Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40065.roa
File: AS40065.roa (raw, json)
Hash identifier: MQ46551U5HrAHPKOLm3VxFcO7fczWD3TcGMJEoYTjkU=
Subject key identifier: 15:A0:A7:A9:7F:F7:BB:12:9F:3B:35:32:99:5B:A6:8A:51:CD:95:AB
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 329A62C5367F97F64DAA1485F2C6A775108B94C0
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40065.roa
Signing time: Tue 29 Oct 2024 15:43:26 +0000
ROA not before: Tue 29 Oct 2024 15:38:26 +0000
ROA not after: Tue 28 Oct 2025 15:43:26 +0000
asID: 40065
IP address blocks: 141.11.97.0/24 maxlen: 24
141.11.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 11:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:9a:62:c5:36:7f:97:f6:4d:aa:14:85:f2:c6:a7:75:10:8b:94:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Oct 29 15:38:26 2024 GMT
Not After : Oct 28 15:43:26 2025 GMT
Subject: CN=15A0A7A97FF7BB129F3B3532995BA68A51CD95AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:37:73:a7:3d:57:57:8b:95:6f:a9:16:ca:
3b:f5:cd:19:e8:90:64:10:10:f7:4b:e1:96:b4:66:
15:8c:fb:48:cc:e0:e5:9e:f0:b0:70:60:93:21:e6:
01:da:a5:3c:6c:05:15:56:dd:29:8b:1e:74:50:dd:
54:ed:3b:bb:2a:5f:b7:4e:f9:16:3d:9c:48:e6:eb:
1c:ab:c6:39:ae:20:75:73:a8:08:af:14:ca:79:55:
8c:4c:d8:be:13:a0:0e:8e:93:3e:c4:46:1b:1e:ac:
7e:59:de:e3:4d:b3:7c:91:c6:ca:a1:16:65:2c:e7:
38:1b:f7:be:6c:18:84:12:7f:4c:6f:da:66:7d:47:
63:a5:88:fd:5b:50:ab:9f:fc:e5:bd:6d:8e:66:f1:
66:de:3c:d8:e1:ce:aa:7b:ac:29:fa:f9:00:17:2e:
71:30:88:de:05:63:7f:dc:6a:cb:1f:ff:a9:ae:cc:
54:f9:37:7c:cc:c6:78:b8:bd:0c:bf:01:a8:12:89:
86:8e:1d:70:99:82:98:a4:1b:2a:79:c4:76:d8:79:
83:7f:b3:88:b1:c4:d1:d3:fa:04:ed:03:50:cd:31:
77:e2:ab:1e:38:1a:29:9e:8c:b3:fb:a4:2d:d5:ca:
b6:31:49:d0:56:c8:3c:62:f5:5d:0a:d8:89:7a:0a:
6b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A0:A7:A9:7F:F7:BB:12:9F:3B:35:32:99:5B:A6:8A:51:CD:95:AB
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS40065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.97.0/24
141.11.108.0/24
Signature Algorithm: sha256WithRSAEncryption
26:22:58:92:20:5e:cc:65:f3:70:cd:03:bf:2c:d8:5d:0f:da:
3a:15:84:db:1b:a3:b4:d5:51:71:c8:c1:ed:32:cf:bf:4f:95:
97:27:5e:f4:2d:aa:03:c1:a8:6c:02:a1:2d:42:be:1e:a3:5d:
8c:7d:d0:93:0d:71:d1:1b:7f:13:d4:ab:d9:12:35:f5:52:37:
c3:8c:97:5d:9a:d0:77:02:52:73:c9:c9:bb:08:89:65:7e:48:
72:61:21:4e:21:d0:f8:87:15:ce:b6:63:7d:53:7f:bc:d4:be:
3d:74:0b:68:a4:c0:67:a4:bf:af:0d:70:d4:e4:7d:45:e1:0f:
cf:12:b8:cb:ec:98:60:ef:01:6a:46:5c:07:db:b3:62:c2:89:
0d:49:e9:c5:8c:ad:4c:ac:02:42:50:c0:ec:66:13:15:26:c6:
20:ef:fb:d0:75:80:8e:2a:cf:ea:0c:5c:ca:f7:8e:1d:c2:53:
65:7a:3d:68:23:09:22:0b:0b:ed:d1:b5:b7:bc:54:02:c6:66:
09:77:e3:ba:13:78:2f:b9:52:f9:7c:64:5a:bb:60:f1:d1:cc:
8a:c5:5d:ed:3f:81:af:d9:9d:c3:5e:00:83:a5:34:42:c9:b1:
a1:54:b4:6e:a4:38:5e:47:98:a5:62:8a:eb:93:51:32:d8:ff:
27:04:3b:f2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUMppixTZ/l/ZNqhSF8sandRCLlMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEwMjkxNTM4MjZaFw0yNTEwMjgxNTQzMjZaMDMxMTAvBgNV
BAMTKDE1QTBBN0E5N0ZGN0JCMTI5RjNCMzUzMjk5NUJBNjhBNTFDRDk1QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkRDdzpz1XV4uVb6kWyjv1zRno
kGQQEPdL4Za0ZhWM+0jM4OWe8LBwYJMh5gHapTxsBRVW3SmLHnRQ3VTtO7sqX7dO
+RY9nEjm6xyrxjmuIHVzqAivFMp5VYxM2L4ToA6Okz7ERhserH5Z3uNNs3yRxsqh
FmUs5zgb975sGIQSf0xv2mZ9R2OliP1bUKuf/OW9bY5m8WbePNjhzqp7rCn6+QAX
LnEwiN4FY3/cassf/6muzFT5N3zMxni4vQy/AagSiYaOHXCZgpikGyp5xHbYeYN/
s4ixxNHT+gTtA1DNMXfiqx44GimejLP7pC3VyrYxSdBWyDxi9V0K2Il6Cms1AgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUFaCnqX/3uxKfOzUymVumilHNlaswHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNDAwNjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACNC2ED
BACNC2wwDQYJKoZIhvcNAQELBQADggEBACYiWJIgXsxl83DNA78s2F0P2joVhNsb
o7TVUXHIwe0yz79PlZcnXvQtqgPBqGwCoS1Cvh6jXYx90JMNcdEbfxPUq9kSNfVS
N8OMl12a0HcCUnPJybsIiWV+SHJhIU4h0PiHFc62Y31Tf7zUvj10C2ikwGekv68N
cNTkfUXhD88SuMvsmGDvAWpGXAfbs2LCiQ1J6cWMrUysAkJQwOxmExUmxiDv+9B1
gI4qz+oMXMr3jh3CU2V6PWgjCSILC+3Rtbe8VALGZgl347oTeC+5Uvl8ZFq7YPHR
zIrFXe0/ga/ZncNeAIOlNELJsaFUtG6kOF5HmKViiuuTUTLY/ycEO/I=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:52 2025 by rpki-client