Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215479.roa
File: AS215479.roa (raw, json)
Hash identifier: F5UdiUb+LuqB0Np7JqS+7ox2wg+UF8QBFemoFaLkzCs=
Subject key identifier: 49:61:FF:AA:FF:08:CF:F9:37:44:0C:BB:DB:5F:6A:45:6E:C2:DD:2E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 42BA4967937D9185D705BFD1114844CCA7FCF7A8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215479.roa
Signing time: Sun 10 Mar 2024 00:50:29 +0000
ROA not before: Sun 10 Mar 2024 00:45:29 +0000
ROA not after: Sun 09 Mar 2025 00:50:29 +0000
asID: 215479
IP address blocks: 191.96.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:ba:49:67:93:7d:91:85:d7:05:bf:d1:11:48:44:cc:a7:fc:f7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 10 00:45:29 2024 GMT
Not After : Mar 9 00:50:29 2025 GMT
Subject: CN=4961FFAAFF08CFF937440CBBDB5F6A456EC2DD2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:59:e0:62:bd:62:b9:b1:b6:5f:91:87:c0:54:
21:41:e1:72:a0:81:f2:76:6f:d7:16:fe:c7:e4:cc:
6e:5b:1a:c4:60:06:77:a2:af:f9:9c:0c:18:3d:d2:
0d:7a:aa:70:40:7c:61:0f:60:11:ba:2a:23:39:ab:
64:ce:a7:ee:da:ac:19:71:0f:2c:95:98:fd:e8:94:
3b:c6:cf:c0:81:9f:7e:ae:ba:3b:9e:13:9c:12:a1:
c2:b1:e1:bf:b3:af:4f:c4:ac:2e:6f:d4:ea:bd:a2:
b9:a4:a0:d4:65:e8:a4:99:28:a7:d4:63:72:c2:dd:
6d:d0:2f:04:e2:7c:77:dc:d4:7a:25:00:1c:8b:06:
a9:b9:1d:88:7f:0e:61:b6:2b:7a:70:9e:4a:01:05:
b3:28:b9:df:fd:19:0b:0d:29:6d:10:53:7a:5d:a5:
df:53:55:b6:ec:9e:21:76:78:50:4d:ec:1c:21:e0:
84:e1:28:a7:f5:69:12:29:2f:66:d0:ef:22:c2:26:
84:f4:2c:84:c8:08:a1:70:e5:26:0c:42:1a:29:e6:
43:5b:af:e2:0f:da:1b:9b:89:65:ad:3b:0a:c0:12:
25:86:35:59:4a:e2:b2:0e:eb:89:38:59:8b:6e:63:
f2:5a:c4:1c:7a:a6:d6:bf:86:5f:ba:04:9b:bc:1c:
ac:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:61:FF:AA:FF:08:CF:F9:37:44:0C:BB:DB:5F:6A:45:6E:C2:DD:2E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215479.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.204.0/24
Signature Algorithm: sha256WithRSAEncryption
85:b9:59:35:d8:c4:80:da:3e:86:df:0e:77:ac:79:7e:0c:c1:
ec:64:f0:65:12:14:b3:e7:a3:80:41:58:f7:93:84:77:34:26:
e2:db:78:39:8c:f1:c2:fb:c4:88:79:e0:92:6e:3c:85:ba:32:
28:fa:03:16:e6:56:ec:13:d7:c8:51:75:52:c7:bd:f5:24:c2:
f6:a9:9b:23:82:c1:a4:66:7f:95:fb:eb:89:b2:cf:fb:57:85:
42:17:0b:ea:f8:36:2f:2b:e0:57:38:5d:de:0b:2d:d5:d2:1c:
7f:27:83:e4:72:a1:10:f9:5e:d7:88:18:aa:58:36:f1:dc:56:
a2:62:cc:1b:30:1d:56:56:c9:ea:07:b5:83:69:82:23:ab:38:
94:32:0b:eb:09:8d:2e:c6:c9:d4:3a:97:27:83:a9:1f:4e:d9:
3c:67:fa:e6:99:4c:de:9e:54:d3:f5:5a:18:ba:4b:b9:4d:9e:
99:0c:cc:b2:0d:2c:4c:ba:bb:c0:03:00:bc:a1:22:76:ff:a5:
05:86:a9:ca:69:64:06:98:c4:26:39:5a:1f:db:4c:87:de:35:
8b:af:ea:39:14:02:53:53:87:31:07:2c:96:dd:15:7f:a8:d4:
c2:d2:81:d5:56:1f:e5:f5:d8:92:54:11:1c:8e:25:d4:b7:29:
68:e2:2c:b1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUQrpJZ5N9kYXXBb/REUhEzKf896gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMTAwMDQ1MjlaFw0yNTAzMDkwMDUwMjlaMDMxMTAvBgNV
BAMTKDQ5NjFGRkFBRkYwOENGRjkzNzQ0MENCQkRCNUY2QTQ1NkVDMkREMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjWeBivWK5sbZfkYfAVCFB4XKg
gfJ2b9cW/sfkzG5bGsRgBneir/mcDBg90g16qnBAfGEPYBG6KiM5q2TOp+7arBlx
DyyVmP3olDvGz8CBn36uujueE5wSocKx4b+zr0/ErC5v1Oq9ormkoNRl6KSZKKfU
Y3LC3W3QLwTifHfc1HolAByLBqm5HYh/DmG2K3pwnkoBBbMoud/9GQsNKW0QU3pd
pd9TVbbsniF2eFBN7Bwh4IThKKf1aRIpL2bQ7yLCJoT0LITICKFw5SYMQhop5kNb
r+IP2hubiWWtOwrAEiWGNVlK4rIO64k4WYtuY/JaxBx6pta/hl+6BJu8HKwhAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUSWH/qv8Iz/k3RAy7219qRW7C3S4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1NDc5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2DM
MA0GCSqGSIb3DQEBCwUAA4IBAQCFuVk12MSA2j6G3w53rHl+DMHsZPBlEhSz56OA
QVj3k4R3NCbi23g5jPHC+8SIeeCSbjyFujIo+gMW5lbsE9fIUXVSx731JML2qZsj
gsGkZn+V++uJss/7V4VCFwvq+DYvK+BXOF3eCy3V0hx/J4PkcqEQ+V7XiBiqWDbx
3FaiYswbMB1WVsnqB7WDaYIjqziUMgvrCY0uxsnUOpcng6kfTtk8Z/rmmUzenlTT
9VoYuku5TZ6ZDMyyDSxMurvAAwC8oSJ2/6UFhqnKaWQGmMQmOVof20yH3jWLr+o5
FAJTU4cxByyW3RV/qNTC0oHVVh/l9diSVBEcjiXUtylo4iyx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org