Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS273659.roa
File: AS273659.roa (raw, json)
Hash identifier: lCG+/SuHSG8gltZDh2wuOzK348fbYiak++RO9HPdh7g=
Subject key identifier: ED:40:9E:5A:4C:5F:D2:94:E2:79:59:93:AC:B9:EC:1B:A7:D3:28:9C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4221591EF53C5AC65DA6A686F678620936191348
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS273659.roa
Signing time: Fri 29 Dec 2023 11:51:37 +0000
ROA not before: Fri 29 Dec 2023 11:46:37 +0000
ROA not after: Fri 27 Dec 2024 11:51:37 +0000
asID: 273659
IP address blocks: 191.96.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 21:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:21:59:1e:f5:3c:5a:c6:5d:a6:a6:86:f6:78:62:09:36:19:13:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 29 11:46:37 2023 GMT
Not After : Dec 27 11:51:37 2024 GMT
Subject: CN=ED409E5A4C5FD294E2795993ACB9EC1BA7D3289C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:58:bc:35:20:e1:2b:8f:5b:13:0f:a4:97:90:
ca:f8:92:0a:7d:6e:24:f5:54:4b:72:95:f7:2d:53:
43:3b:dc:30:34:86:44:d0:b4:37:95:24:aa:ee:3f:
40:f2:99:b2:3c:8e:28:5b:53:1b:63:e6:f8:86:3d:
c0:28:26:16:09:83:a9:ad:de:e0:ca:5c:62:50:27:
82:ae:5c:26:38:a0:49:c0:87:ae:d5:8f:b4:84:80:
bb:79:f3:16:d8:aa:65:c1:aa:25:ac:27:e1:09:97:
59:48:b6:37:e1:58:a2:25:6c:46:50:88:30:bd:0f:
a8:a6:5b:98:59:84:3e:e4:44:65:5a:cc:6e:61:f2:
61:ab:04:b2:16:1e:32:c1:c2:af:ae:01:7f:81:3d:
ef:0e:0d:0f:ed:bc:9a:82:8c:bf:fc:9d:b5:45:34:
ed:36:cc:a5:fe:26:f2:55:7f:6a:30:73:4b:ec:a1:
ef:33:b0:c1:e7:93:19:35:0c:cd:13:81:41:3c:5d:
1e:9f:ee:b6:ff:14:57:82:85:2b:9f:9e:33:b8:0a:
42:6a:75:48:87:a3:9e:24:9b:26:eb:4a:64:8a:9d:
8f:a9:83:79:2a:e3:88:4a:fe:45:1f:e9:14:9e:ca:
91:4c:9c:4e:f3:77:3e:dd:62:0b:bf:4e:48:70:78:
c7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:40:9E:5A:4C:5F:D2:94:E2:79:59:93:AC:B9:EC:1B:A7:D3:28:9C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS273659.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.20.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e6:1b:13:5e:92:45:91:df:3d:5c:a5:2e:d3:bb:b4:12:95:
85:57:8b:b4:7d:2f:78:97:e6:a4:ee:f2:08:e7:2f:b7:7c:e5:
0e:5f:76:8e:d8:f9:e7:95:b1:37:75:61:d4:67:82:c0:7f:d8:
a7:87:9d:e2:27:c2:35:b3:cd:bc:58:e5:60:d9:6a:6c:7b:e7:
9e:16:a2:46:be:ff:98:82:a7:f8:b9:1c:e6:29:63:a7:4a:a4:
6f:c4:aa:1a:5e:2d:e9:a4:3f:0f:d4:61:ed:01:30:5e:9b:76:
9c:e2:41:47:c8:5e:e9:de:24:5a:bd:4b:da:ed:84:6e:d1:de:
e8:cd:27:d1:4b:3c:81:dc:ac:cb:d9:c2:1a:49:75:03:27:a3:
ce:a1:66:01:c0:7e:0c:6f:dc:f1:c8:73:70:3b:f3:f3:4e:01:
9a:60:86:4e:30:7b:b1:71:fd:9a:1a:4f:6b:96:07:78:f4:9a:
1f:ca:b6:47:23:c1:43:24:9d:13:e7:8a:bc:0f:5e:35:3b:2b:
68:4c:29:36:eb:70:90:53:28:42:ba:6f:d7:1b:5f:cd:ab:06:
2b:88:ab:4a:d1:a3:49:67:13:2f:f5:7f:55:0f:5f:56:0d:d8:
2d:3d:51:ef:06:40:22:8c:34:bd:66:28:32:ec:bc:88:31:f2:
83:77:8b:95
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUQiFZHvU8WsZdpqaG9nhiCTYZE0gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEyMjkxMTQ2MzdaFw0yNDEyMjcxMTUxMzdaMDMxMTAvBgNV
BAMTKEVENDA5RTVBNEM1RkQyOTRFMjc5NTk5M0FDQjlFQzFCQTdEMzI4OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8WLw1IOErj1sTD6SXkMr4kgp9
biT1VEtylfctU0M73DA0hkTQtDeVJKruP0DymbI8jihbUxtj5viGPcAoJhYJg6mt
3uDKXGJQJ4KuXCY4oEnAh67Vj7SEgLt58xbYqmXBqiWsJ+EJl1lItjfhWKIlbEZQ
iDC9D6imW5hZhD7kRGVazG5h8mGrBLIWHjLBwq+uAX+BPe8ODQ/tvJqCjL/8nbVF
NO02zKX+JvJVf2owc0vsoe8zsMHnkxk1DM0TgUE8XR6f7rb/FFeChSufnjO4CkJq
dUiHo54kmybrSmSKnY+pg3kq44hK/kUf6RSeypFMnE7zdz7dYgu/TkhweMf9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU7UCeWkxf0pTieVmTrLnsG6fTKJwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjczNjU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2AU
MA0GCSqGSIb3DQEBCwUAA4IBAQCY5hsTXpJFkd89XKUu07u0EpWFV4u0fS94l+ak
7vII5y+3fOUOX3aO2PnnlbE3dWHUZ4LAf9inh53iJ8I1s828WOVg2Wpse+eeFqJG
vv+Ygqf4uRzmKWOnSqRvxKoaXi3ppD8P1GHtATBem3ac4kFHyF7p3iRavUva7YRu
0d7ozSfRSzyB3KzL2cIaSXUDJ6POoWYBwH4Mb9zxyHNwO/PzTgGaYIZOMHuxcf2a
Gk9rlgd49JofyrZHI8FDJJ0T54q8D141OytoTCk263CQUyhCum/XG1/NqwYriKtK
0aNJZxMv9X9VD19WDdgtPVHvBkAijDS9Zigy7LyIMfKDd4uV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org