Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216085.roa
File: AS216085.roa (raw, json)
Hash identifier: UgjwUNKDMjhsmMD6a/w0FSxb/5oLSwc9fdbxK/G8PZ8=
Subject key identifier: 62:B1:50:0A:EE:71:53:6A:E8:36:BF:4F:13:A9:61:A3:34:D4:49:E4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 22C77BB00A07D63A0EBCCC088483E851C1525772
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216085.roa
Signing time: Wed 03 Jan 2024 06:47:02 +0000
ROA not before: Wed 03 Jan 2024 06:42:02 +0000
ROA not after: Wed 01 Jan 2025 06:47:02 +0000
asID: 216085
IP address blocks: 45.89.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 May 2024 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:c7:7b:b0:0a:07:d6:3a:0e:bc:cc:08:84:83:e8:51:c1:52:57:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 3 06:42:02 2024 GMT
Not After : Jan 1 06:47:02 2025 GMT
Subject: CN=62B1500AEE71536AE836BF4F13A961A334D449E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a0:d3:57:c2:56:97:e9:ab:1b:d0:26:a5:cf:
83:b5:69:1c:84:29:53:77:cc:bc:4a:79:a0:ec:11:
d4:ba:ff:6e:17:86:73:9e:e6:00:8b:8e:01:a1:e2:
7e:07:53:50:f0:49:e2:b4:cd:16:a7:84:6e:f8:37:
d9:a6:20:7c:84:9c:c7:66:47:68:05:05:83:b3:97:
58:ab:03:4c:1f:c9:35:71:61:f6:81:25:5b:0b:f6:
be:b2:13:86:e1:d9:9b:a9:bf:75:a0:65:d0:22:13:
73:97:d4:1d:1f:c0:27:e8:a3:dc:d9:51:03:99:5c:
4f:66:f1:72:75:ba:08:55:7c:98:b4:89:20:64:d8:
0a:64:ef:44:b8:a1:dd:b2:4c:40:1d:9b:d6:d3:9e:
5e:80:78:81:53:81:cc:93:d2:6a:68:bf:72:c0:61:
08:a6:0e:8b:fd:fc:8a:c4:41:2b:77:1a:78:b8:9c:
e3:0a:5f:94:48:e5:3b:e8:63:81:8f:34:e4:d5:b5:
a5:67:5b:8d:2c:7c:a7:2b:3e:8b:1e:83:89:67:0f:
01:37:98:b3:e4:1c:58:c7:be:17:62:21:7b:eb:59:
f1:3e:05:1b:d8:56:3e:8b:11:40:dc:be:72:6e:5a:
ea:62:a1:b8:ca:0e:63:d5:4c:d1:6a:47:20:a1:b5:
f2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B1:50:0A:EE:71:53:6A:E8:36:BF:4F:13:A9:61:A3:34:D4:49:E4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216085.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.249.0/24
Signature Algorithm: sha256WithRSAEncryption
09:d6:c7:64:5b:a0:41:32:ad:36:95:97:4c:1a:81:46:b9:49:
77:42:54:59:72:9a:6c:8e:79:b8:f5:ac:40:c2:8b:37:c1:52:
9b:8c:24:e5:39:2e:da:f8:43:85:ef:96:1d:d6:e7:3b:05:2d:
af:66:92:0a:fc:ca:02:9c:9d:58:ea:b9:3d:3b:75:33:e9:d8:
22:07:c4:07:15:48:93:b6:44:a0:3f:50:96:8e:a9:16:bc:bf:
34:21:da:99:aa:e3:36:07:e1:8d:aa:37:51:f8:ec:f3:8f:97:
f4:dc:5a:4b:2f:bc:b8:59:20:d2:ef:3a:22:61:93:e1:77:e3:
26:1b:e4:21:ef:c9:f1:ea:5e:b2:10:3f:79:1b:96:64:2f:7c:
7e:1d:0d:42:c8:63:8f:6e:c9:24:e3:31:da:c9:a3:5b:bd:e8:
cf:d9:7b:db:3b:b8:9e:65:80:83:38:cf:8f:32:06:fa:54:f3:
fc:93:d9:75:73:dd:b9:25:14:f3:bf:5d:d4:32:cf:01:a4:0d:
47:9c:53:ac:9f:d3:7c:7f:29:6f:56:9c:3c:0e:2f:a3:a0:57:
8e:93:50:13:8d:de:9e:7b:0a:f3:55:07:7b:15:71:d9:37:85:
fd:1b:6c:19:0f:c3:1b:c7:6c:4f:01:6a:62:4e:11:22:4c:b8:
d4:71:9d:94
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUIsd7sAoH1joOvMwIhIPoUcFSV3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMDMwNjQyMDJaFw0yNTAxMDEwNjQ3MDJaMDMxMTAvBgNV
BAMTKDYyQjE1MDBBRUU3MTUzNkFFODM2QkY0RjEzQTk2MUEzMzRENDQ5RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6oNNXwlaX6asb0Calz4O1aRyE
KVN3zLxKeaDsEdS6/24XhnOe5gCLjgGh4n4HU1DwSeK0zRanhG74N9mmIHyEnMdm
R2gFBYOzl1irA0wfyTVxYfaBJVsL9r6yE4bh2Zupv3WgZdAiE3OX1B0fwCfoo9zZ
UQOZXE9m8XJ1ughVfJi0iSBk2Apk70S4od2yTEAdm9bTnl6AeIFTgcyT0mpov3LA
YQimDov9/IrEQSt3Gni4nOMKX5RI5TvoY4GPNOTVtaVnW40sfKcrPoseg4lnDwE3
mLPkHFjHvhdiIXvrWfE+BRvYVj6LEUDcvnJuWupiobjKDmPVTNFqRyChtfItAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUYrFQCu5xU2roNr9PE6lhozTUSeQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE2MDg1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVn5
MA0GCSqGSIb3DQEBCwUAA4IBAQAJ1sdkW6BBMq02lZdMGoFGuUl3QlRZcppsjnm4
9axAwos3wVKbjCTlOS7a+EOF75Yd1uc7BS2vZpIK/MoCnJ1Y6rk9O3Uz6dgiB8QH
FUiTtkSgP1CWjqkWvL80IdqZquM2B+GNqjdR+Ozzj5f03FpLL7y4WSDS7zoiYZPh
d+MmG+Qh78nx6l6yED95G5ZkL3x+HQ1CyGOPbskk4zHayaNbvejP2XvbO7ieZYCD
OM+PMgb6VPP8k9l1c925JRTzv13UMs8BpA1HnFOsn9N8fylvVpw8Di+joFeOk1AT
jd6eewrzVQd7FXHZN4X9G2wZD8Mbx2xPAWpiThEiTLjUcZ2U
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org