Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14315.roa
File: AS14315.roa (raw, json)
Hash identifier: a0HGJL959Mmmpp6lHgOaWppIq8eKP0M1mXZMxUaj7Qg=
Subject key identifier: A2:28:A8:7C:BE:6A:83:32:57:B1:9E:D4:40:5D:3F:36:3B:E2:B3:65
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 13DE62CE27D7FB4304DF9696627C5A84BC97E08C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14315.roa
Signing time: Sun 19 Nov 2023 17:07:44 +0000
ROA not before: Sun 19 Nov 2023 17:02:44 +0000
ROA not after: Sun 17 Nov 2024 17:07:44 +0000
asID: 14315
IP address blocks: 191.96.143.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 00:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:de:62:ce:27:d7:fb:43:04:df:96:96:62:7c:5a:84:bc:97:e0:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 19 17:02:44 2023 GMT
Not After : Nov 17 17:07:44 2024 GMT
Subject: CN=A228A87CBE6A833257B19ED4405D3F363BE2B365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:59:7f:80:7c:58:8d:27:a0:26:d8:6f:75:a4:
c4:e5:e5:88:43:64:a2:db:ac:f7:12:6b:5a:33:1d:
4e:c1:c9:aa:e2:3e:de:79:45:4e:6c:4d:3b:66:1f:
c6:60:67:62:48:4c:30:c6:8c:e7:0a:9b:b3:a9:eb:
85:5b:ae:d2:c4:a6:85:1a:87:46:a8:6a:94:11:93:
b9:eb:8a:00:7d:de:96:f0:6e:9f:06:08:42:90:98:
83:7b:51:59:d1:6e:36:05:61:ed:77:6d:4d:1f:cb:
d4:aa:d0:35:e9:11:b3:1e:e6:b4:d2:50:1d:2a:7c:
03:f6:9e:32:c6:e7:a6:8b:ad:5f:25:b0:f1:ed:15:
1b:e4:b9:43:cd:f3:0b:15:11:30:20:4b:35:14:80:
e4:04:b7:f7:55:77:81:ef:2d:54:08:eb:13:23:44:
a6:b4:b8:e9:6a:d4:33:f8:61:c4:26:67:d5:c4:6a:
65:05:99:cb:66:6f:3a:34:c5:40:f3:46:7f:e2:66:
ca:70:89:c1:43:32:62:5e:1d:96:28:26:b2:e5:89:
22:0d:6e:88:7e:4d:34:55:d6:f1:68:43:9b:c1:f6:
dd:34:6c:7e:85:9e:b4:09:15:55:33:bf:88:38:ea:
f1:28:5f:8e:05:da:b3:f4:cd:c7:f5:de:68:05:46:
cd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:28:A8:7C:BE:6A:83:32:57:B1:9E:D4:40:5D:3F:36:3B:E2:B3:65
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS14315.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.143.0/24
Signature Algorithm: sha256WithRSAEncryption
46:09:c4:49:62:fc:a7:cf:41:f1:30:aa:c1:ac:db:4f:65:b0:
60:b1:53:43:d3:05:4c:11:ef:14:cd:a8:e7:b3:47:ac:75:97:
07:79:89:6e:9c:b5:2e:73:71:df:d5:17:e0:8f:67:c6:b5:67:
14:3c:0b:3c:fb:11:94:af:f8:81:48:8a:63:25:78:fb:41:7c:
3f:ee:f3:40:5f:3d:45:e5:33:ac:e5:4b:11:13:2a:ac:7a:bb:
50:03:c3:75:56:7d:95:c7:20:4c:92:d6:ae:49:5e:32:8b:f5:
cb:26:e9:bd:07:8c:65:73:2a:f9:f9:a2:e6:1e:d9:bb:18:ee:
5f:9f:75:ab:08:6e:66:52:17:e3:35:83:a8:be:a9:2b:76:05:
a6:c8:a3:1b:c3:a9:e6:f8:44:05:32:a7:6a:a8:22:6b:86:b2:
68:57:3e:68:ba:ad:13:42:95:e5:97:22:0f:f7:e7:6e:82:35:
b1:ca:fc:00:bd:b6:24:f7:51:5a:fd:16:3f:0f:6a:b2:f3:d7:
b2:1a:ee:c1:b4:0a:44:07:33:46:6c:d9:78:29:a8:03:ed:20:
51:f4:ab:02:75:35:5b:ae:fd:7d:6d:30:c4:84:fe:71:fb:8c:
81:7d:1e:18:f3:b0:49:bb:1c:a2:f3:b9:c4:23:6a:18:cf:35:
64:18:25:b0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUE95izifX+0ME35aWYnxahLyX4IwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzExMTkxNzAyNDRaFw0yNDExMTcxNzA3NDRaMDMxMTAvBgNV
BAMTKEEyMjhBODdDQkU2QTgzMzI1N0IxOUVENDQwNUQzRjM2M0JFMkIzNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaWX+AfFiNJ6Am2G91pMTl5YhD
ZKLbrPcSa1ozHU7ByariPt55RU5sTTtmH8ZgZ2JITDDGjOcKm7Op64VbrtLEpoUa
h0aoapQRk7nrigB93pbwbp8GCEKQmIN7UVnRbjYFYe13bU0fy9Sq0DXpEbMe5rTS
UB0qfAP2njLG56aLrV8lsPHtFRvkuUPN8wsVETAgSzUUgOQEt/dVd4HvLVQI6xMj
RKa0uOlq1DP4YcQmZ9XEamUFmctmbzo0xUDzRn/iZspwicFDMmJeHZYoJrLliSIN
boh+TTRV1vFoQ5vB9t00bH6FnrQJFVUzv4g46vEoX44F2rP0zcf13mgFRs0jAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUoiiofL5qgzJXsZ7UQF0/Njvis2UwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTQzMTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YI8w
DQYJKoZIhvcNAQELBQADggEBAEYJxEli/KfPQfEwqsGs209lsGCxU0PTBUwR7xTN
qOezR6x1lwd5iW6ctS5zcd/VF+CPZ8a1ZxQ8Czz7EZSv+IFIimMlePtBfD/u80Bf
PUXlM6zlSxETKqx6u1ADw3VWfZXHIEyS1q5JXjKL9csm6b0HjGVzKvn5ouYe2bsY
7l+fdasIbmZSF+M1g6i+qSt2BabIoxvDqeb4RAUyp2qoImuGsmhXPmi6rRNCleWX
Ig/3526CNbHK/AC9tiT3UVr9Fj8ParLz17Ia7sG0CkQHM0Zs2XgpqAPtIFH0qwJ1
NVuu/X1tMMSE/nH7jIF9HhjzsEm7HKLzucQjahjPNWQYJbA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:02 2024 by rpki-client on console-ams.rpki-client.org