Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401195.roa
File: AS401195.roa (raw, json)
Hash identifier: olPIE1J2iYIwWVMQL7Byla4yfTnfKb/sPtqcrLIVHAk=
Subject key identifier: 88:6E:D5:F8:A1:4F:4E:2F:3A:33:50:D6:23:11:13:43:74:1B:4A:0E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3AB7937616B1E7212D161A9F4FE99E45B50ACFEC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401195.roa
Signing time: Mon 24 Jun 2024 15:36:26 +0000
ROA not before: Mon 24 Jun 2024 15:31:26 +0000
ROA not after: Mon 23 Jun 2025 15:36:26 +0000
asID: 401195
IP address blocks: 191.101.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b7:93:76:16:b1:e7:21:2d:16:1a:9f:4f:e9:9e:45:b5:0a:cf:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 24 15:31:26 2024 GMT
Not After : Jun 23 15:36:26 2025 GMT
Subject: CN=886ED5F8A14F4E2F3A3350D623111343741B4A0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a5:ed:92:a6:07:3d:82:b6:fb:e4:f8:a8:42:
1d:1e:2b:52:41:73:10:2f:9e:a3:22:58:ed:46:b7:
37:f7:45:c0:c0:90:5d:a6:46:1e:c1:e6:af:1b:d7:
e0:fa:e5:de:ab:d1:ce:4c:6a:1d:e9:7b:d0:30:e4:
3c:02:db:fc:f9:f4:27:0a:f6:f8:17:e3:0c:b2:84:
41:3b:34:fe:3e:4d:04:9b:7a:84:82:7d:f1:2e:f7:
90:6f:10:6a:93:93:7f:9f:d3:24:5a:8b:a3:df:dc:
7a:82:29:8a:11:77:1f:1b:10:b8:22:13:7f:a9:ad:
ae:14:b4:04:f4:90:3b:ed:3b:71:51:cc:71:e4:70:
5a:f5:c3:9b:0d:ba:f2:e9:52:5a:f8:3c:87:72:ae:
9d:6b:5c:6a:d3:0a:d7:df:22:0b:4c:69:27:ce:22:
c2:78:57:cb:45:82:fb:6a:be:cc:fb:d9:36:93:46:
69:14:9d:67:22:9e:f1:7e:4f:41:6e:b0:23:22:94:
df:4b:41:ec:87:7c:ea:a6:ac:00:49:ab:bf:95:6d:
37:38:8c:78:d6:b1:32:dc:9b:18:dd:e0:54:d1:fc:
81:e8:a4:65:8f:d1:29:5f:fb:5c:99:08:c0:bc:11:
f1:49:c4:f3:f6:55:cc:e4:a3:fa:e7:2f:b5:4d:df:
f0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6E:D5:F8:A1:4F:4E:2F:3A:33:50:D6:23:11:13:43:74:1B:4A:0E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401195.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.111.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b0:1b:fd:a0:38:b2:53:ca:f0:9d:09:5e:61:9d:5b:59:e2:
d3:23:2f:e9:a2:2e:a0:ed:7b:7b:32:8d:9a:79:f1:0f:1c:de:
5b:d6:b0:a0:bc:d0:ff:bc:a1:dd:a0:85:f4:c2:e0:93:85:00:
86:f4:4a:e5:d7:55:a1:c6:95:38:1c:31:f4:c7:56:f7:9e:4e:
86:17:56:9a:dd:7f:a5:17:d4:ff:e6:d1:30:02:2f:e4:3d:b0:
29:34:a2:01:25:73:19:ce:86:0a:0b:64:2a:74:f7:2f:23:ea:
4d:2d:e5:fd:85:22:49:24:2e:cf:b3:5e:d8:cd:82:e9:d1:18:
6c:1e:2e:8a:2b:1e:09:3c:d5:10:e4:92:12:e8:98:b6:2c:db:
b7:be:d8:6d:05:6d:49:16:4a:49:41:38:31:21:11:2f:8f:e1:
81:91:13:86:a8:6d:d7:b0:21:2a:d5:46:4a:92:75:dd:d1:4d:
ae:51:83:ca:c9:d1:d6:ed:eb:e7:86:44:2a:56:01:f4:a3:d6:
d2:ac:dc:24:90:ef:86:41:fc:0e:b3:3e:05:2f:dc:32:cb:33:
6a:4c:57:a7:99:42:7b:87:91:fe:f5:f7:15:91:b3:12:5e:9f:
1b:e7:65:ec:29:64:ae:0f:90:ef:f8:17:ea:d1:42:9e:eb:b1:
84:34:1c:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOreTdhax5yEtFhqfT+meRbUKz+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA2MjQxNTMxMjZaFw0yNTA2MjMxNTM2MjZaMDMxMTAvBgNV
BAMTKDg4NkVENUY4QTE0RjRFMkYzQTMzNTBENjIzMTExMzQzNzQxQjRBMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbpe2Spgc9grb75PioQh0eK1JB
cxAvnqMiWO1Gtzf3RcDAkF2mRh7B5q8b1+D65d6r0c5Mah3pe9Aw5DwC2/z59CcK
9vgX4wyyhEE7NP4+TQSbeoSCffEu95BvEGqTk3+f0yRai6Pf3HqCKYoRdx8bELgi
E3+pra4UtAT0kDvtO3FRzHHkcFr1w5sNuvLpUlr4PIdyrp1rXGrTCtffIgtMaSfO
IsJ4V8tFgvtqvsz72TaTRmkUnWcinvF+T0FusCMilN9LQeyHfOqmrABJq7+VbTc4
jHjWsTLcmxjd4FTR/IHopGWP0Slf+1yZCMC8EfFJxPP2Vczko/rnL7VN3/AZAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUiG7V+KFPTi86M1DWIxETQ3QbSg4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAxMTk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2Vv
MA0GCSqGSIb3DQEBCwUAA4IBAQCQsBv9oDiyU8rwnQleYZ1bWeLTIy/poi6g7Xt7
Mo2aefEPHN5b1rCgvND/vKHdoIX0wuCThQCG9Erl11WhxpU4HDH0x1b3nk6GF1aa
3X+lF9T/5tEwAi/kPbApNKIBJXMZzoYKC2QqdPcvI+pNLeX9hSJJJC7Ps17YzYLp
0RhsHi6KKx4JPNUQ5JIS6Ji2LNu3vthtBW1JFkpJQTgxIREvj+GBkROGqG3XsCEq
1UZKknXd0U2uUYPKydHW7evnhkQqVgH0o9bSrNwkkO+GQfwOsz4FL9wyyzNqTFen
mUJ7h5H+9fcVkbMSXp8b52XsKWSuD5Dv+Bfq0UKe67GENBxf
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:53 2025 by rpki-client