Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213060.roa
File: AS213060.roa (raw, json)
Hash identifier: 6+ELrrqQRbRSP+oMTDQ4KtDN6Lj4N/i6u9A3WvSzhso=
Subject key identifier: 3C:4D:83:9B:23:3D:6F:6D:77:CB:F7:0B:A4:F2:BE:64:02:42:2B:52
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 08001C8AE45B8CA34F0EAF5C4AB442AE37C5C015
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213060.roa
Signing time: Wed 20 Nov 2024 07:12:20 +0000
ROA not before: Wed 20 Nov 2024 07:07:20 +0000
ROA not after: Wed 19 Nov 2025 07:12:20 +0000
asID: 213060
IP address blocks: 45.231.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 14:55:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:00:1c:8a:e4:5b:8c:a3:4f:0e:af:5c:4a:b4:42:ae:37:c5:c0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 20 07:07:20 2024 GMT
Not After : Nov 19 07:12:20 2025 GMT
Subject: CN=3C4D839B233D6F6D77CBF70BA4F2BE6402422B52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:05:ad:2f:e1:05:99:b2:8b:b0:1d:67:4b:25:
71:d0:bd:a8:74:b9:65:66:67:37:ec:fe:db:91:df:
35:6e:14:bb:20:e9:cb:f7:14:b9:c6:af:b0:e1:80:
6f:26:63:5f:91:d2:ff:2f:73:99:84:cc:fb:78:f9:
5b:ff:8c:6f:7f:51:c7:d0:6b:b5:1e:af:be:11:dd:
06:08:99:76:2a:cf:d8:43:f0:72:e8:62:88:a0:a2:
0b:bc:c4:06:70:cf:5f:73:d5:1d:ca:ce:a6:c2:2f:
e6:84:c0:b9:16:d0:47:7a:cb:98:36:d1:da:af:f6:
c5:04:f6:06:3b:ff:fd:37:7f:f3:b0:0c:47:c1:05:
97:9f:b1:71:30:9f:bc:be:89:fa:a5:df:83:49:9b:
9b:3d:4e:5d:d0:4d:52:23:7f:17:b9:e8:85:80:fe:
09:f9:cb:74:53:b3:6b:d2:ae:4e:a8:e1:1d:9f:54:
66:3c:a8:75:5d:69:5d:ac:31:45:ef:26:44:77:29:
9b:e5:fe:46:c6:a7:78:d3:a9:cc:a3:65:aa:6e:ee:
0f:97:66:e0:09:fd:79:96:18:4b:fd:d0:d2:d6:4e:
c2:ab:76:58:ac:2a:2c:9e:6b:dd:c4:2e:dc:36:29:
44:f1:f9:d0:20:79:eb:52:4c:51:7c:04:cb:54:e8:
cb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:4D:83:9B:23:3D:6F:6D:77:CB:F7:0B:A4:F2:BE:64:02:42:2B:52
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS213060.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.231.206.0/24
Signature Algorithm: sha256WithRSAEncryption
96:29:f2:90:35:7d:3c:6f:61:39:42:fd:83:55:52:8a:9e:9a:
89:d3:74:50:2a:95:64:06:68:16:0d:7a:4a:1a:7d:b1:dd:9b:
bd:46:d2:ba:9c:e1:5f:1a:48:b5:4b:f6:c4:f3:aa:fb:4e:17:
43:e1:43:c3:18:15:24:94:cf:35:57:2f:60:23:65:a9:e5:7c:
ee:25:64:8d:07:09:e8:82:bb:44:ea:c5:22:62:16:18:37:e4:
2f:96:50:0d:ef:95:23:95:66:71:72:b4:de:f6:df:af:b1:fe:
20:25:7f:14:38:8f:4a:ae:84:ec:ff:a7:1d:89:e6:e0:06:aa:
19:c8:3a:35:a6:f1:93:3c:f3:7d:9f:84:88:2d:6b:06:6e:22:
c4:31:d6:79:94:ae:a6:29:63:cf:7a:ef:ab:45:73:84:0b:7c:
5d:d0:1e:fc:df:1a:0d:d9:98:de:74:2e:d8:4c:96:08:69:01:
87:8e:e5:20:de:29:9d:ac:23:d2:f2:ad:70:91:41:18:9d:1e:
23:6a:05:78:83:b6:7e:93:35:f3:95:48:ff:b4:28:4d:7b:b1:
7d:25:cc:49:db:07:45:bd:46:44:f2:e7:d0:28:c7:1e:d3:7f:
75:10:98:83:b8:22:b5:2c:cc:9d:7b:ce:64:ab:84:40:9b:31:
8d:6b:15:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUCAAciuRbjKNPDq9cSrRCrjfFwBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDExMjAwNzA3MjBaFw0yNTExMTkwNzEyMjBaMDMxMTAvBgNV
BAMTKDNDNEQ4MzlCMjMzRDZGNkQ3N0NCRjcwQkE0RjJCRTY0MDI0MjJCNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZBa0v4QWZsouwHWdLJXHQvah0
uWVmZzfs/tuR3zVuFLsg6cv3FLnGr7DhgG8mY1+R0v8vc5mEzPt4+Vv/jG9/UcfQ
a7Uer74R3QYImXYqz9hD8HLoYoigogu8xAZwz19z1R3KzqbCL+aEwLkW0Ed6y5g2
0dqv9sUE9gY7//03f/OwDEfBBZefsXEwn7y+ifql34NJm5s9Tl3QTVIjfxe56IWA
/gn5y3RTs2vSrk6o4R2fVGY8qHVdaV2sMUXvJkR3KZvl/kbGp3jTqcyjZapu7g+X
ZuAJ/XmWGEv90NLWTsKrdlisKiyea93ELtw2KUTx+dAgeetSTFF8BMtU6MvrAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUPE2DmyM9b213y/cLpPK+ZAJCK1IwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEzMDYwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALefO
MA0GCSqGSIb3DQEBCwUAA4IBAQCWKfKQNX08b2E5Qv2DVVKKnpqJ03RQKpVkBmgW
DXpKGn2x3Zu9RtK6nOFfGki1S/bE86r7ThdD4UPDGBUklM81Vy9gI2Wp5XzuJWSN
BwnogrtE6sUiYhYYN+QvllAN75UjlWZxcrTe9t+vsf4gJX8UOI9KroTs/6cdiebg
BqoZyDo1pvGTPPN9n4SILWsGbiLEMdZ5lK6mKWPPeu+rRXOEC3xd0B783xoN2Zje
dC7YTJYIaQGHjuUg3imdrCPS8q1wkUEYnR4jagV4g7Z+kzXzlUj/tChNe7F9JcxJ
2wdFvUZE8ufQKMce0391EJiDuCK1LMyde85kq4RAmzGNaxVS
-----END CERTIFICATE-----
Generated at Wed Nov 20 17:30:19 2024 by rpki-client on console-fra.rpki-client.org