Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: f/C5xbV3kUFxCh6vNLT/kn5Wsrpz76eGsZpnR9y+FPY=
Subject key identifier: CC:D3:D4:C8:02:15:85:72:0E:16:8F:00:11:D0:B4:5A:9E:C1:F2:27
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 224356A7A551338164218D113654C9BBB04D23FD
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39521.roa
Signing time: Mon 31 Jul 2023 23:33:43 +0000
ROA not before: Mon 31 Jul 2023 23:28:43 +0000
ROA not after: Mon 29 Jul 2024 23:33:43 +0000
asID: 39521
IP address blocks: 141.11.152.0/23 maxlen: 24
141.11.154.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:43:56:a7:a5:51:33:81:64:21:8d:11:36:54:c9:bb:b0:4d:23:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jul 31 23:28:43 2023 GMT
Not After : Jul 29 23:33:43 2024 GMT
Subject: CN=CCD3D4C8021585720E168F0011D0B45A9EC1F227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:67:e7:4b:f4:ab:a8:1d:e4:41:f5:91:b1:
c0:9c:70:6c:7c:80:22:fe:3d:de:2a:62:93:f4:14:
2c:b2:a5:78:82:70:30:b6:09:f0:4f:5b:a8:f3:5c:
14:55:04:36:f2:36:17:59:c3:3b:06:f2:a6:6b:aa:
02:b2:18:46:b5:82:25:50:63:52:ea:3e:9c:28:fb:
f7:1b:85:25:5a:46:9b:07:3a:fb:56:c0:be:9d:27:
4e:1d:0c:81:10:25:6d:38:60:66:0d:a1:2d:ab:b8:
e2:cf:20:73:37:1e:f4:31:49:29:26:98:63:87:37:
99:09:ff:b8:3b:ee:1e:aa:00:ea:c7:4a:78:33:0c:
b7:ff:23:ef:32:40:42:1b:a1:f9:5f:3d:16:87:b2:
79:a1:50:0f:15:ae:d6:94:36:61:da:78:95:1e:c5:
9f:4a:58:8a:85:cb:23:f1:4b:87:5f:48:de:2a:9c:
93:38:da:3b:ac:1c:59:0f:c2:8a:e1:f6:cf:62:8b:
3d:a5:17:b8:5f:09:16:2a:2c:b7:9f:f3:08:45:29:
a3:29:3d:2f:e7:58:58:19:ee:1a:b8:76:e3:1c:64:
c4:13:77:96:0c:b7:f5:a1:82:a2:53:97:7c:2e:25:
92:6c:b0:6b:4b:6c:2c:5c:e4:8e:17:93:fd:bd:c7:
21:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D3:D4:C8:02:15:85:72:0E:16:8F:00:11:D0:B4:5A:9E:C1:F2:27
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.152.0/22
Signature Algorithm: sha256WithRSAEncryption
27:62:80:d9:b2:78:f6:22:3a:ab:7b:4f:97:b1:61:5c:59:b6:
f9:8b:96:26:d9:98:7c:a9:d0:29:5e:06:32:04:1e:89:c1:20:
47:2d:4e:79:de:0a:32:95:1d:47:29:98:84:61:6d:a0:14:b6:
68:83:73:34:94:df:75:a3:17:ae:79:71:51:98:69:11:bc:5b:
2d:e9:b3:93:fb:70:01:21:a8:fe:40:f1:27:ff:b3:47:50:b7:
a8:3c:66:80:25:9b:39:d6:da:18:3b:30:78:c1:05:55:8b:8f:
ef:90:f4:b9:72:1d:92:74:34:c9:90:a8:d2:27:96:0f:1b:89:
dc:d9:40:98:3b:12:57:91:ac:15:2a:06:71:af:f3:e1:ad:b0:
46:ec:48:28:af:8e:0d:bf:42:ac:eb:b8:65:7b:14:b7:45:79:
fc:a0:83:e1:82:92:63:f1:21:9b:9c:48:4f:8d:03:73:d2:d6:
b9:6b:3f:4a:27:c0:03:6e:cd:51:20:c6:e3:07:f4:71:61:7a:
bc:01:ba:c5:14:dd:ca:56:68:77:7b:4e:31:d8:42:5e:b0:de:
c8:89:df:a2:65:8e:70:48:cc:2d:a2:d1:c3:8e:78:ec:42:42:
03:11:50:54:cd:a9:90:5c:8e:ca:95:e5:1d:18:1f:22:1d:6c:
eb:c2:d5:30
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUIkNWp6VRM4FkIY0RNlTJu7BNI/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yMzA3MzEyMzI4NDNaFw0yNDA3MjkyMzMzNDNaMDMxMTAvBgNV
BAMTKENDRDNENEM4MDIxNTg1NzIwRTE2OEYwMDExRDBCNDVBOUVDMUYyMjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC402fnS/SrqB3kQfWRscCccGx8
gCL+Pd4qYpP0FCyypXiCcDC2CfBPW6jzXBRVBDbyNhdZwzsG8qZrqgKyGEa1giVQ
Y1LqPpwo+/cbhSVaRpsHOvtWwL6dJ04dDIEQJW04YGYNoS2ruOLPIHM3HvQxSSkm
mGOHN5kJ/7g77h6qAOrHSngzDLf/I+8yQEIboflfPRaHsnmhUA8VrtaUNmHaeJUe
xZ9KWIqFyyPxS4dfSN4qnJM42jusHFkPworh9s9iiz2lF7hfCRYqLLef8whFKaMp
PS/nWFgZ7hq4duMcZMQTd5YMt/WhgqJTl3wuJZJssGtLbCxc5I4Xk/29xyEvAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUzNPUyAIVhXIOFo8AEdC0Wp7B8icwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKNC5gw
DQYJKoZIhvcNAQELBQADggEBACdigNmyePYiOqt7T5exYVxZtvmLlibZmHyp0Cle
BjIEHonBIEctTnneCjKVHUcpmIRhbaAUtmiDczSU33WjF655cVGYaRG8Wy3ps5P7
cAEhqP5A8Sf/s0dQt6g8ZoAlmznW2hg7MHjBBVWLj++Q9LlyHZJ0NMmQqNInlg8b
idzZQJg7EleRrBUqBnGv8+GtsEbsSCivjg2/QqzruGV7FLdFefygg+GCkmPxIZuc
SE+NA3PS1rlrP0onwANuzVEgxuMH9HFherwBusUU3cpWaHd7TjHYQl6w3siJ36Jl
jnBIzC2i0cOOeOxCQgMRUFTNqZBcjsqV5R0YHyIdbOvC1TA=
Generated at Thu Sep 14 09:37:50 2023 by rpki-client on console-ams.rpki-client.org