Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS49791.roa
File: AS49791.roa (raw, json)
Hash identifier: Cnr9sqg7F/4Z+1vXwMBKMArEBtbhmLsPgCQfX+EBiX0=
Subject key identifier: 7C:79:4E:D1:92:2C:4D:46:C0:63:97:29:C9:2C:AD:91:E3:4D:A4:F8
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3F5CE90C25B22DDEBF7F38E4EFCDDE82C962CC6C
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS49791.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 49791
IP address blocks: 2a14:7581:300::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 00:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:5c:e9:0c:25:b2:2d:de:bf:7f:38:e4:ef:cd:de:82:c9:62:cc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=7C794ED1922C4D46C0639729C92CAD91E34DA4F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:06:eb:4e:02:d7:64:75:63:0b:c1:77:f3:ee:
72:04:fc:ef:ae:f4:ff:25:99:dd:fa:49:4b:40:ef:
de:bb:3c:f7:a0:7b:28:2d:16:38:c2:f3:3f:23:e4:
1b:c2:95:00:c2:c1:84:96:81:80:5d:f8:a7:c8:4f:
2f:68:ff:a1:2d:82:2b:95:d6:1e:07:39:07:67:a7:
cc:4f:63:87:0c:3c:7a:e0:8c:55:93:d7:38:65:ba:
9a:eb:9d:31:96:91:e7:be:81:db:aa:e6:46:19:91:
64:0a:08:ad:2b:6b:9e:2f:dc:70:aa:1b:01:00:3f:
46:3c:3b:f4:1b:7e:ff:34:60:13:f4:dd:b9:c2:42:
6b:13:2a:ac:c9:74:b6:96:c6:7a:2c:a8:eb:30:27:
45:4c:f8:46:98:ad:2e:b5:bf:74:f7:b2:09:02:f7:
7f:0b:21:c1:f0:7c:74:4e:e6:7c:2a:ea:70:b3:df:
73:11:62:5c:43:9a:b5:b4:a5:d6:9f:42:5e:a0:7d:
1b:cc:68:47:80:e1:ce:4c:da:63:0a:2c:a3:70:b3:
69:ad:85:c3:7e:82:64:2f:8e:8c:c5:14:a7:0e:75:
8e:08:20:ed:f9:99:35:da:cf:53:ba:b4:0c:08:cb:
cd:b7:ef:73:22:d5:07:fe:fa:d8:18:79:b0:0a:46:
8b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:79:4E:D1:92:2C:4D:46:C0:63:97:29:C9:2C:AD:91:E3:4D:A4:F8
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS49791.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:300::/40
Signature Algorithm: sha256WithRSAEncryption
53:b0:5f:ce:f2:62:76:7f:a1:0e:c5:92:96:07:13:19:6e:d6:
6c:4a:12:99:c1:c6:7d:e5:fb:61:ff:55:87:72:73:9a:bb:ed:
ea:12:18:e6:9b:62:56:83:43:a7:71:4d:17:d0:84:cd:ef:67:
91:34:9e:7c:cf:b0:65:77:4e:8f:3c:35:b1:85:7f:8c:c6:3e:
fd:81:d1:e4:8f:ef:c0:aa:5d:6f:08:4c:d0:39:94:07:d6:73:
4e:5d:59:0f:14:84:9d:aa:f3:f5:4d:70:7e:6b:3e:59:63:a8:
f5:17:1f:10:31:59:b6:52:83:26:fb:d5:0e:00:04:71:3a:70:
a4:c7:7d:4d:73:0f:e1:09:e2:6e:35:76:f3:75:02:0b:fc:bd:
a4:e1:9d:0c:98:3d:36:f0:3e:c8:6a:b3:9d:3f:1e:b3:9f:28:
4a:df:43:c4:d2:25:a0:bf:52:26:ea:70:7e:e5:2b:52:41:9c:
6e:4f:92:05:91:01:69:bf:f3:8b:25:ff:5a:84:aa:44:be:58:
3d:a3:58:54:00:93:ca:d4:f4:1f:eb:84:6e:aa:92:03:5d:d6:
85:29:25:7d:38:41:cc:dc:56:6b:d6:31:4f:70:de:b4:c0:89:
f9:7b:41:d0:1a:9c:71:9f:a7:49:64:f7:88:ee:e4:3c:79:5e:
b6:cd:81:0c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUP1zpDCWyLd6/fzjk783egslizGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKDdDNzk0RUQxOTIyQzRENDZDMDYzOTcyOUM5MkNBRDkxRTM0REE0RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtButOAtdkdWMLwXfz7nIE/O+u
9P8lmd36SUtA7967PPegeygtFjjC8z8j5BvClQDCwYSWgYBd+KfITy9o/6EtgiuV
1h4HOQdnp8xPY4cMPHrgjFWT1zhluprrnTGWkee+gduq5kYZkWQKCK0ra54v3HCq
GwEAP0Y8O/Qbfv80YBP03bnCQmsTKqzJdLaWxnosqOswJ0VM+EaYrS61v3T3sgkC
938LIcHwfHRO5nwq6nCz33MRYlxDmrW0pdafQl6gfRvMaEeA4c5M2mMKLKNws2mt
hcN+gmQvjozFFKcOdY4IIO35mTXaz1O6tAwIy82373Mi1Qf++tgYebAKRouDAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUfHlO0ZIsTUbAY5cpySytkeNNpPgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTNDk3OTEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqFHWB
AzANBgkqhkiG9w0BAQsFAAOCAQEAU7BfzvJidn+hDsWSlgcTGW7WbEoSmcHGfeX7
Yf9Vh3Jzmrvt6hIY5ptiVoNDp3FNF9CEze9nkTSefM+wZXdOjzw1sYV/jMY+/YHR
5I/vwKpdbwhM0DmUB9ZzTl1ZDxSEnarz9U1wfms+WWOo9RcfEDFZtlKDJvvVDgAE
cTpwpMd9TXMP4QnibjV283UCC/y9pOGdDJg9NvA+yGqznT8es58oSt9DxNIloL9S
JupwfuUrUkGcbk+SBZEBab/ziyX/WoSqRL5YPaNYVACTytT0H+uEbqqSA13WhSkl
fThBzNxWa9YxT3DetMCJ+XtB0BqccZ+nSWT3iO7kPHlets2BDA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:42:01 2025 by rpki-client