Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS17072.roa
File: AS17072.roa (raw, json)
Hash identifier: +kBhUUANHXtpAeovUrGexasNamuTKNhBnERxFj2SX9Y=
Subject key identifier: E1:80:A4:DB:F8:B8:06:AF:C6:91:57:85:EB:3B:13:69:F7:AD:75:36
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C43DCA30B77C415D12373D4E58D6966AAE54EB1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS17072.roa
Signing time: Wed 05 Jun 2024 06:04:28 +0000
ROA not before: Wed 05 Jun 2024 05:59:28 +0000
ROA not after: Wed 04 Jun 2025 06:04:28 +0000
asID: 17072
IP address blocks: 191.96.145.0/24 maxlen: 24
191.96.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 02 Nov 2024 10:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:43:dc:a3:0b:77:c4:15:d1:23:73:d4:e5:8d:69:66:aa:e5:4e:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 5 05:59:28 2024 GMT
Not After : Jun 4 06:04:28 2025 GMT
Subject: CN=E180A4DBF8B806AFC6915785EB3B1369F7AD7536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e9:9e:2d:b9:c1:3c:9f:07:8d:65:78:0c:31:
52:16:a7:cb:a1:56:38:5f:ac:91:40:a3:f1:fa:ad:
df:62:c3:45:37:7d:ad:a8:f7:a7:e4:81:45:7c:17:
46:0c:b3:66:eb:19:55:b0:d7:bb:2c:08:4b:4b:f3:
a3:e9:8b:ba:80:12:a3:55:8b:96:bc:0f:d9:b7:7f:
45:0a:76:58:8d:65:61:92:e4:42:d8:e6:ad:10:f3:
b0:0e:f3:77:3a:c3:26:f6:51:c1:f6:e5:54:f1:f0:
d8:6a:02:e4:8b:52:8c:48:1c:a2:91:eb:b6:84:ae:
98:a6:4c:09:02:e5:63:ce:dc:72:38:ef:29:2a:2b:
6f:8b:99:20:1e:67:67:8d:0b:f2:ba:4e:50:03:12:
26:4d:22:aa:38:d6:f2:79:0c:bb:53:53:6d:41:c3:
1f:40:14:9b:36:f9:05:6b:28:87:c5:c1:14:08:d9:
01:f7:b1:2e:6f:d9:06:29:99:e8:14:88:28:1a:85:
ab:98:67:09:9d:b2:fe:ee:0b:bd:00:f1:9a:31:37:
99:0b:5c:6e:0b:89:e0:0a:46:d4:de:c2:44:21:35:
b4:c8:d8:52:90:67:68:b5:05:ef:e7:19:c8:4d:35:
b0:8f:bb:01:ce:94:a6:2d:b4:3a:b2:a7:1e:e6:68:
41:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:80:A4:DB:F8:B8:06:AF:C6:91:57:85:EB:3B:13:69:F7:AD:75:36
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS17072.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.145.0/24
191.96.190.0/24
Signature Algorithm: sha256WithRSAEncryption
76:b6:18:b7:e9:dd:a1:7c:6b:6a:22:d2:a3:9e:9c:c9:ae:0d:
a7:bb:a1:cf:8e:07:10:63:94:08:2d:ea:ea:38:b8:c0:27:39:
9e:f4:34:34:79:8f:1f:c3:22:cf:9c:16:62:f5:21:87:27:48:
08:03:ab:7b:40:0a:98:9f:20:ec:05:7f:f5:b5:1c:2f:b2:75:
93:be:8b:c6:04:00:44:65:87:10:e8:d1:31:70:b4:45:0d:e1:
ae:01:60:dc:e3:e2:82:0c:78:4d:24:7e:0e:a8:16:0c:7c:58:
0c:dd:6f:e2:ec:7f:80:a3:7a:16:58:7e:57:ef:9b:dd:d3:74:
8a:66:60:73:bd:7a:15:f3:dc:89:f5:67:71:fb:12:f2:50:e4:
ed:eb:ba:50:0f:2d:22:38:fd:bf:32:cd:f5:2c:98:f0:cb:1a:
63:c3:bc:c3:6d:53:67:30:a0:14:3d:c5:00:3c:02:5a:32:7f:
92:1a:e6:14:26:64:49:b1:1a:d0:85:07:a1:bf:d9:c4:f5:21:
b0:c0:8b:2f:a9:12:d3:31:95:48:ee:da:ae:90:92:30:de:fc:
fd:bd:98:e9:7c:12:64:dc:1a:43:75:d5:7d:b3:cf:21:45:49:
a2:a2:bf:62:df:16:08:23:c4:3d:9e:d4:c8:e5:94:15:59:d3:
a5:bc:d5:11
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUPEPcowt3xBXRI3PU5Y1pZqrlTrEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MDUwNTU5MjhaFw0yNTA2MDQwNjA0MjhaMDMxMTAvBgNV
BAMTKEUxODBBNERCRjhCODA2QUZDNjkxNTc4NUVCM0IxMzY5RjdBRDc1MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP6Z4tucE8nweNZXgMMVIWp8uh
VjhfrJFAo/H6rd9iw0U3fa2o96fkgUV8F0YMs2brGVWw17ssCEtL86Ppi7qAEqNV
i5a8D9m3f0UKdliNZWGS5ELY5q0Q87AO83c6wyb2UcH25VTx8NhqAuSLUoxIHKKR
67aErpimTAkC5WPO3HI47ykqK2+LmSAeZ2eNC/K6TlADEiZNIqo41vJ5DLtTU21B
wx9AFJs2+QVrKIfFwRQI2QH3sS5v2QYpmegUiCgahauYZwmdsv7uC70A8ZoxN5kL
XG4LieAKRtTewkQhNbTI2FKQZ2i1Be/nGchNNbCPuwHOlKYttDqypx7maEFzAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU4YCk2/i4Bq/GkVeF6zsTafetdTYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTcwNzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC/YJED
BAC/YL4wDQYJKoZIhvcNAQELBQADggEBAHa2GLfp3aF8a2oi0qOenMmuDae7oc+O
BxBjlAgt6uo4uMAnOZ70NDR5jx/DIs+cFmL1IYcnSAgDq3tACpifIOwFf/W1HC+y
dZO+i8YEAERlhxDo0TFwtEUN4a4BYNzj4oIMeE0kfg6oFgx8WAzdb+Lsf4CjehZY
flfvm93TdIpmYHO9ehXz3In1Z3H7EvJQ5O3rulAPLSI4/b8yzfUsmPDLGmPDvMNt
U2cwoBQ9xQA8Aloyf5Ia5hQmZEmxGtCFB6G/2cT1IbDAiy+pEtMxlUju2q6QkjDe
/P29mOl8EmTcGkN11X2zzyFFSaKiv2LfFggjxD2e1MjllBVZ06W81RE=
-----END CERTIFICATE-----
Generated at Sat Nov 2 12:29:07 2024 by rpki-client on console-ams.rpki-client.org