Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214304.roa
File: AS214304.roa (raw, json)
Hash identifier: jCnehWkBoeYA2HoVQuHptqi372KQfz3YJDsw0QJS5qE=
Subject key identifier: D7:74:49:03:F4:29:B4:00:D4:FA:26:BB:15:6F:5B:D6:96:57:B5:22
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 429AF57CB943058801C97C097CBCCF9603AB1BF5
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214304.roa
Signing time: Thu 28 Nov 2024 18:59:28 +0000
ROA not before: Thu 28 Nov 2024 18:54:28 +0000
ROA not after: Thu 27 Nov 2025 18:59:28 +0000
asID: 214304
IP address blocks: 46.203.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 07:40:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:9a:f5:7c:b9:43:05:88:01:c9:7c:09:7c:bc:cf:96:03:ab:1b:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 28 18:54:28 2024 GMT
Not After : Nov 27 18:59:28 2025 GMT
Subject: CN=D7744903F429B400D4FA26BB156F5BD69657B522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:d8:1f:03:b3:a5:94:71:99:6e:f0:d6:ca:
fe:04:0f:2f:7a:69:d2:df:6b:4e:fe:78:67:8b:8e:
c6:25:95:e0:fe:af:01:88:25:b7:7b:a7:bd:4c:10:
eb:5a:9f:f8:02:62:66:0d:b5:f9:34:0c:e7:a4:54:
d9:9e:62:d7:61:6f:c9:77:bb:2f:62:11:47:14:cb:
4d:63:ae:95:b2:aa:0a:57:af:8e:99:7b:2c:37:e8:
ad:40:1e:6d:09:d2:b8:46:c7:41:67:b3:d5:d4:0e:
a1:21:75:1d:02:d9:f6:7c:e5:7e:c4:87:ac:8b:eb:
0f:2f:68:20:83:31:55:d3:62:ac:39:82:1a:c8:a4:
62:a1:0a:61:56:3e:08:c3:25:a3:a3:14:ee:8e:a6:
55:5c:55:39:d8:5a:0a:5e:49:81:5a:6c:26:88:ce:
ec:d5:fc:0b:7c:c4:7b:d9:d3:a1:7d:9f:f6:ac:39:
26:a5:8e:34:e4:b3:dd:da:ce:6e:c7:67:5c:c1:fa:
49:7b:36:93:08:e1:b8:c0:25:cd:51:7b:a7:73:c7:
3e:b0:c0:96:90:9b:e9:84:ae:cd:02:13:0f:3f:70:
23:7b:c9:05:5b:db:0a:6c:96:b8:0c:5e:f6:83:81:
9d:28:e0:c7:f0:e2:1a:bb:1e:00:59:4c:0a:2d:88:
35:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:74:49:03:F4:29:B4:00:D4:FA:26:BB:15:6F:5B:D6:96:57:B5:22
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.89.0/24
Signature Algorithm: sha256WithRSAEncryption
55:60:4a:a2:af:ed:56:d4:bf:05:8e:97:3f:49:3a:a8:b1:b0:
3a:ef:56:83:93:f3:dc:6a:b6:e8:f1:84:93:ce:0c:51:71:53:
35:c6:66:e3:c6:c0:71:e6:7f:32:4c:54:fc:55:e2:e0:d5:cc:
0b:8c:f6:25:b1:bb:2a:68:7c:3c:05:92:62:cd:08:c9:47:6f:
ed:60:92:94:42:ca:32:8a:54:c3:e8:65:c3:67:c3:5e:27:5b:
07:63:29:e5:18:70:99:91:d2:07:14:f8:7a:73:88:7c:c7:0d:
fa:32:69:d4:44:66:32:fd:b4:e9:7e:c7:6f:3a:44:cc:4a:5e:
7b:b6:90:8d:a5:c6:30:e3:02:d6:e7:4f:2f:0c:1e:97:f9:e9:
9d:ef:77:97:38:a1:19:1a:0d:e9:f1:2c:b4:ec:ff:62:ca:62:
90:de:3d:35:7d:63:45:b3:a6:0f:0c:03:12:14:66:2b:61:78:
90:71:ab:a1:92:8d:d0:ba:42:f2:0b:37:fe:f4:bf:86:7b:4a:
15:e2:d0:43:43:bb:51:36:b2:81:63:e5:80:4e:11:2e:c6:04:
79:3d:d7:dc:b4:4a:0c:61:df:7c:b3:da:a7:27:d4:4c:cd:65:
57:c8:30:d0:ae:6b:34:1f:d1:2f:de:ed:bb:1e:2f:e5:d1:6d:
f3:3e:70:71
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUQpr1fLlDBYgByXwJfLzPlgOrG/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMjgxODU0MjhaFw0yNTExMjcxODU5MjhaMDMxMTAvBgNV
BAMTKEQ3NzQ0OTAzRjQyOUI0MDBENEZBMjZCQjE1NkY1QkQ2OTY1N0I1MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzQ9gfA7OllHGZbvDWyv4EDy96
adLfa07+eGeLjsYlleD+rwGIJbd7p71MEOtan/gCYmYNtfk0DOekVNmeYtdhb8l3
uy9iEUcUy01jrpWyqgpXr46Zeyw36K1AHm0J0rhGx0Fns9XUDqEhdR0C2fZ85X7E
h6yL6w8vaCCDMVXTYqw5ghrIpGKhCmFWPgjDJaOjFO6OplVcVTnYWgpeSYFabCaI
zuzV/At8xHvZ06F9n/asOSaljjTks93azm7HZ1zB+kl7NpMI4bjAJc1Re6dzxz6w
wJaQm+mErs0CEw8/cCN7yQVb2wpslrgMXvaDgZ0o4Mfw4hq7HgBZTAotiDW3AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU13RJA/QptADU+ia7FW9b1pZXtSIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALstZ
MA0GCSqGSIb3DQEBCwUAA4IBAQBVYEqir+1W1L8Fjpc/STqosbA671aDk/Pcarbo
8YSTzgxRcVM1xmbjxsBx5n8yTFT8VeLg1cwLjPYlsbsqaHw8BZJizQjJR2/tYJKU
QsoyilTD6GXDZ8NeJ1sHYynlGHCZkdIHFPh6c4h8xw36MmnURGYy/bTpfsdvOkTM
Sl57tpCNpcYw4wLW508vDB6X+emd73eXOKEZGg3p8Sy07P9iymKQ3j01fWNFs6YP
DAMSFGYrYXiQcauhko3QukLyCzf+9L+Ge0oV4tBDQ7tRNrKBY+WAThEuxgR5Pdfc
tEoMYd98s9qnJ9RMzWVXyDDQrms0H9Ev3u27Hi/l0W3zPnBx
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:34:05 2025 by rpki-client