22:a6:5a:c8:
0f:68:1d:7c:57:b0:52:f4:51:4b:2d:57:7b:75:85:
6a:15:16:36:c7:d1:8f:07:3e:27:e3:e0:d3:f1:75:
de:41:ee:e0:74:5b:a8:f8:05:87:e1:4d:9e:8b:60:
52:ec:e4:43:6f:63:b0:97:02:57:a6:98:95:20:e8:
1e:44:a7:8e:8e:62:27:73:87:c9:35:73:6d:01:c9:
bc:4c:9a:2a:2f:15:09:3a:00:bd:80:a6:50:a4:70:
2d:68:37:1d:0b:9e:05:6d:4d:a6:e9:b2:89:c1:d4:
e8:0b:d3:c7:96:2a:c9:69:85:5f:13:b4:18:c2:8a:
24:0d:78:00:48:da:2c:c3:41:68:e4:cf:20:b8:dd:
65:8f:de:1d:34:7f:92:c0:d5:3f:0c:35:bb:7b:75:
92:f0:22:f5:b1:33:24:10:dc:97:d5:a7:d7:d0:5d:
f7:3c:4b:cd:e4:41:e8:7e:d1:60:71:05:38:2e:8a:
4d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D3:D0:96:3C:FA:80:2A:E9:AA:67:69:E5:80:C6:C9:45:78:D8:EE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS139660.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.182.0/24
Signature Algorithm: sha256WithRSAEncryption
38:f9:03:d1:1a:d5:0e:20:32:bd:3a:3a:f2:36:f0:98:97:dc:
6c:d7:d0:67:cc:d4:ed:b4:ea:b2:a2:25:ad:5f:16:be:d8:54:
68:c0:1d:df:e0:ca:5c:25:15:8e:43:b3:08:22:ec:73:03:87:
ee:29:16:9c:a4:a6:d5:61:86:25:3b:b0:0f:fd:ba:78:eb:36:
99:82:9f:3e:6a:c5:1d:ef:e1:b3:7a:fc:2f:a4:a2:0d:f3:7b:
6e:be:b7:82:3c:19:95:2a:97:bd:97:59:60:58:31:ab:0d:fb:
f1:aa:96:5e:4d:56:95:e6:33:99:8c:0c:0d:aa:cd:c0:c5:38:
51:bb:08:23:e6:2d:de:24:bb:15:78:32:1f:95:fd:20:7c:f9:
b4:48:93:66:7f:5d:09:ee:5c:1c:d3:cb:e1:eb:a3:0b:2e:9c:
3e:e6:69:09:61:94:af:51:cc:18:12:9c:8c:41:70:dc:60:24:
dc:19:e8:ac:0a:50:b1:e8:9d:42:7e:a9:ca:5b:59:42:59:29:
4e:e4:ce:13:d8:73:49:f6:1a:f5:27:bc:c6:d1:51:b9:85:e0:
ae:18:0e:60:02:99:9a:9e:6d:99:db:b6:15:ca:c3:ca:93:df:
25:4e:e8:c3:4b:4c:e7:9a:0a:db:05:08:16:7b:39:82:0f:51:
ed:b0:0d:72
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUXB+VrRfT7coh/tDYTp3Y5FdZCe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MDkxNTAwMjhaFw0yNTA1MDgxNTA1MjhaMDMxMTAvBgNV
BAMTKDI0RDNEMDk2M0NGQTgwMkFFOUFBNjc2OUU1ODBDNkM5NDU3OEQ4RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsz8TWKN+jbxkV2i8EKczaVccx
TTkbPDYbcCt03uiWvyF9TtGBQkyZ3/hiroUOmYTTxgdQbNuGufiKm4DWiHlC4Af3
MyMiIqZayA9oHXxXsFL0UUstV3t1hWoVFjbH0Y8HPifj4NPxdd5B7uB0W6j4BYfh
TZ6LYFLs5ENvY7CXAlemmJUg6B5Ep46OYidzh8k1c20BybxMmiovFQk6AL2AplCk
cC1oNx0LngVtTabpsonB1OgL08eWKslphV8TtBjCiiQNeABI2izDQWjkzyC43WWP
3h00f5LA1T8MNbt7dZLwIvWxMyQQ3JfVp9fQXfc8S83kQeh+0WBxBTguik2/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUJNPQljz6gCrpqmdp5YDGyUV42O4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM5NjYwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2W2
MA0GCSqGSIb3DQEBCwUAA4IBAQA4+QPRGtUOIDK9OjryNvCYl9xs19BnzNTttOqy
oiWtXxa+2FRowB3f4MpcJRWOQ7MIIuxzA4fuKRacpKbVYYYlO7AP/bp46zaZgp8+
asUd7+GzevwvpKIN83tuvreCPBmVKpe9l1lgWDGrDfvxqpZeTVaV5jOZjAwNqs3A
xThRuwgj5i3eJLsVeDIflf0gfPm0SJNmf10J7lwc08vh66MLLpw+5mkJYZSvUcwY
EpyMQXDcYCTcGeisClCx6J1CfqnKW1lCWSlO5M4T2HNJ9hr1J7zG0VG5heCuGA5g
Apmanm2Z27YVysPKk98lTujDS0znmgrbBQgWezmCD1HtsA1y
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:33 2025 by rpki-client