Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS201088.roa
File: AS201088.roa (raw, json)
Hash identifier: jsslbiwa1DdRhiW57Op6mbn2eb10Fzad/VcsQzQicCg=
Subject key identifier: DC:89:C5:8D:FC:3E:BB:73:D8:10:1B:1E:59:B4:1B:73:22:48:D0:C2
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6898A6C982C6FFC59F4219E2F8A908CA5DBD7A42
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS201088.roa
Signing time: Wed 29 May 2024 08:05:16 +0000
ROA not before: Wed 29 May 2024 08:00:16 +0000
ROA not after: Wed 28 May 2025 08:05:16 +0000
asID: 201088
IP address blocks: 191.96.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 00:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:98:a6:c9:82:c6:ff:c5:9f:42:19:e2:f8:a9:08:ca:5d:bd:7a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 29 08:00:16 2024 GMT
Not After : May 28 08:05:16 2025 GMT
Subject: CN=DC89C58DFC3EBB73D8101B1E59B41B732248D0C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4d:09:11:cd:6b:78:8a:f8:42:4c:f0:6b:0e:
bb:1d:b8:75:57:70:ee:24:8f:75:d2:71:82:c1:94:
a9:e5:b4:7c:f6:2d:84:b0:31:b7:ee:b4:a9:0d:eb:
19:00:96:1c:94:34:77:7a:5f:91:30:e9:64:bf:68:
61:ff:27:c9:d9:58:d2:59:31:61:2b:54:f3:a0:a8:
9a:e6:ca:b3:7e:42:11:84:34:7c:8b:eb:66:73:4c:
6b:48:10:6c:3c:10:17:d8:2c:21:c8:80:5c:04:38:
54:05:e8:16:e4:91:49:81:57:86:ce:d2:2f:f0:e6:
13:bb:fc:e2:b7:83:36:d7:07:7c:04:8a:7d:0a:42:
93:ed:41:13:6d:5d:35:6f:1e:28:59:b7:e9:34:f9:
09:a4:f3:27:b1:b5:b4:75:a3:3c:d1:09:7b:aa:b0:
30:55:39:0e:c9:57:3d:8b:3e:8e:39:b9:53:7e:3f:
d4:7a:70:2f:d4:49:89:73:11:df:4c:68:d0:44:d2:
5c:79:06:3c:ba:31:50:28:f5:85:c7:96:b5:24:d3:
54:7b:b0:6c:ea:40:1d:64:95:c3:51:03:2d:51:6a:
63:a6:ee:09:b4:fd:92:a3:bb:9e:14:26:6b:e9:0e:
02:30:b2:9f:f3:82:60:fa:a0:03:f2:4f:66:df:65:
21:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:89:C5:8D:FC:3E:BB:73:D8:10:1B:1E:59:B4:1B:73:22:48:D0:C2
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS201088.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.130.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:cb:6e:ef:a0:b0:18:23:5a:70:3a:77:0e:79:19:ce:3f:19:
f1:30:7d:58:e8:04:73:98:82:be:20:85:72:85:44:ab:30:03:
29:42:7f:44:ed:c4:0d:c4:15:16:2d:5e:e9:87:9a:65:f8:c8:
2a:a2:c1:74:bb:25:2f:33:69:28:73:1b:90:3e:0a:1c:5d:f5:
54:84:ee:e5:80:50:a4:19:12:b5:5c:74:b6:b4:bd:34:50:42:
d0:a5:47:de:52:5f:c7:24:79:c1:0a:85:3f:fd:49:ed:a6:86:
20:be:35:2d:f8:e2:6a:a7:96:14:d6:1e:1a:95:aa:87:1d:24:
68:03:78:ef:d3:d2:d3:f5:4d:e5:6e:54:08:28:e5:15:bf:9e:
db:53:cc:80:d3:85:a0:cb:be:71:53:46:0b:59:3e:1d:6f:be:
2d:c0:7c:8a:73:30:0a:82:b2:b9:c6:5e:6e:aa:73:ad:fa:ca:
c4:69:36:ed:88:60:ab:3e:e1:b2:4f:73:74:1f:3a:7e:bb:01:
2f:73:4f:6a:3a:2c:cc:66:0e:40:f8:2d:f6:bb:b3:f9:33:cc:
24:1e:e5:aa:c7:8d:4b:1a:7e:60:99:c0:8c:88:8c:4c:95:a5:
3f:0a:fb:fd:57:de:81:67:01:df:d9:f3:b7:44:c8:6c:cd:6b:
02:ad:aa:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUaJimyYLG/8WfQhni+KkIyl29ekIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA1MjkwODAwMTZaFw0yNTA1MjgwODA1MTZaMDMxMTAvBgNV
BAMTKERDODlDNThERkMzRUJCNzNEODEwMUIxRTU5QjQxQjczMjI0OEQwQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTTQkRzWt4ivhCTPBrDrsduHVX
cO4kj3XScYLBlKnltHz2LYSwMbfutKkN6xkAlhyUNHd6X5Ew6WS/aGH/J8nZWNJZ
MWErVPOgqJrmyrN+QhGENHyL62ZzTGtIEGw8EBfYLCHIgFwEOFQF6BbkkUmBV4bO
0i/w5hO7/OK3gzbXB3wEin0KQpPtQRNtXTVvHihZt+k0+Qmk8yextbR1ozzRCXuq
sDBVOQ7JVz2LPo45uVN+P9R6cC/USYlzEd9MaNBE0lx5Bjy6MVAo9YXHlrUk01R7
sGzqQB1klcNRAy1RamOm7gm0/ZKju54UJmvpDgIwsp/zgmD6oAPyT2bfZSF9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU3InFjfw+u3PYEBseWbQbcyJI0MIwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAxMDg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2CC
MA0GCSqGSIb3DQEBCwUAA4IBAQCky27voLAYI1pwOncOeRnOPxnxMH1Y6ARzmIK+
IIVyhUSrMAMpQn9E7cQNxBUWLV7ph5pl+MgqosF0uyUvM2kocxuQPgocXfVUhO7l
gFCkGRK1XHS2tL00UELQpUfeUl/HJHnBCoU//UntpoYgvjUt+OJqp5YU1h4alaqH
HSRoA3jv09LT9U3lblQIKOUVv57bU8yA04Wgy75xU0YLWT4db74twHyKczAKgrK5
xl5uqnOt+srEaTbtiGCrPuGyT3N0Hzp+uwEvc09qOizMZg5A+C32u7P5M8wkHuWq
x41LGn5gmcCMiIxMlaU/Cvv9V96BZwHf2fO3RMhszWsCrapv
-----END CERTIFICATE-----
Generated at Thu Aug 1 02:12:40 2024 by rpki-client on console-fra.rpki-client.org