Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47436.roa
File: AS47436.roa (raw, json)
Hash identifier: t94Azntj92sA/pq58V0DI1XKL6ts7Etya6Zs4D4cdKQ=
Subject key identifier: F0:44:B7:B2:B0:9B:86:93:01:9D:A7:8D:EC:04:88:9A:E0:A4:78:EE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4F9B92438F239E40907FEB82721A00C3F0C23DF0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47436.roa
Signing time: Mon 03 Mar 2025 17:14:58 +0000
ROA not before: Mon 03 Mar 2025 17:09:58 +0000
ROA not after: Mon 02 Mar 2026 17:14:58 +0000
asID: 47436
IP address blocks: 5.252.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 16:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:9b:92:43:8f:23:9e:40:90:7f:eb:82:72:1a:00:c3:f0:c2:3d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 3 17:09:58 2025 GMT
Not After : Mar 2 17:14:58 2026 GMT
Subject: CN=F044B7B2B09B8693019DA78DEC04889AE0A478EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:29:84:b2:47:4f:74:ba:69:b0:e4:52:c6:5a:
52:b2:c0:58:89:74:8c:94:10:e6:15:6c:6b:be:51:
31:3c:9b:c5:2f:7f:d0:85:21:9e:78:ee:93:81:66:
02:a2:0d:d7:2f:fe:df:0b:27:4b:a4:43:ae:b1:01:
0c:5d:d0:ee:ca:2e:15:77:2c:70:ed:ed:86:ed:0c:
62:cb:2b:2e:d3:ad:d9:38:ad:e0:3e:6c:63:2b:12:
75:39:1b:42:14:4e:01:fd:db:22:0f:f3:79:38:43:
36:98:65:96:f0:94:f2:df:00:d6:16:cb:36:07:f2:
c0:ba:dc:62:4a:9d:df:e1:d4:38:04:e7:db:d4:34:
56:b5:03:e4:c2:17:09:08:07:60:bc:82:b4:2d:83:
79:9a:34:2c:ea:5d:d9:21:19:6d:89:26:e4:2a:1d:
6a:c7:56:6e:a4:92:23:12:20:c0:ed:43:9e:e2:b9:
fd:46:89:a1:85:a8:6d:26:a2:77:10:7e:b9:eb:a4:
7d:79:19:55:66:42:3f:29:8e:27:2e:88:2a:60:12:
e5:20:08:d5:33:f7:17:bb:c3:82:3b:3e:b3:7c:b0:
98:38:a1:48:d1:69:dc:4f:1d:a8:e8:2b:61:d7:f1:
0b:a2:2e:08:69:65:ad:ff:53:8f:dc:9b:c9:85:e8:
1c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:44:B7:B2:B0:9B:86:93:01:9D:A7:8D:EC:04:88:9A:E0:A4:78:EE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS47436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.74.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:71:3b:e9:1e:3e:c8:4f:d5:cf:ca:84:57:04:c4:09:f4:de:
3e:cb:86:b1:dd:30:ff:32:6c:9c:3c:51:24:0c:c2:fc:4a:01:
b4:e1:e0:ea:79:ad:84:37:12:c4:93:16:f3:b5:3e:5e:94:c8:
57:a3:c3:4e:b7:7c:e0:e9:ba:dc:bb:8e:a9:99:f4:4d:73:38:
c2:ea:fe:e1:32:03:9e:f9:98:2b:02:86:2d:d4:ec:dc:a9:2d:
85:ef:d5:76:de:b4:5d:f9:62:6c:7f:4e:a3:a6:85:1d:7a:aa:
e4:23:87:42:f7:4c:2f:e8:c1:c1:a9:9f:41:f2:32:2a:6a:c1:
3a:6b:50:67:0c:7f:b9:df:43:b8:ef:b8:44:b6:45:9e:c8:2e:
f1:2e:ca:c3:e1:a6:e7:94:74:dc:16:db:53:06:56:51:ba:7c:
c8:23:68:ae:77:90:05:bc:eb:85:cb:a9:4d:ae:e0:a1:85:f7:
43:d1:bb:29:d2:ac:78:96:25:2f:8b:9e:5c:f5:4a:27:53:32:
ce:b4:64:9f:4f:08:9f:5e:ae:f3:4a:40:6a:1a:5e:dc:f7:b8:
e1:ac:20:79:b5:6c:ad:b9:d5:23:05:e2:b7:cb:18:d2:83:ac:
26:8d:3c:00:86:89:f1:fe:fe:cd:20:8c:7b:b7:ea:bf:2f:73:
5e:1e:fb:80
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUT5uSQ48jnkCQf+uCchoAw/DCPfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMDMxNzA5NThaFw0yNjAzMDIxNzE0NThaMDMxMTAvBgNV
BAMTKEYwNDRCN0IyQjA5Qjg2OTMwMTlEQTc4REVDMDQ4ODlBRTBBNDc4RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOKYSyR090ummw5FLGWlKywFiJ
dIyUEOYVbGu+UTE8m8Uvf9CFIZ547pOBZgKiDdcv/t8LJ0ukQ66xAQxd0O7KLhV3
LHDt7YbtDGLLKy7Trdk4reA+bGMrEnU5G0IUTgH92yIP83k4QzaYZZbwlPLfANYW
yzYH8sC63GJKnd/h1DgE59vUNFa1A+TCFwkIB2C8grQtg3maNCzqXdkhGW2JJuQq
HWrHVm6kkiMSIMDtQ57iuf1GiaGFqG0moncQfrnrpH15GVVmQj8pjicuiCpgEuUg
CNUz9xe7w4I7PrN8sJg4oUjRadxPHajoK2HX8QuiLghpZa3/U4/cm8mF6BynAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU8ES3srCbhpMBnaeN7ASImuCkeO4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDc0MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAF/Eow
DQYJKoZIhvcNAQELBQADggEBAA5xO+kePshP1c/KhFcExAn03j7LhrHdMP8ybJw8
USQMwvxKAbTh4Op5rYQ3EsSTFvO1Pl6UyFejw063fODputy7jqmZ9E1zOMLq/uEy
A575mCsChi3U7NypLYXv1XbetF35Ymx/TqOmhR16quQjh0L3TC/owcGpn0HyMipq
wTprUGcMf7nfQ7jvuES2RZ7ILvEuysPhpueUdNwW21MGVlG6fMgjaK53kAW864XL
qU2u4KGF90PRuynSrHiWJS+Lnlz1SidTMs60ZJ9PCJ9ervNKQGoaXtz3uOGsIHm1
bK251SMF4rfLGNKDrCaNPACGifH+/s0gjHu36r8vc14e+4A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:27 2025 by rpki-client