Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: hYXNJ/Jp+pgaLBAukW/qARfhZwl9ntHGTU+tWi7xHXA=
Subject key identifier: CE:17:13:CB:4A:B4:02:7F:17:AB:C9:81:0C:88:02:F7:7C:37:36:C1
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 377E89C4826D79354C2402A880AADD21957AD983
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
Signing time: Sun 11 Aug 2024 20:32:20 +0000
ROA not before: Sun 11 Aug 2024 20:27:20 +0000
ROA not after: Sun 10 Aug 2025 20:32:20 +0000
asID: 21859
IP address blocks: 152.89.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:7e:89:c4:82:6d:79:35:4c:24:02:a8:80:aa:dd:21:95:7a:d9:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Aug 11 20:27:20 2024 GMT
Not After : Aug 10 20:32:20 2025 GMT
Subject: CN=CE1713CB4AB4027F17ABC9810C8802F77C3736C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:69:2e:8a:2f:40:72:10:08:0b:02:44:d2:
ae:61:ab:d8:bf:e9:56:97:46:91:3b:f4:a0:9a:d7:
77:99:e7:5e:59:ed:07:58:14:1c:aa:e1:20:12:db:
b8:7d:52:2b:fb:22:28:f5:10:45:e4:ee:8e:76:fa:
d9:01:9e:bd:38:2b:41:ca:18:7d:43:c3:63:e9:df:
74:37:df:fe:be:2a:20:bf:29:bf:27:a6:fe:1b:bc:
6a:92:18:0e:a3:47:bd:d1:1e:4a:73:7f:c7:2b:bd:
42:f5:35:5b:7d:45:47:52:04:5e:dc:06:b5:ef:7f:
b2:e3:9d:0f:e0:dc:bd:2e:db:be:72:5b:a4:5c:13:
2a:0d:2c:bf:46:e4:87:49:b4:09:b2:43:e1:00:73:
5c:42:bf:e8:b2:87:e9:60:41:07:f2:ff:85:ac:87:
11:11:7a:95:98:db:e8:4f:10:0a:25:d3:81:90:7c:
9b:0e:12:e9:21:9e:8a:4c:fb:29:43:b1:2f:b7:8e:
eb:71:d1:87:18:44:e2:13:1f:ab:a7:9e:21:38:d5:
d1:8c:e6:bc:27:d4:7f:42:40:8e:20:58:fc:7b:a2:
03:b5:9b:12:f4:4d:cb:78:95:b0:9b:69:9a:91:76:
e9:d7:cd:e8:ce:1a:5c:b2:90:54:45:4f:fb:52:b0:
ed:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:17:13:CB:4A:B4:02:7F:17:AB:C9:81:0C:88:02:F7:7C:37:36:C1
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.250.0/24
Signature Algorithm: sha256WithRSAEncryption
28:28:1b:a3:4c:cc:88:39:ad:72:11:28:ad:d0:e2:de:14:68:
1b:11:fb:cb:bc:c8:85:30:c2:13:06:91:0a:06:03:d2:e1:f3:
5f:93:e6:ed:35:dc:66:9c:fe:8f:70:00:f5:ab:d3:90:a2:3f:
35:c7:ef:b0:20:09:73:93:5c:f2:1e:15:06:2b:c3:9e:fb:0d:
95:e0:c0:94:ac:c8:d0:28:86:60:ac:87:a6:7e:1a:83:49:5e:
19:b1:0f:f7:23:c8:89:39:44:1d:06:e1:ea:5f:77:4d:5b:b8:
ad:0a:57:1c:e7:52:eb:44:4f:16:14:12:2b:14:40:50:c2:4d:
6b:e4:b6:76:ef:f1:32:b6:32:a5:ce:bd:18:73:ce:d5:66:ec:
6a:14:a6:24:63:52:18:a6:8d:b6:a9:db:32:0c:20:ac:8c:8b:
2d:ad:32:d8:2d:d9:75:b9:bf:db:aa:0d:17:cc:39:f3:ae:10:
53:99:ee:a0:97:79:ae:3f:67:59:cf:f3:5a:fa:15:15:c8:92:
d5:f6:1b:34:f7:4d:89:5a:23:84:df:21:2c:eb:eb:8a:21:17:
92:0d:5f:6b:89:0c:16:f4:c0:26:d9:9a:a7:16:07:13:ea:44:
35:90:a8:67:58:f8:e8:e0:3f:5c:68:23:92:42:d1:2a:6a:27:
04:2b:f7:49
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUN36JxIJteTVMJAKogKrdIZV62YMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDA4MTEyMDI3MjBaFw0yNTA4MTAyMDMyMjBaMDMxMTAvBgNV
BAMTKENFMTcxM0NCNEFCNDAyN0YxN0FCQzk4MTBDODgwMkY3N0MzNzM2QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJomkuii9AchAICwJE0q5hq9i/
6VaXRpE79KCa13eZ515Z7QdYFByq4SAS27h9Uiv7Iij1EEXk7o52+tkBnr04K0HK
GH1Dw2Pp33Q33/6+KiC/Kb8npv4bvGqSGA6jR73RHkpzf8crvUL1NVt9RUdSBF7c
BrXvf7LjnQ/g3L0u275yW6RcEyoNLL9G5IdJtAmyQ+EAc1xCv+iyh+lgQQfy/4Ws
hxERepWY2+hPEAol04GQfJsOEukhnopM+ylDsS+3jutx0YcYROITH6unniE41dGM
5rwn1H9CQI4gWPx7ogO1mxL0Tct4lbCbaZqRdunXzejOGlyykFRFT/tSsO1pAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUzhcTy0q0An8Xq8mBDIgC93w3NsEwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACYWfow
DQYJKoZIhvcNAQELBQADggEBACgoG6NMzIg5rXIRKK3Q4t4UaBsR+8u8yIUwwhMG
kQoGA9Lh81+T5u013Gac/o9wAPWr05CiPzXH77AgCXOTXPIeFQYrw577DZXgwJSs
yNAohmCsh6Z+GoNJXhmxD/cjyIk5RB0G4epfd01buK0KVxznUutETxYUEisUQFDC
TWvktnbv8TK2MqXOvRhzztVm7GoUpiRjUhimjbap2zIMIKyMiy2tMtgt2XW5v9uq
DRfMOfOuEFOZ7qCXea4/Z1nP81r6FRXIktX2GzT3TYlaI4TfISzr64ohF5INX2uJ
DBb0wCbZmqcWBxPqRDWQqGdY+OjgP1xoI5JC0SpqJwQr90k=
-----END CERTIFICATE-----
Generated at Wed Sep 11 03:34:50 2024 by rpki-client on console-ams.rpki-client.org