Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS46573.roa
File: AS46573.roa (raw, json)
Hash identifier: JrPw+MNmX0d3Bos60SRxQX78R6fjmyXUyyjUL63PvzA=
Subject key identifier: B4:E1:F1:A7:86:52:06:30:78:F6:87:92:5F:D1:5F:1C:B3:8B:3F:E6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2E33C25DFDF071822363F389525EFCB8E7526F23
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS46573.roa
Signing time: Mon 12 Aug 2024 13:20:06 +0000
ROA not before: Mon 12 Aug 2024 13:15:06 +0000
ROA not after: Mon 11 Aug 2025 13:20:06 +0000
asID: 46573
IP address blocks: 191.96.104.0/24 maxlen: 24
191.96.117.0/24 maxlen: 24
191.96.202.0/24 maxlen: 24
191.96.254.0/24 maxlen: 24
191.101.11.0/24 maxlen: 24
191.101.25.0/24 maxlen: 24
191.101.26.0/24 maxlen: 24
191.101.174.0/24 maxlen: 24
191.101.181.0/24 maxlen: 24
191.101.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 08:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:33:c2:5d:fd:f0:71:82:23:63:f3:89:52:5e:fc:b8:e7:52:6f:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 12 13:15:06 2024 GMT
Not After : Aug 11 13:20:06 2025 GMT
Subject: CN=B4E1F1A78652063078F687925FD15F1CB38B3FE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c1:f1:cb:b5:1d:3e:3b:ca:5a:07:9a:50:44:
e3:c6:7f:21:b5:69:fe:88:14:dc:8d:a9:b8:6c:ce:
59:20:84:c9:00:6e:03:db:a8:af:9b:b5:14:97:db:
96:dc:89:fe:3b:d4:67:54:58:3e:40:a2:2f:cd:19:
40:e5:ba:17:fe:8d:a1:24:e7:ea:3a:f7:b5:57:45:
67:80:7c:e0:eb:88:11:f1:91:0c:42:18:35:5a:bf:
1a:c6:53:03:b7:41:01:92:71:a8:c0:e3:0c:db:fb:
99:92:5a:71:3c:ee:28:d8:6c:68:5a:87:d4:04:dc:
e8:8a:1b:16:8f:58:69:44:19:bb:99:71:34:5e:2c:
79:24:87:af:9a:23:36:43:f4:6b:9f:04:27:b3:b8:
b6:f1:b9:27:52:a9:ec:18:48:b3:52:26:cd:e2:3a:
d0:50:ea:89:7e:3c:8c:df:a9:e1:c5:23:a8:a5:dc:
70:25:7b:a2:36:3a:fc:46:ed:14:25:2b:c9:82:c1:
29:75:2d:cd:14:c1:5c:a1:6e:df:f2:11:1c:86:32:
4a:36:29:3b:88:06:17:66:3a:35:58:68:d3:b8:08:
be:56:e4:03:9a:e4:d5:a3:29:ca:b5:bb:bb:40:79:
cb:79:26:e3:d6:e4:1d:49:6a:b8:df:8e:99:ba:c3:
6d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E1:F1:A7:86:52:06:30:78:F6:87:92:5F:D1:5F:1C:B3:8B:3F:E6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS46573.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.104.0/24
191.96.117.0/24
191.96.202.0/24
191.96.254.0/24
191.101.11.0/24
191.101.25.0-191.101.26.255
191.101.174.0/24
191.101.181.0/24
191.101.188.0/24
Signature Algorithm: sha256WithRSAEncryption
29:76:b4:a3:8d:f8:5c:84:5e:d0:7a:d1:21:8b:16:b9:1d:f6:
e6:a0:f8:5d:8c:03:49:15:ec:bd:01:57:28:46:2b:31:7c:11:
f2:65:f4:51:e3:50:84:00:60:29:90:5f:f3:64:5c:5b:72:ff:
58:fb:82:2f:ac:1b:bf:d4:27:aa:4d:30:f5:5e:40:3e:37:13:
15:c4:02:4a:8f:a2:46:2b:55:21:36:02:9d:fd:14:30:40:8b:
7c:ef:d6:48:d3:7c:0d:7b:4b:aa:53:94:9a:8f:a5:5c:54:7e:
58:8a:b3:7f:fc:32:6c:45:41:94:03:b5:a8:b4:d5:8e:6f:eb:
9b:05:4b:fb:41:4b:79:54:b0:45:cb:16:17:e4:bb:e5:a5:d7:
18:c0:3d:1f:26:d8:ce:3b:3b:a5:c7:64:c9:6a:47:8c:16:ac:
77:8c:38:08:86:09:c4:16:f4:c6:61:65:ca:4e:3c:d2:ec:82:
b6:5a:f7:e5:a3:b9:f5:d9:3a:b5:13:cd:f2:d1:c4:c3:d6:1e:
3c:36:6e:08:75:d3:86:a3:4a:24:1d:76:a9:0b:c3:d4:ea:d0:
6f:ed:38:23:8f:5e:7e:09:de:6e:3c:c6:db:05:e5:13:13:78:
8b:14:9d:a6:ef:f2:67:2d:b7:b4:cf:ba:fc:b2:3d:01:d5:65:
aa:1f:fe:03
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULjPCXf3wcYIjY/OJUl78uOdSbyMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA4MTIxMzE1MDZaFw0yNTA4MTExMzIwMDZaMDMxMTAvBgNV
BAMTKEI0RTFGMUE3ODY1MjA2MzA3OEY2ODc5MjVGRDE1RjFDQjM4QjNGRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjwfHLtR0+O8paB5pQROPGfyG1
af6IFNyNqbhszlkghMkAbgPbqK+btRSX25bcif471GdUWD5Aoi/NGUDluhf+jaEk
5+o697VXRWeAfODriBHxkQxCGDVavxrGUwO3QQGScajA4wzb+5mSWnE87ijYbGha
h9QE3OiKGxaPWGlEGbuZcTReLHkkh6+aIzZD9GufBCezuLbxuSdSqewYSLNSJs3i
OtBQ6ol+PIzfqeHFI6il3HAle6I2OvxG7RQlK8mCwSl1Lc0UwVyhbt/yERyGMko2
KTuIBhdmOjVYaNO4CL5W5AOa5NWjKcq1u7tAect5JuPW5B1Jarjfjpm6w229AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtOHxp4ZSBjB49oeSX9FfHLOLP+YwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDY1NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMEQEAgABMD4DBAC/YGgD
BAC/YHUDBAC/YMoDBAC/YP4DBAC/ZQswDAMEAL9lGQMEAL9lGgMEAL9lrgMEAL9l
tQMEAL9lvDANBgkqhkiG9w0BAQsFAAOCAQEAKXa0o434XIRe0HrRIYsWuR325qD4
XYwDSRXsvQFXKEYrMXwR8mX0UeNQhABgKZBf82RcW3L/WPuCL6wbv9Qnqk0w9V5A
PjcTFcQCSo+iRitVITYCnf0UMECLfO/WSNN8DXtLqlOUmo+lXFR+WIqzf/wybEVB
lAO1qLTVjm/rmwVL+0FLeVSwRcsWF+S75aXXGMA9HybYzjs7pcdkyWpHjBasd4w4
CIYJxBb0xmFlyk480uyCtlr35aO59dk6tRPN8tHEw9YePDZuCHXThqNKJB12qQvD
1OrQb+04I49efgnebjzG2wXlExN4ixSdpu/yZy23tM+6/LI9AdVlqh/+Aw==
Generated at Mon Oct 7 10:00:44 2024 by rpki-client on console-fra.rpki-client.org