Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215097.roa
File: AS215097.roa (raw, json)
Hash identifier: kdVMzZIYU59qUzyvmKHixX6DPGM4+vyTqYWhCu0VgtY=
Subject key identifier: 5A:D8:F1:6A:44:22:74:C8:CB:4E:DC:06:77:8A:AB:E8:B3:E1:F8:7A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 43F1C728FA0C430CC1B49A16C4C810F772E5FC3B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215097.roa
Signing time: Thu 18 Apr 2024 12:28:38 +0000
ROA not before: Thu 18 Apr 2024 12:23:38 +0000
ROA not after: Thu 17 Apr 2025 12:28:38 +0000
asID: 215097
IP address blocks: 191.101.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Aug 2024 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:f1:c7:28:fa:0c:43:0c:c1:b4:9a:16:c4:c8:10:f7:72:e5:fc:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 18 12:23:38 2024 GMT
Not After : Apr 17 12:28:38 2025 GMT
Subject: CN=5AD8F16A442274C8CB4EDC06778AABE8B3E1F87A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ac:8f:e5:d2:c4:ff:f1:3f:33:1f:6c:75:82:
fb:60:2f:29:15:e6:c4:a1:72:fa:be:b6:fa:0d:01:
54:0e:4c:4e:4f:5e:88:1c:8b:2b:50:4e:14:ea:23:
6e:3c:0f:fe:4b:01:00:9b:65:07:ed:69:b6:44:55:
d2:e5:be:89:d5:d3:e7:c3:11:4c:e2:e9:01:db:dc:
25:86:86:e6:6d:70:e0:e2:de:54:39:3e:da:a6:49:
f8:94:71:24:60:b3:93:71:9e:bb:91:e9:2f:af:d9:
fb:25:ec:b7:aa:90:8b:b6:0e:06:95:c2:13:fc:99:
94:1d:12:e8:93:86:3a:cc:26:71:9d:a9:40:42:9b:
3c:f7:27:3e:fa:70:49:86:e9:70:c1:11:52:f2:1a:
0d:c1:a1:90:91:00:2b:ef:71:0b:f8:2b:ce:73:0e:
3e:2d:b6:73:3b:33:45:0a:02:68:0d:e2:72:e4:d2:
93:fd:4b:e9:4a:61:07:4d:88:4a:ba:a5:3a:70:a6:
f7:23:aa:bf:f5:49:67:3b:a9:be:30:e1:54:be:5f:
48:3a:68:e5:f2:c7:3e:a3:2a:c8:64:82:1d:4e:45:
a8:d8:b8:93:24:23:a0:96:d6:6f:46:9e:b2:cd:ca:
c3:4a:8d:f5:2f:dc:1d:dd:76:8d:fa:59:52:5d:7d:
cd:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D8:F1:6A:44:22:74:C8:CB:4E:DC:06:77:8A:AB:E8:B3:E1:F8:7A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215097.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.9.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:09:2a:ba:9d:45:2a:42:21:d7:a1:7c:21:c8:06:1e:8c:fa:
96:48:fb:54:05:39:c1:d3:6d:97:d3:a6:64:92:e2:31:8c:81:
ed:fc:56:e9:4e:8f:ca:25:79:20:06:84:83:90:ac:93:96:f6:
f0:1a:33:ac:61:59:36:fb:de:7a:f4:4e:52:7b:62:09:71:37:
2c:5e:c0:58:75:49:49:34:32:a4:7b:a8:ad:be:72:20:d1:14:
a9:ee:fe:c1:2b:88:99:98:ba:ca:8e:4a:44:63:20:92:1d:77:
60:4c:94:98:c9:cf:6e:80:8f:25:9e:aa:8c:fe:fe:a6:bf:81:
e9:1e:f6:13:da:05:20:7f:24:4a:ef:c4:f8:8e:17:dc:c1:13:
8f:8b:f8:b1:6a:b9:11:a8:f0:4c:f1:1f:8f:13:d5:70:e7:dc:
03:c1:dc:e7:79:2b:13:d5:dc:bd:4c:a2:56:a6:60:41:da:88:
73:44:87:a2:63:fa:8e:31:aa:71:94:2d:59:22:87:c4:aa:b7:
ac:d1:2a:07:3a:19:c9:08:fc:85:3d:26:4b:1c:8d:3c:c8:20:
fd:49:a1:62:23:3d:25:a7:dd:17:80:50:02:61:a4:82:27:2b:
33:e9:dc:88:48:0c:60:52:a8:cf:58:75:ec:be:59:c6:6d:c4:
d6:7b:08:4a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUQ/HHKPoMQwzBtJoWxMgQ93Ll/DswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA0MTgxMjIzMzhaFw0yNTA0MTcxMjI4MzhaMDMxMTAvBgNV
BAMTKDVBRDhGMTZBNDQyMjc0QzhDQjRFREMwNjc3OEFBQkU4QjNFMUY4N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZrI/l0sT/8T8zH2x1gvtgLykV
5sShcvq+tvoNAVQOTE5PXogciytQThTqI248D/5LAQCbZQftabZEVdLlvonV0+fD
EUzi6QHb3CWGhuZtcODi3lQ5PtqmSfiUcSRgs5NxnruR6S+v2fsl7LeqkIu2DgaV
whP8mZQdEuiThjrMJnGdqUBCmzz3Jz76cEmG6XDBEVLyGg3BoZCRACvvcQv4K85z
Dj4ttnM7M0UKAmgN4nLk0pP9S+lKYQdNiEq6pTpwpvcjqr/1SWc7qb4w4VS+X0g6
aOXyxz6jKshkgh1ORajYuJMkI6CW1m9GnrLNysNKjfUv3B3ddo36WVJdfc1PAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUWtjxakQidMjLTtwGd4qr6LPh+HowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MDk3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2UJ
MA0GCSqGSIb3DQEBCwUAA4IBAQCoCSq6nUUqQiHXoXwhyAYejPqWSPtUBTnB022X
06ZkkuIxjIHt/FbpTo/KJXkgBoSDkKyTlvbwGjOsYVk2+9569E5Se2IJcTcsXsBY
dUlJNDKke6itvnIg0RSp7v7BK4iZmLrKjkpEYyCSHXdgTJSYyc9ugI8lnqqM/v6m
v4HpHvYT2gUgfyRK78T4jhfcwROPi/ixarkRqPBM8R+PE9Vw59wDwdzneSsT1dy9
TKJWpmBB2ohzRIeiY/qOMapxlC1ZIofEqres0SoHOhnJCPyFPSZLHI08yCD9SaFi
Iz0lp90XgFACYaSCJysz6dyISAxgUqjPWHXsvlnGbcTWewhK
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:24 2025 by rpki-client