Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214542.roa
File: AS214542.roa (raw, json)
Hash identifier: t3bvUFl4eVRx14aaakqmuQhitgetPi7WXTaUGZcrXhE=
Subject key identifier: 86:A4:85:BF:3F:4A:9C:BD:90:59:C6:82:B9:26:61:E7:02:27:A4:90
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 25907F4F339822058C559D07046F2554885E9B58
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214542.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 214542
IP address blocks: 2a14:7587::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Feb 2025 08:05:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:90:7f:4f:33:98:22:05:8c:55:9d:07:04:6f:25:54:88:5e:9b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=86A485BF3F4A9CBD9059C682B92661E70227A490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f1:8d:c9:fc:3f:9e:c7:9d:f5:97:13:5b:0e:
97:07:9d:71:bd:7a:06:96:01:eb:eb:2f:08:bb:67:
fb:4e:13:f2:17:73:9d:f5:13:53:e4:7e:13:39:91:
01:3a:69:f3:8a:14:62:32:29:d8:59:ff:0f:5d:7f:
c7:39:eb:18:f4:d6:80:a4:99:bf:e2:dd:85:07:3c:
9b:29:72:5c:cf:65:0f:8b:6c:7c:38:36:00:41:87:
35:fb:9d:40:2b:84:61:df:c8:aa:e8:67:c1:81:d5:
6b:2e:b2:cd:3d:37:38:87:e2:9e:39:7b:f6:56:07:
0f:85:37:8a:b8:12:a6:3b:66:8f:a5:3e:95:58:84:
2d:4d:b6:37:b7:39:ce:f7:00:cb:75:6b:50:30:43:
90:b1:a1:95:c4:fb:e3:49:c1:c2:e9:75:93:19:8a:
c6:00:cd:76:89:ec:e1:88:bd:c0:ba:d6:26:c1:72:
60:30:4a:00:0b:8f:7e:64:e4:e8:be:2f:12:1a:fb:
e1:d6:f4:57:16:04:65:b9:cb:b6:8e:33:f5:fe:8c:
d2:e7:68:de:32:60:aa:66:0d:79:6a:8f:72:7c:b8:
1b:1a:c4:9a:b4:e2:8c:5d:54:a5:63:92:a4:2b:d1:
78:17:20:23:ec:70:27:1b:d6:31:2d:64:fe:1a:81:
43:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A4:85:BF:3F:4A:9C:BD:90:59:C6:82:B9:26:61:E7:02:27:A4:90
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214542.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7587::/32
Signature Algorithm: sha256WithRSAEncryption
49:c8:b1:bc:a1:49:6c:60:37:53:74:ba:41:40:32:a7:d9:a8:
18:6d:41:d3:bb:53:fa:95:e6:3b:f1:98:82:5b:67:fb:af:b7:
f4:ca:b5:f5:46:75:85:eb:14:6a:21:76:13:a2:5c:c9:e8:71:
c6:9f:df:ce:7f:e4:2a:a5:e8:2b:1b:95:05:b2:0a:7a:01:ab:
2b:1d:4b:6c:12:51:90:92:00:9a:59:6c:ec:09:f4:9b:8e:ec:
82:fc:8d:a2:7c:8f:ba:c8:07:7e:c2:e1:d8:e4:ce:ce:72:b8:
f4:cc:15:47:ad:7f:22:c1:66:ba:fd:3f:a8:51:04:84:d4:7d:
ed:3f:d4:01:f9:4b:19:03:24:83:1d:66:24:98:16:6e:03:9c:
7b:78:16:72:fa:27:58:46:1a:46:3f:b1:ec:76:5f:99:63:71:
71:75:96:ba:32:18:53:69:a5:68:fa:f9:f4:63:41:5b:cb:80:
b6:4c:32:94:60:d4:58:d3:f1:f4:ad:60:2b:26:66:09:77:90:
6d:31:a9:2f:d8:5f:9e:09:22:2d:89:b3:8b:0b:17:b4:1f:67:
ae:5d:bf:94:4d:06:09:5b:2e:f8:b3:2c:16:3a:d5:d0:ed:92:
43:26:0f:5a:61:15:70:5f:6d:0a:85:9e:58:56:03:c3:d7:08:
eb:fd:1b:ec
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUJZB/TzOYIgWMVZ0HBG8lVIhem1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKDg2QTQ4NUJGM0Y0QTlDQkQ5MDU5QzY4MkI5MjY2MUU3MDIyN0E0OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD8Y3J/D+ex531lxNbDpcHnXG9
egaWAevrLwi7Z/tOE/IXc531E1PkfhM5kQE6afOKFGIyKdhZ/w9df8c56xj01oCk
mb/i3YUHPJspclzPZQ+LbHw4NgBBhzX7nUArhGHfyKroZ8GB1Wsuss09NziH4p45
e/ZWBw+FN4q4EqY7Zo+lPpVYhC1Ntje3Oc73AMt1a1AwQ5CxoZXE++NJwcLpdZMZ
isYAzXaJ7OGIvcC61ibBcmAwSgALj35k5Oi+LxIa++HW9FcWBGW5y7aOM/X+jNLn
aN4yYKpmDXlqj3J8uBsaxJq04oxdVKVjkqQr0XgXICPscCcb1jEtZP4agUOpAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUhqSFvz9KnL2QWcaCuSZh5wInpJAwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NTQyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhR1
hzANBgkqhkiG9w0BAQsFAAOCAQEAScixvKFJbGA3U3S6QUAyp9moGG1B07tT+pXm
O/GYgltn+6+39Mq19UZ1hesUaiF2E6Jcyehxxp/fzn/kKqXoKxuVBbIKegGrKx1L
bBJRkJIAmlls7An0m47sgvyNonyPusgHfsLh2OTOznK49MwVR61/IsFmuv0/qFEE
hNR97T/UAflLGQMkgx1mJJgWbgOce3gWcvonWEYaRj+x7HZfmWNxcXWWujIYU2ml
aPr59GNBW8uAtkwylGDUWNPx9K1gKyZmCXeQbTGpL9hfngkiLYmziwsXtB9nrl2/
lE0GCVsu+LMsFjrV0O2SQyYPWmEVcF9tCoWeWFYDw9cI6/0b7A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:58 2025 by rpki-client