Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400395.roa
File: AS400395.roa (raw, json)
Hash identifier: vzgvrMXzWNsTJf6WZk0G8iX9IvaMqaIWH5kb49hDLc4=
Subject key identifier: 1B:B4:F3:DA:50:8E:B9:DA:E4:CE:2C:FE:58:6C:56:93:CF:9E:0F:0F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 08A74D4F1529C46DEAF1E80B883C17CDF9797414
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400395.roa
Signing time: Sun 26 May 2024 03:52:07 +0000
ROA not before: Sun 26 May 2024 03:47:07 +0000
ROA not after: Sun 25 May 2025 03:52:07 +0000
asID: 400395
IP address blocks: 141.11.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Jul 2024 00:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a7:4d:4f:15:29:c4:6d:ea:f1:e8:0b:88:3c:17:cd:f9:79:74:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: May 26 03:47:07 2024 GMT
Not After : May 25 03:52:07 2025 GMT
Subject: CN=1BB4F3DA508EB9DAE4CE2CFE586C5693CF9E0F0F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e0:d0:fc:e8:d3:d0:3d:e8:5b:f1:ca:1f:c4:
c2:22:74:d1:90:e2:fa:d8:83:7f:7e:fc:12:7d:07:
c0:e3:c5:86:15:ff:4d:1d:e8:7c:00:74:68:8b:9e:
4f:d0:d8:f7:e7:e8:0b:de:88:b7:16:0a:3e:12:17:
85:5a:30:26:83:c2:08:0d:72:d2:73:bb:04:55:ba:
e4:ec:11:95:2c:11:c9:5d:9b:09:1e:87:4d:2c:34:
5c:44:d3:85:6a:f7:4e:68:11:7f:bd:35:45:a2:2d:
04:a0:b8:65:6b:5c:e8:19:e4:87:12:d3:14:84:20:
f6:ec:82:a0:d4:7e:d3:13:0c:ef:62:dc:85:39:59:
49:79:20:b8:41:21:b4:7c:d2:ef:d9:d3:55:90:0a:
a9:c6:16:d2:c7:0b:dc:36:99:17:f7:4d:44:57:a5:
77:9b:20:ce:48:f2:6e:86:f5:38:f5:99:bc:37:cd:
07:ab:69:27:7d:a6:34:b7:ce:78:1c:e5:73:52:54:
f6:83:96:38:71:0d:13:ad:5d:9a:fd:89:06:17:80:
cf:f5:23:44:1e:66:4d:20:c9:c6:ab:90:42:5f:62:
6c:d9:37:61:53:70:5b:fd:94:30:8d:a5:5a:04:ae:
a7:e8:e2:c2:46:d4:a8:a9:75:bc:b0:9b:55:76:90:
fb:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B4:F3:DA:50:8E:B9:DA:E4:CE:2C:FE:58:6C:56:93:CF:9E:0F:0F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS400395.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.240.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ce:58:f1:b4:d0:69:2c:5e:0f:c5:8b:ea:da:fd:63:db:83:
28:62:80:ff:20:f5:83:05:77:4b:24:5c:97:2f:01:69:11:83:
c6:4b:39:48:6b:48:c1:6d:a6:15:a9:99:a4:32:c5:c7:6e:98:
ff:a8:8f:11:d5:e8:bb:a1:0b:c5:cc:88:e5:47:cf:1b:88:01:
59:52:74:46:af:2a:40:1c:11:b5:45:3f:34:01:1f:5c:70:dd:
c7:ec:20:35:14:c3:98:61:46:64:3e:84:07:9e:b0:5d:98:bf:
a4:5b:9a:e9:e9:8a:76:9d:26:8b:43:e5:d6:cd:14:af:06:be:
40:de:eb:46:89:98:f7:33:0e:da:d9:8a:7a:d4:87:bc:d3:ad:
16:0c:db:d4:55:c5:c5:9a:22:ee:ca:83:7c:fe:75:19:bc:53:
4f:af:2a:58:91:fd:65:1c:da:7e:1d:86:d6:2d:f4:29:17:b5:
db:3d:dd:0e:86:b4:8d:a0:3a:40:1d:d1:5e:a5:3b:96:72:86:
64:1f:fe:dc:ec:e3:b3:3e:18:4b:74:3c:0b:26:c3:67:af:b6:
d5:f8:d4:e4:2a:70:00:f8:b2:94:b3:06:b5:38:c4:8f:7e:82:
a9:a5:17:9d:8f:da:ad:1c:12:f2:41:97:34:74:ea:bc:7c:9e:
ed:57:93:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUCKdNTxUpxG3q8egLiDwXzfl5dBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDA1MjYwMzQ3MDdaFw0yNTA1MjUwMzUyMDdaMDMxMTAvBgNV
BAMTKDFCQjRGM0RBNTA4RUI5REFFNENFMkNGRTU4NkM1NjkzQ0Y5RTBGMEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4ND86NPQPehb8cofxMIidNGQ
4vrYg39+/BJ9B8DjxYYV/00d6HwAdGiLnk/Q2Pfn6AveiLcWCj4SF4VaMCaDwggN
ctJzuwRVuuTsEZUsEcldmwkeh00sNFxE04Vq905oEX+9NUWiLQSguGVrXOgZ5IcS
0xSEIPbsgqDUftMTDO9i3IU5WUl5ILhBIbR80u/Z01WQCqnGFtLHC9w2mRf3TURX
pXebIM5I8m6G9Tj1mbw3zQeraSd9pjS3zngc5XNSVPaDljhxDROtXZr9iQYXgM/1
I0QeZk0gycarkEJfYmzZN2FTcFv9lDCNpVoErqfo4sJG1Kipdbywm1V2kPtJAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUG7Tz2lCOudrkziz+WGxWk8+eDw8wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDAwMzk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjQvw
MA0GCSqGSIb3DQEBCwUAA4IBAQCbzljxtNBpLF4PxYvq2v1j24MoYoD/IPWDBXdL
JFyXLwFpEYPGSzlIa0jBbaYVqZmkMsXHbpj/qI8R1ei7oQvFzIjlR88biAFZUnRG
rypAHBG1RT80AR9ccN3H7CA1FMOYYUZkPoQHnrBdmL+kW5rp6Yp2nSaLQ+XWzRSv
Br5A3utGiZj3Mw7a2Yp61Ie8060WDNvUVcXFmiLuyoN8/nUZvFNPrypYkf1lHNp+
HYbWLfQpF7XbPd0OhrSNoDpAHdFepTuWcoZkH/7c7OOzPhhLdDwLJsNnr7bV+NTk
KnAA+LKUswa1OMSPfoKppRedj9qtHBLyQZc0dOq8fJ7tV5PZ
Generated at Fri Jul 26 02:41:13 2024 by rpki-client on console-ams.rpki-client.org