Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215287.roa
File: AS215287.roa (raw, json)
Hash identifier: 3MkEHxOo3jnSSLBdQZeBXISLYtflX4FDjJdRkNPfwwA=
Subject key identifier: C2:DE:32:52:13:A9:A2:1B:48:4B:15:61:C8:E1:CA:9C:1F:BC:40:DB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6788A25960D4E718D4CC1A75E7C272CB8B5B1714
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215287.roa
Signing time: Wed 16 Oct 2024 00:00:07 +0000
ROA not before: Tue 15 Oct 2024 23:55:07 +0000
ROA not after: Wed 15 Oct 2025 00:00:07 +0000
asID: 215287
IP address blocks: 191.96.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 00:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:88:a2:59:60:d4:e7:18:d4:cc:1a:75:e7:c2:72:cb:8b:5b:17:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 15 23:55:07 2024 GMT
Not After : Oct 15 00:00:07 2025 GMT
Subject: CN=C2DE325213A9A21B484B1561C8E1CA9C1FBC40DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f3:f0:b1:b3:e1:df:32:86:54:c6:08:a4:4e:
56:53:ae:21:dd:80:af:2a:48:cf:bc:10:22:92:4d:
0a:18:11:e1:e9:a9:fe:5b:7a:78:9c:66:a6:3b:7e:
3f:22:f6:ea:0a:7f:0b:39:b8:fc:a7:10:4b:4a:2b:
3c:b3:3d:a9:97:21:5b:14:84:1e:e1:92:a7:c1:f9:
11:25:a4:d4:fe:6d:7e:02:48:aa:f4:31:f3:de:c3:
fd:62:38:b4:83:1f:53:b3:17:60:e4:42:6d:fd:7f:
cb:a2:0c:db:68:83:c1:6b:3a:b2:16:22:27:8f:b4:
ba:65:7f:7d:ee:8a:21:9e:4f:81:64:f0:0e:67:c3:
14:75:a7:f9:43:41:51:5b:0b:ee:46:c0:7c:aa:66:
68:ac:b2:eb:79:d7:ef:b9:1e:9f:1a:87:72:0d:02:
ba:53:47:2b:53:0f:ce:5f:80:f8:25:1a:1f:f4:37:
7c:cd:21:3b:5a:09:a4:52:f3:15:0a:06:43:55:d7:
4e:c3:fa:f8:1f:f0:fe:21:fd:49:a2:0c:69:69:7c:
65:83:70:4a:2d:8a:a0:13:b4:da:22:15:a6:90:12:
0c:d2:24:55:7d:ed:13:4b:f0:78:88:37:ab:02:7a:
98:40:84:e8:af:fb:35:ab:28:24:45:37:c4:be:13:
df:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DE:32:52:13:A9:A2:1B:48:4B:15:61:C8:E1:CA:9C:1F:BC:40:DB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215287.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.137.0/24
Signature Algorithm: sha256WithRSAEncryption
17:fc:9b:5a:07:b0:3c:3d:fa:23:f8:94:5b:c8:54:42:80:b8:
0e:0d:3f:e0:fc:08:46:e1:ae:28:04:de:21:26:dc:dd:5d:e0:
89:6c:b6:a9:31:02:6f:60:a0:03:c4:9f:7f:57:e2:a8:2d:32:
cd:c3:b9:a4:18:f6:f0:a5:02:0e:8b:27:97:ba:01:a6:7c:21:
e6:17:2b:f4:90:33:38:ce:3e:e2:5c:98:a5:b6:20:c6:73:a7:
ee:ed:f0:8d:d6:24:ae:cb:93:09:c1:32:83:4c:88:33:e2:15:
8c:6b:0f:f3:2e:ea:50:86:f9:1c:6e:c3:33:66:a7:4e:49:4c:
d8:75:50:c8:bf:6d:c4:57:c1:70:94:55:95:8b:b3:52:12:0a:
76:b4:c6:32:83:18:98:e8:63:a7:2b:de:fb:f4:59:00:4c:03:
46:66:c6:69:0a:eb:66:52:17:37:87:dc:2a:2e:ff:ac:14:a0:
3b:a6:c0:5c:5d:9a:08:2b:96:3d:ce:d4:bf:b5:a1:d6:c0:b1:
40:65:57:88:80:ea:3c:60:93:72:c2:13:ea:ba:95:1e:7e:9b:
fb:c6:ca:83:70:04:26:ed:1c:e8:c2:a4:15:d7:dc:49:cd:f9:
5f:22:ba:b0:11:6a:d5:e0:d6:2d:e7:ad:e6:83:60:de:0c:46:
36:9a:13:67
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUZ4iiWWDU5xjUzBp158Jyy4tbFxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEwMTUyMzU1MDdaFw0yNTEwMTUwMDAwMDdaMDMxMTAvBgNV
BAMTKEMyREUzMjUyMTNBOUEyMUI0ODRCMTU2MUM4RTFDQTlDMUZCQzQwREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC8/Cxs+HfMoZUxgikTlZTriHd
gK8qSM+8ECKSTQoYEeHpqf5benicZqY7fj8i9uoKfws5uPynEEtKKzyzPamXIVsU
hB7hkqfB+RElpNT+bX4CSKr0MfPew/1iOLSDH1OzF2DkQm39f8uiDNtog8FrOrIW
IiePtLplf33uiiGeT4Fk8A5nwxR1p/lDQVFbC+5GwHyqZmissut51++5Hp8ah3IN
ArpTRytTD85fgPglGh/0N3zNITtaCaRS8xUKBkNV107D+vgf8P4h/UmiDGlpfGWD
cEotiqATtNoiFaaQEgzSJFV97RNL8HiIN6sCephAhOiv+zWrKCRFN8S+E9/nAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUwt4yUhOpohtISxVhyOHKnB+8QNswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1Mjg3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2CJ
MA0GCSqGSIb3DQEBCwUAA4IBAQAX/JtaB7A8Pfoj+JRbyFRCgLgODT/g/AhG4a4o
BN4hJtzdXeCJbLapMQJvYKADxJ9/V+KoLTLNw7mkGPbwpQIOiyeXugGmfCHmFyv0
kDM4zj7iXJiltiDGc6fu7fCN1iSuy5MJwTKDTIgz4hWMaw/zLupQhvkcbsMzZqdO
SUzYdVDIv23EV8FwlFWVi7NSEgp2tMYygxiY6GOnK9779FkATANGZsZpCutmUhc3
h9wqLv+sFKA7psBcXZoIK5Y9ztS/taHWwLFAZVeIgOo8YJNywhPqupUefpv7xsqD
cAQm7RzowqQV19xJzflfIrqwEWrV4NYt563mg2DeDEY2mhNn
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:58 2025 by rpki-client