Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24.roa
File: AS24.roa (raw, json)
Hash identifier: 4LjP/zZQdGVSNIxq/r2YDKtzVOKYjH6nO1rzb9zkwlc=
Subject key identifier: 49:1E:D8:98:23:02:4B:12:3E:08:3B:A5:AF:8F:A6:E8:28:C5:A6:3D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0BEEF9FC02EA5CBAF731673E2FD20A24C3BB2DD1
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24.roa
Signing time: Sat 21 Dec 2024 15:08:48 +0000
ROA not before: Sat 21 Dec 2024 15:03:48 +0000
ROA not after: Sat 20 Dec 2025 15:08:48 +0000
asID: 24
IP address blocks: 191.101.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Dec 2024 19:15:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:ee:f9:fc:02:ea:5c:ba:f7:31:67:3e:2f:d2:0a:24:c3:bb:2d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 21 15:03:48 2024 GMT
Not After : Dec 20 15:08:48 2025 GMT
Subject: CN=491ED89823024B123E083BA5AF8FA6E828C5A63D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:50:de:66:06:aa:83:35:d4:ca:73:e7:65:1b:
c4:0a:d3:cf:e8:68:77:4a:38:09:59:7c:8d:75:96:
c0:49:77:4e:06:3b:33:8e:43:1b:32:ea:cf:3d:27:
69:03:03:90:8c:c6:60:3b:12:c5:f4:95:54:8f:c8:
a1:74:bf:07:87:6f:46:cb:9d:5c:cf:c8:0d:83:f5:
27:2c:ee:19:ee:52:aa:bd:52:e0:0e:17:77:93:7a:
0b:7a:68:25:e7:99:2b:5a:0b:33:3a:a5:3f:e0:81:
97:d7:40:3a:3d:90:54:1c:d6:ae:88:96:0a:ad:78:
97:ab:a7:40:b3:31:37:3b:54:bc:fb:a3:e9:f2:b7:
60:c8:e0:b2:e6:f3:e0:81:ad:5f:3f:c5:78:d8:8e:
4a:ef:af:25:5b:f7:74:bd:d0:68:2a:f7:67:e8:7f:
0c:30:35:af:d0:95:39:fd:b9:cd:99:d4:c1:8d:f5:
7b:d1:cb:c0:a6:c9:ef:20:2f:93:38:89:c8:89:d1:
33:32:fa:8b:aa:73:00:5b:f8:de:59:9d:21:06:b9:
ca:96:e8:82:4d:e6:60:95:1c:92:2d:41:ee:d2:ee:
23:78:47:76:b6:0c:00:a6:f8:b1:55:38:d9:98:77:
24:37:c7:61:ba:4d:a7:94:d8:fe:1b:3e:fb:8e:32:
ec:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:1E:D8:98:23:02:4B:12:3E:08:3B:A5:AF:8F:A6:E8:28:C5:A6:3D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.9.0/24
Signature Algorithm: sha256WithRSAEncryption
27:79:73:23:46:65:a5:78:9f:90:96:60:5c:c1:cf:5a:5f:fe:
ed:8f:b9:76:b7:07:eb:e5:bd:08:1f:4e:76:7c:ca:65:bb:f5:
4c:e2:74:d7:36:f8:53:00:17:67:00:48:29:5a:3d:fa:37:88:
37:37:05:9f:86:c9:46:34:3e:03:63:81:32:64:60:86:fe:77:
be:13:20:9f:72:50:c9:e1:af:f2:2f:34:8e:93:8e:a4:df:fd:
b2:d2:73:89:a4:8a:eb:08:1a:8a:f3:0b:9a:f2:09:7f:3a:54:
ff:be:ed:c0:e5:d3:20:70:f5:58:84:f5:15:69:d9:15:a2:fc:
33:12:f5:b8:c8:2c:62:a2:97:f1:40:9a:b5:f7:ce:da:b4:4e:
f6:a3:0c:8d:9c:18:60:a1:6b:a9:d3:e6:74:78:54:c2:1a:bc:
46:cc:f7:3f:67:9f:1f:74:82:dc:88:2f:a1:dc:75:f9:6f:3b:
43:21:aa:53:a2:84:7c:82:e0:04:86:d8:19:04:75:cd:1f:c1:
06:85:37:06:f3:33:c6:af:bb:70:eb:6f:d3:bd:44:92:6c:a9:
a9:08:96:64:50:6d:c2:81:d3:ba:14:1c:4c:f6:4a:4d:76:3c:
a4:a4:fe:c7:09:28:10:96:ec:dd:1e:20:81:d7:4b:78:ef:2c:
65:08:c5:1d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIUC+75/ALqXLr3MWc+L9IKJMO7LdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMjExNTAzNDhaFw0yNTEyMjAxNTA4NDhaMDMxMTAvBgNV
BAMTKDQ5MUVEODk4MjMwMjRCMTIzRTA4M0JBNUFGOEZBNkU4MjhDNUE2M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8UN5mBqqDNdTKc+dlG8QK08/o
aHdKOAlZfI11lsBJd04GOzOOQxsy6s89J2kDA5CMxmA7EsX0lVSPyKF0vweHb0bL
nVzPyA2D9Scs7hnuUqq9UuAOF3eTegt6aCXnmStaCzM6pT/ggZfXQDo9kFQc1q6I
lgqteJerp0CzMTc7VLz7o+nyt2DI4LLm8+CBrV8/xXjYjkrvryVb93S90Ggq92fo
fwwwNa/QlTn9uc2Z1MGN9XvRy8Cmye8gL5M4iciJ0TMy+ouqcwBb+N5ZnSEGucqW
6IJN5mCVHJItQe7S7iN4R3a2DACm+LFVONmYdyQ3x2G6TaeU2P4bPvuOMuzNAgMB
AAGjggIGMIICAjAdBgNVHQ4EFgQUSR7YmCMCSxI+CDulr4+m6CjFpj0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwdwYIKwYBBQUHAQsEazBpMGcGCCsGAQUFBzALhltyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/ZQkwDQYJ
KoZIhvcNAQELBQADggEBACd5cyNGZaV4n5CWYFzBz1pf/u2PuXa3B+vlvQgfTnZ8
ymW79UzidNc2+FMAF2cASClaPfo3iDc3BZ+GyUY0PgNjgTJkYIb+d74TIJ9yUMnh
r/IvNI6TjqTf/bLSc4mkiusIGorzC5ryCX86VP++7cDl0yBw9ViE9RVp2RWi/DMS
9bjILGKil/FAmrX3ztq0TvajDI2cGGCha6nT5nR4VMIavEbM9z9nnx90gtyIL6Hc
dflvO0MhqlOihHyC4ASG2BkEdc0fwQaFNwbzM8avu3Drb9O9RJJsqakIlmRQbcKB
07oUHEz2Sk12PKSk/scJKBCW7N0eIIHXS3jvLGUIxR0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:23 2025 by rpki-client