Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS43289.roa
File: AS43289.roa (raw, json)
Hash identifier: kChslFqvirEauYy4zEyosprqgFuA0kld51hYLEyLdJo=
Subject key identifier: 4C:C9:BD:41:8E:3B:E7:98:A3:07:FB:0F:DC:18:FD:BC:D7:A8:82:2F
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 3F9FFDFC153CC09EC9B1B9AB8A24D01757C808F7
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS43289.roa
Signing time: Tue 05 Dec 2023 03:23:20 +0000
ROA not before: Tue 05 Dec 2023 03:18:20 +0000
ROA not after: Tue 03 Dec 2024 03:23:20 +0000
asID: 43289
IP address blocks: 45.158.171.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:9f:fd:fc:15:3c:c0:9e:c9:b1:b9:ab:8a:24:d0:17:57:c8:08:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Dec 5 03:18:20 2023 GMT
Not After : Dec 3 03:23:20 2024 GMT
Subject: CN=4CC9BD418E3BE798A307FB0FDC18FDBCD7A8822F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:db:6d:d7:ef:e0:88:35:86:c1:22:18:0d:b2:
22:92:9d:4a:93:7a:68:25:cb:13:e8:a7:02:c7:b3:
8d:8e:36:be:01:30:a2:d6:e9:7e:7a:d7:f5:65:1a:
15:5d:7f:70:82:f3:cf:1a:15:26:be:de:50:3f:1a:
d9:5c:57:45:46:94:71:e3:cf:a2:ec:48:4e:b9:d7:
90:f7:b7:1f:db:b8:28:47:33:13:5f:fa:95:0e:cb:
cd:f7:fb:37:8b:a2:ba:25:d9:54:7f:0e:16:56:da:
3b:f2:00:7d:bd:27:9e:7c:78:fa:39:71:89:e9:6e:
d3:dc:fd:cc:43:80:30:09:8c:69:df:b3:16:0c:79:
f0:60:9a:93:32:d8:d3:f7:d0:88:63:90:c2:1b:d8:
d7:e1:7e:09:7c:bd:d9:b2:ec:bf:36:74:17:9f:91:
bd:3e:28:de:e4:4b:dd:ab:f6:b2:7d:7f:44:c7:ea:
2d:6e:b1:7f:d2:c7:00:66:6f:17:44:6d:fa:63:f5:
35:04:2d:b4:67:d9:52:36:d4:54:0d:7d:1d:9b:73:
c2:53:10:d8:21:b3:4a:05:29:fa:5f:f9:61:4c:8c:
6c:8c:80:5a:60:ad:bc:28:97:c0:84:f5:f7:b2:ca:
1a:43:ca:ab:b3:b9:32:da:ac:39:c1:51:e1:d4:c7:
ca:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C9:BD:41:8E:3B:E7:98:A3:07:FB:0F:DC:18:FD:BC:D7:A8:82:2F
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS43289.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:00:08:59:67:63:ae:f0:18:0b:2b:69:2c:85:dc:22:c0:34:
9a:a9:f7:3d:ff:d4:11:34:66:78:0d:79:c5:05:24:0c:dd:3e:
ad:a9:73:a5:a5:38:b2:86:68:ee:42:cc:6a:04:c0:0d:b4:b1:
7d:0a:48:95:4d:91:91:81:45:b8:e0:d0:83:c4:e9:53:84:c1:
3b:79:20:03:58:28:84:60:55:03:2b:1f:63:4f:44:d3:f2:00:
1e:29:1f:4b:18:5e:9d:42:60:41:64:c3:be:c7:57:bc:46:5e:
73:01:5a:d2:60:a4:3a:77:80:a4:2e:b2:c8:9a:a6:1b:e0:0f:
38:d3:77:ca:fa:52:68:77:27:86:14:30:28:02:db:41:8e:9d:
3e:da:a5:a1:1d:42:ab:8d:ff:97:89:cc:32:80:91:01:b2:3e:
2d:f1:6f:93:98:1f:16:5b:85:a5:59:a6:58:84:fb:74:11:6d:
44:07:05:d6:d4:20:02:7c:16:9e:a3:48:60:13:2e:43:0c:ca:
fe:02:ff:4b:60:71:7d:eb:6b:b4:d0:16:e7:f6:f6:b7:ab:2d:
d1:ce:d4:84:50:95:1d:0d:b2:9a:fe:78:5b:87:c2:05:d5:08:
48:b8:0a:f2:50:4d:bc:42:91:9f:b4:0f:54:2d:37:95:79:13:
7a:e3:04:db
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUP5/9/BU8wJ7JsbmriiTQF1fICPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yMzEyMDUwMzE4MjBaFw0yNDEyMDMwMzIzMjBaMDMxMTAvBgNV
BAMTKDRDQzlCRDQxOEUzQkU3OThBMzA3RkIwRkRDMThGREJDRDdBODgyMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7223X7+CINYbBIhgNsiKSnUqT
emglyxPopwLHs42ONr4BMKLW6X561/VlGhVdf3CC888aFSa+3lA/GtlcV0VGlHHj
z6LsSE6515D3tx/buChHMxNf+pUOy833+zeLorol2VR/DhZW2jvyAH29J558ePo5
cYnpbtPc/cxDgDAJjGnfsxYMefBgmpMy2NP30IhjkMIb2Nfhfgl8vdmy7L82dBef
kb0+KN7kS92r9rJ9f0TH6i1usX/SxwBmbxdEbfpj9TUELbRn2VI21FQNfR2bc8JT
ENghs0oFKfpf+WFMjGyMgFpgrbwol8CE9feyyhpDyquzuTLarDnBUeHUx8olAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUTMm9QY4755ijB/sP3Bj9vNeogi8wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTNDMyODkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtnqsw
DQYJKoZIhvcNAQELBQADggEBALEACFlnY67wGAsraSyF3CLANJqp9z3/1BE0ZngN
ecUFJAzdPq2pc6WlOLKGaO5CzGoEwA20sX0KSJVNkZGBRbjg0IPE6VOEwTt5IANY
KIRgVQMrH2NPRNPyAB4pH0sYXp1CYEFkw77HV7xGXnMBWtJgpDp3gKQussiaphvg
DzjTd8r6Umh3J4YUMCgC20GOnT7apaEdQquN/5eJzDKAkQGyPi3xb5OYHxZbhaVZ
pliE+3QRbUQHBdbUIAJ8Fp6jSGATLkMMyv4C/0tgcX3ra7TQFuf29rerLdHO1IRQ
lR0Nspr+eFuHwgXVCEi4CvJQTbxCkZ+0D1QtN5V5E3rjBNs=
-----END CERTIFICATE-----
Generated at Fri Jan 5 03:10:52 2024 by rpki-client on console-ams.rpki-client.org