Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216022.roa
File: AS216022.roa (raw, json)
Hash identifier: FYv/rzP08uHb8wHTWDo+ODmxvPdDNr0mUnxYYRtxW0w=
Subject key identifier: 1E:5C:6F:07:89:19:CA:53:3F:62:53:CB:CC:FA:97:4B:27:E0:08:18
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6BCEC3FA7328C8FE092ACF0A8A6B8C069AFF3AED
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216022.roa
Signing time: Fri 30 Aug 2024 07:36:12 +0000
ROA not before: Fri 30 Aug 2024 07:31:12 +0000
ROA not after: Fri 29 Aug 2025 07:36:12 +0000
asID: 216022
IP address blocks: 191.101.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 00:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ce:c3:fa:73:28:c8:fe:09:2a:cf:0a:8a:6b:8c:06:9a:ff:3a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 30 07:31:12 2024 GMT
Not After : Aug 29 07:36:12 2025 GMT
Subject: CN=1E5C6F078919CA533F6253CBCCFA974B27E00818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:ed:82:a8:0f:57:f1:90:d0:98:2f:3b:8c:
11:86:10:07:50:8b:9c:83:e2:71:9b:26:67:e5:98:
2c:35:d3:4f:21:d0:76:40:2d:42:0e:67:e0:09:eb:
13:41:94:05:28:ee:cf:20:45:df:67:e0:39:bc:ea:
76:78:dc:75:cd:af:2b:a1:67:28:99:3b:12:ee:17:
f5:31:e3:5a:6f:b5:64:36:57:5d:e3:1a:5d:5c:15:
bf:d5:56:30:24:25:bf:e7:3b:c8:3b:4e:eb:3d:a3:
65:b1:d6:63:a9:33:74:62:a6:9d:66:c3:11:40:2d:
40:78:2e:21:61:c5:0f:ea:5a:71:0b:33:a1:60:51:
33:09:0b:68:dc:8b:fa:36:e5:1a:37:1e:bf:9b:3d:
59:d0:de:40:91:2a:81:27:78:55:b9:8f:a3:c4:73:
2e:af:0f:9c:cc:0e:27:85:ad:0b:a2:d9:0f:4f:43:
ff:16:07:fd:7e:06:54:63:96:4d:83:fa:31:2c:93:
f9:bb:7f:83:09:31:54:65:1d:af:6d:0e:df:27:c3:
23:4d:44:56:88:3a:09:f2:6c:22:44:06:1a:e8:ad:
44:13:55:4e:f7:55:36:50:46:c1:14:86:40:cb:82:
a8:2e:b7:e3:34:e1:39:33:4d:f2:a4:4c:fe:1e:dd:
ee:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5C:6F:07:89:19:CA:53:3F:62:53:CB:CC:FA:97:4B:27:E0:08:18
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216022.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.102.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d9:f2:37:b6:3e:e7:f6:26:76:1e:10:52:e4:b9:8a:61:2d:
33:76:2d:bd:1d:75:7d:0f:3f:78:f7:1a:ad:34:c5:b7:d0:f5:
0a:ea:17:52:1a:f2:8a:b8:1e:7a:74:25:ce:1b:f9:bf:11:57:
2f:5d:33:7b:73:85:4e:75:37:2d:75:74:c5:34:ff:7a:ed:f7:
43:f3:2f:d7:f1:7f:ec:f1:76:81:a0:64:fd:a7:c9:3a:39:42:
b5:bc:d1:41:e3:be:77:5e:92:ec:fc:74:aa:80:df:55:ff:97:
01:0d:77:c9:16:01:30:b8:19:8a:44:a2:16:b1:50:20:52:23:
5b:d0:c1:bf:6e:43:8e:d9:92:a2:1e:44:2a:8a:51:a9:2b:86:
cf:4c:d3:f4:cd:7d:52:2c:5c:98:a3:91:f0:f7:80:f7:a1:1f:
fc:68:dd:94:d7:a7:d2:10:85:8f:01:1c:10:e5:25:32:d0:29:
3d:83:fc:ce:c8:6c:aa:73:fa:41:dc:e1:e6:97:6d:72:cb:1e:
59:27:f1:5b:47:08:82:68:fe:83:e3:67:a5:92:10:61:6a:f7:
24:64:5f:80:d2:b6:5e:0e:b0:89:10:f7:be:0e:6b:5b:c7:a4:
a3:fd:e0:5e:e3:6a:ac:bf:b6:aa:68:80:f1:bc:03:75:11:6c:
d8:2d:b7:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUa87D+nMoyP4JKs8KimuMBpr/Ou0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MzAwNzMxMTJaFw0yNTA4MjkwNzM2MTJaMDMxMTAvBgNV
BAMTKDFFNUM2RjA3ODkxOUNBNTMzRjYyNTNDQkNDRkE5NzRCMjdFMDA4MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC47O2CqA9X8ZDQmC87jBGGEAdQ
i5yD4nGbJmflmCw1008h0HZALUIOZ+AJ6xNBlAUo7s8gRd9n4Dm86nZ43HXNryuh
ZyiZOxLuF/Ux41pvtWQ2V13jGl1cFb/VVjAkJb/nO8g7Tus9o2Wx1mOpM3Ripp1m
wxFALUB4LiFhxQ/qWnELM6FgUTMJC2jci/o25Ro3Hr+bPVnQ3kCRKoEneFW5j6PE
cy6vD5zMDieFrQui2Q9PQ/8WB/1+BlRjlk2D+jEsk/m7f4MJMVRlHa9tDt8nwyNN
RFaIOgnybCJEBhrorUQTVU73VTZQRsEUhkDLgqgut+M04TkzTfKkTP4e3e6rAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUHlxvB4kZylM/YlPLzPqXSyfgCBgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE2MDIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2Vm
MA0GCSqGSIb3DQEBCwUAA4IBAQBN2fI3tj7n9iZ2HhBS5LmKYS0zdi29HXV9Dz94
9xqtNMW30PUK6hdSGvKKuB56dCXOG/m/EVcvXTN7c4VOdTctdXTFNP967fdD8y/X
8X/s8XaBoGT9p8k6OUK1vNFB4753XpLs/HSqgN9V/5cBDXfJFgEwuBmKRKIWsVAg
UiNb0MG/bkOO2ZKiHkQqilGpK4bPTNP0zX1SLFyYo5Hw94D3oR/8aN2U16fSEIWP
ARwQ5SUy0Ck9g/zOyGyqc/pB3OHml21yyx5ZJ/FbRwiCaP6D42elkhBhavckZF+A
0rZeDrCJEPe+Dmtbx6Sj/eBe42qsv7aqaIDxvAN1EWzYLbcL
Generated at Wed Oct 9 03:08:19 2024 by rpki-client on console-fra.rpki-client.org