Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39600.roa
File: AS39600.roa (raw, json)
Hash identifier: 8gtzz+XNnu2JeSukzw9TwxNIDNhJ6ojdH0f4/11lYBE=
Subject key identifier: C2:A4:97:B0:61:AA:7A:6C:35:0E:CB:7E:3C:D7:F2:39:12:F7:90:28
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3F4C9DA4068E2140B97DB3C3EE09F5CC537E5CC3
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39600.roa
Signing time: Wed 18 Sep 2024 14:10:41 +0000
ROA not before: Wed 18 Sep 2024 14:05:41 +0000
ROA not after: Wed 17 Sep 2025 14:10:41 +0000
asID: 39600
IP address blocks: 85.208.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 12:45:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:4c:9d:a4:06:8e:21:40:b9:7d:b3:c3:ee:09:f5:cc:53:7e:5c:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 18 14:05:41 2024 GMT
Not After : Sep 17 14:10:41 2025 GMT
Subject: CN=C2A497B061AA7A6C350ECB7E3CD7F23912F79028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e8:cd:33:64:6c:13:bd:5f:9e:4a:a7:b6:7e:
e6:8b:05:5f:da:52:2b:37:b2:92:e3:68:e8:a4:39:
0b:3e:8f:8a:aa:93:27:db:00:21:3b:93:a2:10:67:
80:48:2e:6a:87:f9:bc:6d:31:8b:5d:24:e5:ab:4b:
c7:31:39:97:58:da:d8:c9:c0:f6:70:64:a3:6c:37:
0b:2b:11:56:39:d6:59:68:c9:99:60:f3:57:39:fa:
27:5b:4a:3e:c1:81:43:7f:21:3c:16:fb:bc:35:75:
7a:12:f0:6a:ca:79:f1:49:d9:e3:0f:b8:a3:64:ad:
69:0f:07:13:e6:d5:24:70:0e:15:c0:7d:c0:5b:72:
fe:f9:a6:24:4e:2b:55:4a:c1:2b:7d:c9:3b:12:d7:
b6:a2:ab:8a:6c:c5:15:4b:f4:21:27:da:95:d7:15:
c8:60:4e:8e:31:a5:c1:66:70:3a:9e:f0:2a:cd:c3:
65:09:3d:fb:0c:92:ba:df:1d:4a:83:8a:5b:f1:20:
cc:25:fe:63:fd:55:3a:f2:d2:83:0f:3f:ac:d5:44:
80:fb:e1:05:35:9d:b1:49:34:33:28:41:d3:38:d4:
83:eb:f7:c7:2a:26:2f:46:9a:56:3e:a4:07:c2:a6:
f7:a5:31:48:d7:14:99:11:35:ce:b2:3d:ef:71:6a:
67:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A4:97:B0:61:AA:7A:6C:35:0E:CB:7E:3C:D7:F2:39:12:F7:90:28
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS39600.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.72.0/24
Signature Algorithm: sha256WithRSAEncryption
81:8b:0f:ce:d6:12:be:93:39:bd:4a:0e:6d:27:e5:00:d8:25:
28:96:75:e2:bd:ca:2c:89:8f:23:2e:d6:8e:b5:34:85:56:77:
5d:98:00:f8:dd:7b:a0:b1:7b:f9:47:f5:5e:8a:71:c3:a8:90:
4c:a2:b2:91:63:9c:0e:2c:71:ce:a1:12:23:31:41:31:19:c9:
e5:11:2b:c0:e8:4d:a8:5b:99:c6:f9:3b:4e:20:73:37:38:39:
3a:9d:ea:dd:ad:22:ae:92:dc:0c:e5:d1:7e:6f:5d:23:91:2b:
eb:c4:73:40:8f:5b:c1:87:bc:99:d0:91:89:bf:9a:f4:c0:d8:
b6:dd:19:ab:0c:5e:48:ed:ae:44:07:cd:84:9f:06:7b:3e:fe:
88:8f:b8:40:63:20:34:12:5c:83:76:09:14:17:0d:3e:52:d5:
36:07:c1:a6:b7:cc:14:5f:16:cd:06:97:e3:51:55:b5:de:a8:
47:54:42:78:55:e3:b4:00:f3:6a:0a:c4:13:62:f6:cb:65:ce:
45:1e:c0:ea:db:8b:61:18:20:d8:6b:4f:b0:ad:94:f1:7c:ab:
06:53:d3:06:26:ad:15:e8:12:76:8c:3f:6b:9a:3b:87:24:42:
e6:ce:2a:4c:ed:05:1c:a1:74:d5:a6:f0:2f:45:34:9d:69:70:
12:f6:b6:7c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUP0ydpAaOIUC5fbPD7gn1zFN+XMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA5MTgxNDA1NDFaFw0yNTA5MTcxNDEwNDFaMDMxMTAvBgNV
BAMTKEMyQTQ5N0IwNjFBQTdBNkMzNTBFQ0I3RTNDRDdGMjM5MTJGNzkwMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt6M0zZGwTvV+eSqe2fuaLBV/a
Uis3spLjaOikOQs+j4qqkyfbACE7k6IQZ4BILmqH+bxtMYtdJOWrS8cxOZdY2tjJ
wPZwZKNsNwsrEVY51lloyZlg81c5+idbSj7BgUN/ITwW+7w1dXoS8GrKefFJ2eMP
uKNkrWkPBxPm1SRwDhXAfcBbcv75piROK1VKwSt9yTsS17aiq4psxRVL9CEn2pXX
FchgTo4xpcFmcDqe8CrNw2UJPfsMkrrfHUqDilvxIMwl/mP9VTry0oMPP6zVRID7
4QU1nbFJNDMoQdM41IPr98cqJi9GmlY+pAfCpvelMUjXFJkRNc6yPe9xamcBAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUwqSXsGGqemw1Dst+PNfyORL3kCgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk2MDAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0Egw
DQYJKoZIhvcNAQELBQADggEBAIGLD87WEr6TOb1KDm0n5QDYJSiWdeK9yiyJjyMu
1o61NIVWd12YAPjde6Cxe/lH9V6KccOokEyispFjnA4scc6hEiMxQTEZyeURK8Do
Tahbmcb5O04gczc4OTqd6t2tIq6S3Azl0X5vXSORK+vEc0CPW8GHvJnQkYm/mvTA
2LbdGasMXkjtrkQHzYSfBns+/oiPuEBjIDQSXIN2CRQXDT5S1TYHwaa3zBRfFs0G
l+NRVbXeqEdUQnhV47QA82oKxBNi9stlzkUewOrbi2EYINhrT7CtlPF8qwZT0wYm
rRXoEnaMP2uaO4ckQubOKkztBRyhdNWm8C9FNJ1pcBL2tnw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:54 2025 by rpki-client