Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: sUjLqEsd9wYF8yWSjLNBnoL1SWaDZFVcytC4rDNtYBQ=
Subject key identifier: EE:15:6C:DE:86:B4:80:6A:0A:6D:EA:E9:34:69:55:4A:E3:8C:92:52
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 5BEDDCE7F86F42EF5B7A818188AE915C7C943384
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39521.roa
Signing time: Fri 17 May 2024 16:20:04 +0000
ROA not before: Fri 17 May 2024 16:15:04 +0000
ROA not after: Fri 16 May 2025 16:20:04 +0000
asID: 39521
IP address blocks: 141.11.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 17 Aug 2024 22:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:ed:dc:e7:f8:6f:42:ef:5b:7a:81:81:88:ae:91:5c:7c:94:33:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 17 16:15:04 2024 GMT
Not After : May 16 16:20:04 2025 GMT
Subject: CN=EE156CDE86B4806A0A6DEAE93469554AE38C9252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:28:c2:7b:bf:b8:cc:41:64:b3:f9:82:bf:bb:
d3:55:0e:13:24:83:2a:e5:39:7b:fc:2f:2e:0c:3d:
2c:54:55:2d:5a:54:7c:cb:b9:c8:3a:09:09:12:f8:
4b:b1:02:90:1a:ba:01:19:44:38:15:f6:14:f7:93:
c7:37:95:c8:0f:59:e7:1a:f7:6d:2b:9b:b6:7c:ca:
d9:21:fd:b9:59:9c:42:2e:50:20:72:98:4c:78:5b:
a8:74:36:be:05:50:72:03:88:15:1a:b8:02:21:17:
8a:2d:84:df:0a:64:d3:04:a5:0a:ed:60:48:e2:12:
9c:e0:c9:e4:18:b4:7c:d7:a0:bf:00:c3:cf:2a:3a:
24:0c:a1:db:92:a6:f5:98:dd:de:14:8f:12:29:7c:
a5:56:17:f2:7f:7b:bd:d3:f3:52:b4:48:57:17:d3:
54:67:92:01:30:49:85:fb:98:67:22:a9:c8:34:c5:
23:3a:00:56:7a:db:a3:45:ce:13:c1:77:47:83:1f:
2b:ce:8a:43:61:db:4e:b7:d9:04:55:23:28:0c:87:
79:b8:ab:93:f0:f2:5c:74:1b:c6:6d:52:f9:b6:0a:
cb:8f:74:9c:13:88:84:d3:a9:f1:05:b6:86:6e:e7:
57:c1:ed:40:d3:eb:d9:72:9c:90:1e:8b:63:70:73:
ae:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:15:6C:DE:86:B4:80:6A:0A:6D:EA:E9:34:69:55:4A:E3:8C:92:52
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.253.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4b:de:3e:69:0a:72:24:08:06:e7:47:2f:60:e1:17:96:55:
0f:c4:db:ce:ae:03:1a:99:61:06:0e:06:4c:69:13:fb:3b:ad:
5d:b8:76:c8:99:49:ff:4f:06:e4:21:ac:fe:c5:ca:15:70:35:
3a:c6:54:35:9a:8a:c7:81:96:44:2a:2d:0b:cd:cc:f5:49:d3:
3e:96:bc:ee:51:6d:fb:fa:ad:1b:77:c2:75:35:10:37:3f:4e:
c2:c6:07:0e:27:c7:89:ba:6a:fd:36:b0:11:3a:6d:8c:25:ca:
5c:45:2d:61:37:8f:9b:4a:24:88:d5:fa:97:db:e0:ea:6b:de:
5f:dd:66:19:85:83:eb:40:96:eb:33:05:c2:d8:df:b8:dc:1a:
53:8d:89:8c:b1:04:e5:4c:d6:4c:04:5a:2c:63:c9:07:71:c8:
99:16:14:39:bb:d2:22:e7:46:07:0a:c5:82:25:47:46:48:da:
e1:7f:ed:70:d1:97:bb:55:95:df:44:ba:8c:e2:9a:75:37:cc:
3d:85:bd:1e:f3:e6:e8:8a:d5:94:bd:65:71:87:11:32:7c:29:
6b:b3:1a:e3:c5:d4:da:c0:62:e9:9f:47:92:ca:bf:1b:fc:8b:
d1:bb:11:5d:7a:86:11:59:61:71:94:81:83:09:b9:44:59:3c:
38:42:b9:4a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUW+3c5/hvQu9beoGBiK6RXHyUM4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MTcxNjE1MDRaFw0yNTA1MTYxNjIwMDRaMDMxMTAvBgNV
BAMTKEVFMTU2Q0RFODZCNDgwNkEwQTZERUFFOTM0Njk1NTRBRTM4QzkyNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtKMJ7v7jMQWSz+YK/u9NVDhMk
gyrlOXv8Ly4MPSxUVS1aVHzLucg6CQkS+EuxApAaugEZRDgV9hT3k8c3lcgPWeca
920rm7Z8ytkh/blZnEIuUCBymEx4W6h0Nr4FUHIDiBUauAIhF4othN8KZNMEpQrt
YEjiEpzgyeQYtHzXoL8Aw88qOiQModuSpvWY3d4UjxIpfKVWF/J/e73T81K0SFcX
01RnkgEwSYX7mGciqcg0xSM6AFZ626NFzhPBd0eDHyvOikNh20632QRVIygMh3m4
q5Pw8lx0G8ZtUvm2CsuPdJwTiITTqfEFtoZu51fB7UDT69lynJAei2Nwc645AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU7hVs3oa0gGoKberpNGlVSuOMklIwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACNC/0w
DQYJKoZIhvcNAQELBQADggEBABlL3j5pCnIkCAbnRy9g4ReWVQ/E286uAxqZYQYO
BkxpE/s7rV24dsiZSf9PBuQhrP7FyhVwNTrGVDWaiseBlkQqLQvNzPVJ0z6WvO5R
bfv6rRt3wnU1EDc/TsLGBw4nx4m6av02sBE6bYwlylxFLWE3j5tKJIjV+pfb4Opr
3l/dZhmFg+tAluszBcLY37jcGlONiYyxBOVM1kwEWixjyQdxyJkWFDm70iLnRgcK
xYIlR0ZI2uF/7XDRl7tVld9EuozimnU3zD2FvR7z5uiK1ZS9ZXGHETJ8KWuzGuPF
1NrAYumfR5LKvxv8i9G7EV16hhFZYXGUgYMJuURZPDhCuUo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:49:09 2025 by rpki-client