Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS153371.roa
File: AS153371.roa (raw, json)
Hash identifier: SduvTvE5BqYatzZkiZsSSCAPaRzPOh62axL2smYumeY=
Subject key identifier: DC:CA:04:65:42:EA:CE:70:BD:3F:63:91:66:F0:F6:62:A3:5E:E4:F8
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 32BC2C4E04BE661C792CCC8C12E27A229FD99603
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS153371.roa
Signing time: Tue 03 Dec 2024 09:19:44 +0000
ROA not before: Tue 03 Dec 2024 09:14:44 +0000
ROA not after: Tue 02 Dec 2025 09:19:44 +0000
asID: 153371
IP address blocks: 92.113.116.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 06:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:bc:2c:4e:04:be:66:1c:79:2c:cc:8c:12:e2:7a:22:9f:d9:96:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Dec 3 09:14:44 2024 GMT
Not After : Dec 2 09:19:44 2025 GMT
Subject: CN=DCCA046542EACE70BD3F639166F0F662A35EE4F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e6:16:dc:3c:9b:28:b5:f3:e8:ae:7f:bc:99:
ec:8c:b9:0d:d3:7e:18:f8:38:fa:77:71:e8:9d:0f:
43:52:9b:13:d3:95:0e:1b:48:47:7f:69:ba:ff:d0:
2e:61:cd:27:74:1b:83:38:41:12:bf:a8:eb:19:d5:
6e:84:a5:aa:79:a4:a7:d1:c8:5b:92:55:c3:06:12:
58:e6:b9:29:ab:16:d1:55:57:6b:0f:d6:16:85:76:
e0:4d:78:27:24:52:b5:6f:69:d8:e6:ac:2b:64:fd:
90:21:c0:11:30:11:8d:79:df:71:34:3a:bb:10:44:
94:b0:67:cd:6f:85:31:f8:01:0e:4d:dc:64:d9:3b:
03:b2:c6:fb:73:02:e6:eb:bd:58:a4:e8:e1:40:c3:
60:c6:df:d2:b0:b4:5f:6b:7f:d4:9b:55:a4:bc:00:
6b:70:7c:35:1c:8d:ed:36:02:7f:49:d3:46:02:11:
27:f4:b4:50:1d:08:97:c9:c2:8d:85:b3:a6:a4:e3:
e0:fd:03:3c:8e:35:35:47:96:a5:d9:13:37:0d:eb:
0a:75:9c:6d:9c:aa:95:85:ee:74:4c:cf:3b:9b:e7:
9a:e4:8b:c3:d7:80:c1:c5:87:5a:e1:09:b9:1d:1e:
03:36:b4:58:00:5e:03:83:b4:28:3b:24:4b:e2:bd:
26:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CA:04:65:42:EA:CE:70:BD:3F:63:91:66:F0:F6:62:A3:5E:E4:F8
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS153371.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.113.116.0/23
Signature Algorithm: sha256WithRSAEncryption
78:9b:29:7b:a4:1e:34:0c:d2:22:5d:fa:be:d8:07:60:df:2c:
d1:59:73:f7:bb:dd:d3:9e:86:68:19:dc:ee:a8:ea:f6:e4:6b:
53:f2:1e:8e:8e:57:8e:c5:63:96:4e:e4:9f:74:36:f1:e8:36:
05:03:a9:ce:d5:63:07:43:f4:e0:7e:bf:f5:76:fb:58:f7:0d:
f3:9a:6e:45:9b:23:8a:ad:0d:77:44:26:ef:21:7e:02:d2:a8:
10:9d:93:83:2c:f6:94:eb:7a:e7:8b:8c:23:b0:4a:0f:c9:7c:
7c:3a:7e:49:8d:51:7d:12:4c:2c:0a:18:43:5f:0f:52:d9:7d:
c8:82:fe:23:a0:d9:fa:9f:d6:0a:60:8f:6a:34:70:a4:34:f3:
fe:17:6a:87:4e:fa:83:08:37:8a:0d:23:f0:6d:bd:0f:63:d8:
11:25:72:94:e9:d5:2e:f6:17:8a:f5:e1:91:01:b8:4c:8d:79:
81:25:4a:75:b7:11:3f:4e:00:69:56:3c:be:3c:a4:b5:d1:69:
dc:9e:a6:80:dd:f3:fe:da:98:d4:9a:cb:3b:fa:8b:b5:73:ac:
cb:99:30:60:93:94:15:11:05:44:50:35:a5:11:9b:38:64:4a:
c5:54:a0:74:a4:59:62:01:76:80:16:85:14:53:73:4c:8f:92:
fc:57:06:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUMrwsTgS+Zhx5LMyMEuJ6Ip/ZlgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDEyMDMwOTE0NDRaFw0yNTEyMDIwOTE5NDRaMDMxMTAvBgNV
BAMTKERDQ0EwNDY1NDJFQUNFNzBCRDNGNjM5MTY2RjBGNjYyQTM1RUU0RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC05hbcPJsotfPorn+8meyMuQ3T
fhj4OPp3ceidD0NSmxPTlQ4bSEd/abr/0C5hzSd0G4M4QRK/qOsZ1W6Epap5pKfR
yFuSVcMGEljmuSmrFtFVV2sP1haFduBNeCckUrVvadjmrCtk/ZAhwBEwEY1533E0
OrsQRJSwZ81vhTH4AQ5N3GTZOwOyxvtzAubrvVik6OFAw2DG39KwtF9rf9SbVaS8
AGtwfDUcje02An9J00YCESf0tFAdCJfJwo2Fs6ak4+D9AzyONTVHlqXZEzcN6wp1
nG2cqpWF7nRMzzub55rki8PXgMHFh1rhCbkdHgM2tFgAXgODtCg7JEvivSZ3AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU3MoEZULqznC9P2ORZvD2YqNe5PgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTUzMzcxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXHF0
MA0GCSqGSIb3DQEBCwUAA4IBAQB4myl7pB40DNIiXfq+2Adg3yzRWXP3u93TnoZo
GdzuqOr25GtT8h6OjleOxWOWTuSfdDbx6DYFA6nO1WMHQ/Tgfr/1dvtY9w3zmm5F
myOKrQ13RCbvIX4C0qgQnZODLPaU63rni4wjsEoPyXx8On5JjVF9EkwsChhDXw9S
2X3Igv4joNn6n9YKYI9qNHCkNPP+F2qHTvqDCDeKDSPwbb0PY9gRJXKU6dUu9heK
9eGRAbhMjXmBJUp1txE/TgBpVjy+PKS10WncnqaA3fP+2pjUmss7+ou1c6zLmTBg
k5QVEQVEUDWlEZs4ZErFVKB0pFliAXaAFoUUU3NMj5L8VwaR
-----END CERTIFICATE-----
Generated at Wed Feb 5 17:09:18 2025 by rpki-client