Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216324.roa
File: AS216324.roa (raw, json)
Hash identifier: MNvsy6QXX1hdnOruHEdMcSwjdLIOQ0t/MhBWQhT7CuE=
Subject key identifier: A5:5B:56:D3:77:64:E3:13:4E:58:24:24:31:B3:41:55:6F:6B:C8:4E
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2048BEAB82E08A00C00EAD7D5882546B49E8FA47
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216324.roa
Signing time: Fri 23 Aug 2024 08:01:20 +0000
ROA not before: Fri 23 Aug 2024 07:56:20 +0000
ROA not after: Fri 22 Aug 2025 08:01:20 +0000
asID: 216324
IP address blocks: 2a0f:85c1:600::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 17 Sep 2024 04:33:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:48:be:ab:82:e0:8a:00:c0:0e:ad:7d:58:82:54:6b:49:e8:fa:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Aug 23 07:56:20 2024 GMT
Not After : Aug 22 08:01:20 2025 GMT
Subject: CN=A55B56D37764E3134E58242431B341556F6BC84E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:d6:00:a9:20:b7:5b:f9:7d:4f:e5:f1:9f:
8a:44:53:c2:74:cd:3d:6e:1a:17:9e:8b:0e:fa:8e:
c9:50:d6:2b:3a:08:17:9c:f1:42:0b:08:0e:37:0a:
35:45:a2:51:b8:79:fa:89:c3:e7:d4:5a:e4:b4:48:
de:b5:3e:99:eb:d2:0b:65:77:50:12:44:84:38:90:
56:90:7e:eb:0e:be:07:94:dc:4c:52:73:c5:e3:68:
84:5e:eb:0e:03:d8:55:d3:b5:2d:5f:6d:b6:3b:ac:
1a:c3:f4:83:6e:57:c9:3b:bb:00:42:ae:9c:97:cc:
32:56:5f:f2:16:8f:cd:18:24:1e:b5:4b:77:88:9f:
64:3f:1c:7d:ce:8e:51:eb:72:d7:44:88:d7:40:48:
89:da:ed:f4:77:98:31:25:80:a6:d8:e4:31:77:65:
e1:00:93:85:cb:5c:fc:d2:29:f3:28:2f:ac:4c:3e:
bb:95:06:22:08:fb:01:84:5c:44:b9:c4:9e:59:bd:
df:66:28:bd:a6:7d:dd:b8:21:97:fb:57:98:0d:2e:
4c:ce:31:d2:fe:83:be:0b:cb:d2:10:4a:fc:ee:91:
dc:d6:90:0a:4b:1b:78:fd:6f:07:d9:0e:ff:e5:21:
a0:55:b8:71:68:bb:f7:5f:5c:32:dd:1c:a7:5e:21:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5B:56:D3:77:64:E3:13:4E:58:24:24:31:B3:41:55:6F:6B:C8:4E
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216324.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:600::/40
Signature Algorithm: sha256WithRSAEncryption
2b:98:31:e2:bb:58:3d:7d:52:86:3a:f3:71:bd:6d:c1:37:77:
06:4d:03:2c:75:e5:05:aa:3c:c9:26:42:31:12:9d:30:4b:3d:
ba:2b:fd:91:27:12:fa:1b:1e:8a:3d:bc:a6:ed:0a:f2:1e:58:
be:f2:f1:ef:1e:51:53:bd:a2:7f:2e:17:f1:7d:84:1a:f3:78:
7f:09:9c:cc:10:c1:90:3b:77:25:91:47:ef:3d:4d:63:b0:37:
a6:32:e6:82:fa:e8:6c:bd:b2:bd:a6:28:22:46:b5:b3:ce:76:
94:21:98:b5:5e:b5:31:96:7d:93:8a:8d:e7:ae:07:37:ca:ef:
a9:a8:61:5d:c5:51:06:75:ec:6e:35:35:f3:7c:d2:57:e0:10:
87:d6:ba:84:83:4f:7b:d0:b5:88:77:33:6c:07:6b:fa:a6:da:
ed:7c:36:e2:a1:5b:54:14:cd:50:2a:01:11:33:18:f7:6e:85:
be:ff:89:79:a1:e9:30:10:02:be:a0:55:b3:9e:18:ba:c6:13:
21:6c:08:2d:7c:6d:a4:df:90:5d:b1:58:08:c2:04:d3:58:ce:
01:48:d3:15:8b:fb:f9:40:b3:12:54:cb:bd:f4:e3:3c:37:ac:
65:78:52:85:c1:18:4d:73:e3:9c:74:00:66:63:31:a1:27:fe:
08:da:6b:a3
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUIEi+q4LgigDADq19WIJUa0no+kcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDA4MjMwNzU2MjBaFw0yNTA4MjIwODAxMjBaMDMxMTAvBgNV
BAMTKEE1NUI1NkQzNzc2NEUzMTM0RTU4MjQyNDMxQjM0MTU1NkY2QkM4NEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD4dYAqSC3W/l9T+Xxn4pEU8J0
zT1uGheeiw76jslQ1is6CBec8UILCA43CjVFolG4efqJw+fUWuS0SN61Ppnr0gtl
d1ASRIQ4kFaQfusOvgeU3ExSc8XjaIRe6w4D2FXTtS1fbbY7rBrD9INuV8k7uwBC
rpyXzDJWX/IWj80YJB61S3eIn2Q/HH3OjlHrctdEiNdASIna7fR3mDElgKbY5DF3
ZeEAk4XLXPzSKfMoL6xMPruVBiII+wGEXES5xJ5Zvd9mKL2mfd24IZf7V5gNLkzO
MdL+g74Ly9IQSvzukdzWkApLG3j9bwfZDv/lIaBVuHFou/dfXDLdHKdeIYFjAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUpVtW03dk4xNOWCQkMbNBVW9ryE4wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE2MzI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg+F
wQYwDQYJKoZIhvcNAQELBQADggEBACuYMeK7WD19UoY683G9bcE3dwZNAyx15QWq
PMkmQjESnTBLPbor/ZEnEvobHoo9vKbtCvIeWL7y8e8eUVO9on8uF/F9hBrzeH8J
nMwQwZA7dyWRR+89TWOwN6Yy5oL66Gy9sr2mKCJGtbPOdpQhmLVetTGWfZOKjeeu
BzfK76moYV3FUQZ17G41NfN80lfgEIfWuoSDT3vQtYh3M2wHa/qm2u18NuKhW1QU
zVAqAREzGPduhb7/iXmh6TAQAr6gVbOeGLrGEyFsCC18baTfkF2xWAjCBNNYzgFI
0xWL+/lAsxJUy7304zw3rGV4UoXBGE1z45x0AGZjMaEn/gjaa6M=
-----END CERTIFICATE-----
Generated at Tue Sep 17 06:36:03 2024 by rpki-client on console-fra.rpki-client.org