Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210907.roa
File: AS210907.roa (raw, json)
Hash identifier: kKPYiEP7fjCCsKRNMScX+QUMzjLMitb/0T47zMvfRjw=
Subject key identifier: 09:C2:AB:83:71:68:36:3E:85:B1:B6:E0:F5:1D:6B:C8:34:83:C1:EA
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C979231A53276052DD3A22C681B26EE3FA53211
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210907.roa
Signing time: Tue 30 Apr 2024 16:05:16 +0000
ROA not before: Tue 30 Apr 2024 16:00:16 +0000
ROA not after: Tue 29 Apr 2025 16:05:16 +0000
asID: 210907
IP address blocks: 191.101.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:97:92:31:a5:32:76:05:2d:d3:a2:2c:68:1b:26:ee:3f:a5:32:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 30 16:00:16 2024 GMT
Not After : Apr 29 16:05:16 2025 GMT
Subject: CN=09C2AB837168363E85B1B6E0F51D6BC83483C1EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:85:96:17:92:6f:0f:64:db:c6:e3:10:df:0a:
58:98:4f:d3:f8:df:f2:87:a4:ff:da:3e:4f:35:c2:
3f:60:0d:c4:3d:fe:0b:f1:01:1a:d3:27:82:5f:be:
7d:c3:33:42:5a:89:e7:e4:ae:73:2c:e9:47:f5:72:
00:0d:c4:ae:25:66:66:cb:c0:cc:23:5f:f9:db:08:
27:ce:1a:91:c2:d3:57:e0:62:2e:67:2e:0a:ba:ad:
d2:69:0e:09:ed:c4:99:b0:1b:e0:b5:3d:9f:fc:8f:
51:67:66:e8:55:96:72:dd:d1:1d:fe:57:02:de:62:
1b:b3:e3:c0:a2:a7:b7:d6:f9:50:11:75:1a:63:73:
48:12:81:e4:42:2f:83:15:f1:7d:3c:2d:9f:90:42:
71:6b:82:b2:69:c9:54:7e:c5:f7:af:53:d4:f4:8a:
8c:de:ac:10:9a:8a:4b:50:a4:d8:8e:73:8c:72:09:
61:ea:b8:4f:cd:26:80:1b:07:89:65:b2:60:9c:2c:
4e:26:45:fe:ad:e7:db:a9:43:bc:45:12:07:30:b4:
4c:65:0b:76:15:bf:4c:75:97:55:95:89:1e:86:26:
0d:2e:ba:6f:10:d5:df:1a:19:cb:94:3d:74:bd:5e:
06:9b:fe:0f:6b:e3:f6:e0:01:c9:9f:b5:f3:aa:0a:
9e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C2:AB:83:71:68:36:3E:85:B1:B6:E0:F5:1D:6B:C8:34:83:C1:EA
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210907.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.56.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a4:91:a1:c7:eb:ed:b2:d2:95:f4:c3:f0:bc:20:ad:30:e5:
35:c5:eb:71:09:32:e1:ad:19:72:2f:0a:0d:8e:79:c7:17:a2:
30:f7:fc:e9:c1:ec:01:b1:df:f1:fe:11:7a:70:0f:7b:6e:56:
b6:3d:71:9f:c5:c5:ae:3a:4f:dd:c3:12:38:eb:66:d4:ad:20:
24:8b:36:38:5d:a1:a8:cf:aa:66:d4:e9:43:26:4d:10:76:6a:
e9:4d:d6:05:fa:0a:45:98:25:97:49:54:e0:f7:e0:40:27:70:
f1:74:f5:50:09:df:40:94:bb:0b:fb:6c:b8:88:2c:f1:bd:6c:
2c:00:c7:65:f7:82:47:df:99:ca:31:78:02:88:24:50:9a:42:
f2:bc:c1:93:c3:b1:ce:8d:0e:20:c7:8d:e2:b8:da:29:42:dc:
c6:58:4c:de:81:ee:c2:e3:01:65:90:88:a4:92:90:0c:8c:46:
d7:9a:29:8f:85:f9:e1:00:16:7f:e6:3f:ce:de:d6:ed:6e:92:
46:27:54:06:50:9d:e3:f4:9a:e1:e3:0b:7a:d3:36:b3:d9:38:
2b:67:86:f1:21:5f:b0:1d:7f:31:6f:5f:cc:02:4d:de:c5:07:
b2:e5:4f:65:8b:1e:36:12:31:9c:73:e5:45:5d:ad:44:23:c9:
7e:b1:cf:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPJeSMaUydgUt06IsaBsm7j+lMhEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MzAxNjAwMTZaFw0yNTA0MjkxNjA1MTZaMDMxMTAvBgNV
BAMTKDA5QzJBQjgzNzE2ODM2M0U4NUIxQjZFMEY1MUQ2QkM4MzQ4M0MxRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMhZYXkm8PZNvG4xDfCliYT9P4
3/KHpP/aPk81wj9gDcQ9/gvxARrTJ4Jfvn3DM0JaiefkrnMs6Uf1cgANxK4lZmbL
wMwjX/nbCCfOGpHC01fgYi5nLgq6rdJpDgntxJmwG+C1PZ/8j1FnZuhVlnLd0R3+
VwLeYhuz48Cip7fW+VARdRpjc0gSgeRCL4MV8X08LZ+QQnFrgrJpyVR+xfevU9T0
iozerBCaiktQpNiOc4xyCWHquE/NJoAbB4llsmCcLE4mRf6t59upQ7xFEgcwtExl
C3YVv0x1l1WViR6GJg0uum8Q1d8aGcuUPXS9Xgab/g9r4/bgAcmftfOqCp7XAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUCcKrg3FoNj6Fsbbg9R1ryDSDweowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwOTA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2U4
MA0GCSqGSIb3DQEBCwUAA4IBAQCUpJGhx+vtstKV9MPwvCCtMOU1xetxCTLhrRly
LwoNjnnHF6Iw9/zpwewBsd/x/hF6cA97bla2PXGfxcWuOk/dwxI462bUrSAkizY4
XaGoz6pm1OlDJk0QdmrpTdYF+gpFmCWXSVTg9+BAJ3DxdPVQCd9AlLsL+2y4iCzx
vWwsAMdl94JH35nKMXgCiCRQmkLyvMGTw7HOjQ4gx43iuNopQtzGWEzege7C4wFl
kIikkpAMjEbXmimPhfnhABZ/5j/O3tbtbpJGJ1QGUJ3j9Jrh4wt60zaz2TgrZ4bx
IV+wHX8xb1/MAk3exQey5U9lix42EjGcc+VFXa1EI8l+sc9j
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:04 2025 by rpki-client