Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS21859.roa
File: AS21859.roa (raw, json)
Hash identifier: /jRpUc35rUhZSfgYsa5C4GnOIni0m7NMKABQmh84h3M=
Subject key identifier: 0B:4A:E4:C6:D7:0C:52:46:7C:67:5B:59:C4:E6:64:1C:FA:BF:B2:1B
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 647E94572080CDED3892AE635EE239178866BC1E
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS21859.roa
Signing time: Thu 22 Feb 2024 00:01:07 +0000
ROA not before: Wed 21 Feb 2024 23:56:07 +0000
ROA not after: Thu 20 Feb 2025 00:01:07 +0000
asID: 21859
IP address blocks: 141.11.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 00:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:7e:94:57:20:80:cd:ed:38:92:ae:63:5e:e2:39:17:88:66:bc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 21 23:56:07 2024 GMT
Not After : Feb 20 00:01:07 2025 GMT
Subject: CN=0B4AE4C6D70C52467C675B59C4E6641CFABFB21B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0c:33:3a:0e:94:89:4b:3b:1a:2d:ef:6f:04:
78:a9:ac:83:09:f9:95:77:e4:96:ec:ab:9f:16:19:
e0:ea:a7:54:dd:92:13:26:61:11:a9:04:9d:7c:f1:
3e:04:02:50:27:a2:de:6c:93:fa:32:35:0c:25:05:
a9:f2:a9:fa:8b:7e:ca:48:97:66:af:1d:6d:82:1b:
b7:a2:59:43:99:b5:65:22:1c:f4:14:3b:62:e8:d6:
69:23:25:e1:c8:9b:05:e7:ab:25:6d:0e:4d:9f:63:
fe:37:15:31:4f:2b:58:be:12:90:b5:05:04:8d:3c:
56:d5:37:06:f1:27:34:34:e7:75:d0:0b:3f:2a:21:
f7:96:24:ff:33:bc:55:2a:72:f6:e2:e7:99:86:f8:
95:0d:d8:b3:59:e4:90:d1:ab:32:3b:97:1c:df:69:
db:eb:da:8c:90:9a:e7:cc:03:55:78:02:a3:4a:b0:
82:99:df:57:69:39:64:d7:1a:51:87:83:e0:f3:26:
04:06:4e:d0:ff:3a:68:da:c5:53:33:22:a5:dc:a8:
ef:2a:c5:4f:c6:84:45:45:db:a2:19:15:da:6c:2d:
14:40:75:6a:41:56:d9:42:8e:cf:3b:bc:43:76:4a:
af:4a:bc:9d:e1:c8:8e:0a:12:a2:f1:d2:e0:d2:02:
d1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4A:E4:C6:D7:0C:52:46:7C:67:5B:59:C4:E6:64:1C:FA:BF:B2:1B
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS21859.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.69.0/24
Signature Algorithm: sha256WithRSAEncryption
02:26:fd:e3:d6:52:89:2d:d6:de:3e:f1:8e:7e:4f:fd:90:82:
e1:bc:d1:a3:fc:1c:fa:83:78:ab:f8:7a:95:d2:23:49:76:1d:
7b:33:6f:01:a9:34:73:d3:df:33:fc:48:6f:e8:a9:d7:55:cf:
c1:ff:7f:2a:b9:4e:09:e7:a6:e5:a2:43:c3:91:cb:5d:69:69:
8b:f2:81:3e:e6:d7:17:a5:4f:38:5a:16:3d:0a:5d:6c:5a:06:
71:92:48:71:02:ca:fe:e1:e8:cd:1a:bf:17:04:7e:45:54:17:
65:75:2c:80:c0:49:f1:fa:8e:4e:42:39:9b:c9:54:b0:38:2f:
16:cd:ec:8c:89:ba:c4:38:f3:82:0e:70:97:70:39:2c:19:d5:
5c:46:19:c0:6d:9f:1d:fb:0a:46:0b:79:f2:40:8e:ff:79:c2:
3a:9b:70:d0:5a:c0:e7:14:88:cf:ad:94:f8:c2:ea:8f:2b:bb:
91:3b:f5:4b:56:ea:44:9f:c1:17:dd:25:a2:65:01:72:03:26:
70:83:e5:55:4d:f3:bd:b9:52:02:ed:67:3c:9e:12:4c:d4:5e:
be:ef:55:55:ff:a7:01:d0:0f:e2:a5:27:d2:7b:f7:4d:69:f9:
da:6a:7b:82:b0:8f:14:c4:13:9d:62:a4:06:cb:be:15:4f:88:
75:93:42:65
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUZH6UVyCAze04kq5jXuI5F4hmvB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDAyMjEyMzU2MDdaFw0yNTAyMjAwMDAxMDdaMDMxMTAvBgNV
BAMTKDBCNEFFNEM2RDcwQzUyNDY3QzY3NUI1OUM0RTY2NDFDRkFCRkIyMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFDDM6DpSJSzsaLe9vBHiprIMJ
+ZV35Jbsq58WGeDqp1TdkhMmYRGpBJ188T4EAlAnot5sk/oyNQwlBanyqfqLfspI
l2avHW2CG7eiWUOZtWUiHPQUO2Lo1mkjJeHImwXnqyVtDk2fY/43FTFPK1i+EpC1
BQSNPFbVNwbxJzQ053XQCz8qIfeWJP8zvFUqcvbi55mG+JUN2LNZ5JDRqzI7lxzf
advr2oyQmufMA1V4AqNKsIKZ31dpOWTXGlGHg+DzJgQGTtD/OmjaxVMzIqXcqO8q
xU/GhEVF26IZFdpsLRRAdWpBVtlCjs87vEN2Sq9KvJ3hyI4KEqLx0uDSAtHnAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUC0rkxtcMUkZ8Z1tZxOZkHPq/shswHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC0Uw
DQYJKoZIhvcNAQELBQADggEBAAIm/ePWUokt1t4+8Y5+T/2QguG80aP8HPqDeKv4
epXSI0l2HXszbwGpNHPT3zP8SG/oqddVz8H/fyq5TgnnpuWiQ8ORy11paYvygT7m
1xelTzhaFj0KXWxaBnGSSHECyv7h6M0avxcEfkVUF2V1LIDASfH6jk5COZvJVLA4
LxbN7IyJusQ484IOcJdwOSwZ1VxGGcBtnx37CkYLefJAjv95wjqbcNBawOcUiM+t
lPjC6o8ru5E79UtW6kSfwRfdJaJlAXIDJnCD5VVN8725UgLtZzyeEkzUXr7vVVX/
pwHQD+KlJ9J7901p+dpqe4KwjxTEE51ipAbLvhVPiHWTQmU=
-----END CERTIFICATE-----
Generated at Thu Feb 29 01:11:18 2024 by rpki-client on console-fra.rpki-client.org