Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197789.roa
File: AS197789.roa (raw, json)
Hash identifier: Yr3fKIL/2gZ7uMJnNXsq3UA61dodhN/N5mVaVfl1zvs=
Subject key identifier: 10:0A:5C:0D:53:4C:AD:21:A5:D3:59:BB:68:A7:21:5D:AF:39:BB:E1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6A6FFAD22EE45331C32B825578D15495D4D7998C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197789.roa
Signing time: Mon 01 Jan 2024 00:00:07 +0000
ROA not before: Sun 31 Dec 2023 23:55:07 +0000
ROA not after: Mon 30 Dec 2024 00:00:07 +0000
asID: 197789
IP address blocks: 2a0a:b600::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Apr 2024 11:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:6f:fa:d2:2e:e4:53:31:c3:2b:82:55:78:d1:54:95:d4:d7:99:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 31 23:55:07 2023 GMT
Not After : Dec 30 00:00:07 2024 GMT
Subject: CN=100A5C0D534CAD21A5D359BB68A7215DAF39BBE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:68:3f:9b:bf:e5:72:d3:b7:2a:0f:8c:d9:04:
ff:48:3b:33:06:61:84:f6:cd:f0:88:0e:ec:8a:d1:
95:84:28:98:89:0b:83:a0:23:d1:2f:f0:7c:d7:e3:
51:0f:e5:3d:54:1b:9e:23:35:a2:41:b0:24:96:a2:
78:af:5e:eb:64:2c:68:09:fc:bd:e5:aa:01:3f:67:
54:db:29:68:71:24:84:92:bd:68:df:91:b4:7c:2c:
62:23:d0:a8:df:96:4e:a3:0f:13:53:8e:61:43:97:
6d:4e:80:1f:32:da:1e:86:e2:98:0d:2f:68:3a:bd:
91:75:0f:dc:5c:f7:51:16:54:bd:77:a4:46:a7:6c:
e1:76:e3:6e:51:53:75:9e:0a:ac:66:b0:4b:3a:9e:
ef:51:8c:31:eb:55:30:34:f4:d0:61:ae:0f:92:d7:
d9:10:05:54:50:9b:3d:35:6b:a7:ad:fb:18:38:51:
a5:2d:01:a5:b7:9c:2f:1d:66:49:5d:a5:97:fa:02:
b3:44:58:d5:5f:b5:61:78:30:d3:ae:97:83:52:0e:
f2:ff:d9:33:7b:59:cd:7a:74:07:df:2d:44:72:2b:
7a:31:78:9e:98:f7:1e:07:5e:13:83:b6:f7:f7:f3:
76:89:2d:af:98:89:29:00:84:8a:bf:92:b5:94:e9:
5a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0A:5C:0D:53:4C:AD:21:A5:D3:59:BB:68:A7:21:5D:AF:39:BB:E1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS197789.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:b600::/29
Signature Algorithm: sha256WithRSAEncryption
72:17:f1:4d:79:82:13:9c:ad:81:eb:7b:8e:70:b5:61:ab:29:
72:cb:35:5f:09:0f:c2:c4:2d:8b:6b:1c:66:da:fb:41:fa:75:
c0:7e:25:94:14:1c:df:5d:5f:49:7d:16:fa:3b:02:d3:41:af:
3b:24:4a:fb:07:45:b9:23:c0:8a:60:ad:2d:7f:12:9d:34:a9:
d6:48:f1:70:31:ec:1f:bf:59:1a:36:ea:ab:0a:f6:ee:78:84:
a0:7a:fb:28:f8:c0:bd:e7:0c:cb:db:1f:cd:a9:99:7d:00:a2:
5b:77:57:a8:41:7c:1d:66:14:5e:f5:f2:6d:1a:db:7c:3d:f7:
8c:38:c8:cb:f1:de:3a:80:16:31:99:9a:81:48:93:0c:17:58:
ae:ef:73:29:08:1c:90:b7:4b:d5:91:b5:ac:cf:a5:b6:80:c0:
2b:8e:e2:55:db:d1:22:73:b7:5d:83:93:1f:ae:ef:7b:04:20:
e4:28:01:30:06:c8:9a:cc:fa:88:89:8e:8d:9c:0d:dd:40:04:
2a:6c:3b:8a:99:ae:81:77:19:a6:7c:34:01:03:56:90:1d:fc:
7f:44:f5:15:a0:c7:cf:63:9d:51:5f:fe:67:09:db:65:2f:dc:
78:fe:3b:fb:57:b7:02:cb:f3:db:9d:5a:3e:75:a6:6f:19:cc:
2c:28:73:36
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUam/60i7kUzHDK4JVeNFUldTXmYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEyMzEyMzU1MDdaFw0yNDEyMzAwMDAwMDdaMDMxMTAvBgNV
BAMTKDEwMEE1QzBENTM0Q0FEMjFBNUQzNTlCQjY4QTcyMTVEQUYzOUJCRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPaD+bv+Vy07cqD4zZBP9IOzMG
YYT2zfCIDuyK0ZWEKJiJC4OgI9Ev8HzX41EP5T1UG54jNaJBsCSWonivXutkLGgJ
/L3lqgE/Z1TbKWhxJISSvWjfkbR8LGIj0Kjflk6jDxNTjmFDl21OgB8y2h6G4pgN
L2g6vZF1D9xc91EWVL13pEanbOF2425RU3WeCqxmsEs6nu9RjDHrVTA09NBhrg+S
19kQBVRQmz01a6et+xg4UaUtAaW3nC8dZkldpZf6ArNEWNVftWF4MNOul4NSDvL/
2TN7Wc16dAffLURyK3oxeJ6Y9x4HXhODtvf383aJLa+YiSkAhIq/krWU6VpBAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUEApcDVNMrSGl01m7aKchXa85u+EwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTk3Nzg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgq2
ADANBgkqhkiG9w0BAQsFAAOCAQEAchfxTXmCE5ytget7jnC1Yaspcss1XwkPwsQt
i2scZtr7Qfp1wH4llBQc311fSX0W+jsC00GvOyRK+wdFuSPAimCtLX8SnTSp1kjx
cDHsH79ZGjbqqwr27niEoHr7KPjAvecMy9sfzamZfQCiW3dXqEF8HWYUXvXybRrb
fD33jDjIy/HeOoAWMZmagUiTDBdYru9zKQgckLdL1ZG1rM+ltoDAK47iVdvRInO3
XYOTH67vewQg5CgBMAbImsz6iImOjZwN3UAEKmw7ipmugXcZpnw0AQNWkB38f0T1
FaDHz2OdUV/+ZwnbZS/ceP47+1e3Asvz251aPnWmbxnMLChzNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:14 2024 by rpki-client on console-fra.rpki-client.org