Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AXhMIbyy5ix9zK7HY0GQKYRiIms.roa
File: AXhMIbyy5ix9zK7HY0GQKYRiIms.roa (raw, json)
Hash identifier: mgpDA7uIjS95NByzbT22Sb5DFsXzzLzqlCu53cvd2Ek=
Subject key identifier: 01:78:4C:21:BC:B2:E6:2C:7D:CC:AE:C7:63:41:90:29:84:62:22:6B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019112F533198B1BB5CB0A88B04AB4B3E309
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AXhMIbyy5ix9zK7HY0GQKYRiIms.roa
Signing time: Fri 02 Aug 2024 11:59:04 +0000
ROA not before: Fri 02 Aug 2024 11:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 00:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:f5:33:19:8b:1b:b5:cb:0a:88:b0:4a:b4:b3:e3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 2 11:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01784c21bcb2e62c7dccaec7634190298462226b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:09:46:3d:48:33:da:5e:56:bb:f5:08:7e:14:
ca:6e:fa:21:39:3d:d7:a4:7e:06:df:f6:32:c1:13:
f5:28:52:da:89:d9:49:8e:27:d3:31:7d:da:58:90:
47:9a:2d:cd:37:56:ae:c9:70:b3:27:8d:94:3e:db:
54:bd:8f:05:e7:1e:bd:f5:a7:c4:50:24:00:28:22:
c6:5a:bb:85:f2:ee:35:d9:e7:ba:e4:1c:9b:a6:21:
79:2b:73:63:83:a9:44:90:4f:ed:a9:68:e0:1b:9a:
68:92:f6:61:d9:7c:b1:3b:40:45:24:82:a5:9c:3b:
7c:4e:3b:8d:e9:64:30:cc:21:3b:2b:30:37:c2:e3:
4f:fa:db:ed:5a:6e:e0:16:67:c2:71:bc:b0:96:5d:
0a:3d:fd:c3:e2:22:a2:d2:d7:02:71:88:0f:ae:cd:
75:39:c6:fd:0d:4e:63:89:33:bf:57:2e:f3:ea:5f:
ee:9e:4b:1e:4c:eb:bc:cf:ac:65:77:68:f6:e5:10:
39:c2:58:6f:36:25:c0:a6:6a:fe:83:37:ae:86:65:
7b:eb:d3:21:72:9d:a0:a2:b7:61:d8:ab:e3:04:1d:
28:26:ba:8c:58:0d:08:c0:d0:59:2f:09:3f:ad:1d:
39:bb:f3:6e:57:7a:3f:cc:c4:ff:45:88:c1:b4:24:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:78:4C:21:BC:B2:E6:2C:7D:CC:AE:C7:63:41:90:29:84:62:22:6B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/AXhMIbyy5ix9zK7HY0GQKYRiIms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.4.0/22
Signature Algorithm: sha256WithRSAEncryption
d3:f4:20:98:7a:cf:b9:08:4c:af:9a:e2:61:0f:3d:7e:d6:52:
b3:5c:2b:76:0f:2c:72:de:cb:1c:d5:88:56:60:14:46:67:91:
b6:5e:19:42:3a:97:42:33:17:ec:bc:96:be:e0:04:e9:52:44:
8b:7f:15:eb:06:fe:79:bb:46:38:a1:cb:8d:de:cd:a8:5b:15:
ff:3f:6f:a2:4c:eb:f2:0c:ed:e3:c8:bf:28:25:53:26:f8:95:
be:60:c2:66:91:04:8c:9b:d1:3d:8c:a4:b6:12:1a:e4:98:34:
a4:65:c1:b5:14:a6:78:a0:41:6b:4b:fe:33:41:77:34:9e:4a:
ea:68:be:b4:1d:ba:19:d7:2b:f7:e1:90:ac:1f:ef:16:2d:16:
e0:2c:7a:72:3a:41:ed:54:2d:d4:df:41:c4:59:e3:73:4e:54:
77:02:dd:0b:f2:ce:43:54:1d:57:06:65:9c:e2:c8:0e:ad:79:
57:c1:2f:a0:f5:95:9f:a8:7d:5f:58:ab:97:a9:cb:b6:7e:18:
97:4d:93:f0:bc:06:61:9a:9e:78:3f:d7:18:3d:57:d3:bd:28:
55:88:c2:cf:45:02:9a:21:93:12:d9:a9:5b:a2:11:90:3a:24:
3b:82:d7:e0:39:24:75:96:ce:23:93:5c:c9:90:30:ab:27:17:
08:1c:49:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZES9TMZixu1ywqIsEq0s+MJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwODAyMTE1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTc4NGMyMWJjYjJlNjJjN2RjY2FlYzc2MzQxOTAyOTg0NjIyMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQlGPUgz2l5Wu/UIfhTKbvohOT3X
pH4G3/YywRP1KFLaidlJjifTMX3aWJBHmi3NN1auyXCzJ42UPttUvY8F5x699afE
UCQAKCLGWruF8u412ee65BybpiF5K3Njg6lEkE/tqWjgG5pokvZh2XyxO0BFJIKl
nDt8TjuN6WQwzCE7KzA3wuNP+tvtWm7gFmfCcbywll0KPf3D4iKi0tcCcYgPrs11
Ocb9DU5jiTO/Vy7z6l/unkseTOu8z6xld2j25RA5wlhvNiXApmr+gzeuhmV769Mh
cp2gordh2KvjBB0oJrqMWA0IwNBZLwk/rR05u/NuV3o/zMT/RYjBtCSyTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAF4TCG8suYsfcyux2NBkCmEYiJrMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQVhoTUlieXk1aXg5eks3SFkwR1FLWVJpSW1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDBSLQAwQC
UnMEMA0GCSqGSIb3DQEBCwUAA4IBAQDT9CCYes+5CEyvmuJhDz1+1lKzXCt2Dyxy
3ssc1YhWYBRGZ5G2XhlCOpdCMxfsvJa+4ATpUkSLfxXrBv55u0Y4ocuN3s2oWxX/
P2+iTOvyDO3jyL8oJVMm+JW+YMJmkQSMm9E9jKS2EhrkmDSkZcG1FKZ4oEFrS/4z
QXc0nkrqaL60HboZ1yv34ZCsH+8WLRbgLHpyOkHtVC3U30HEWeNzTlR3At0L8s5D
VB1XBmWc4sgOrXlXwS+g9ZWfqH1fWKuXqcu2fhiXTZPwvAZhmp54P9cYPVfTvShV
iMLPRQKaIZMS2albohGQOiQ7gtfgOSR1ls4jk1zJkDCrJxcIHElP
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:17:11 2024 by rpki-client on console-fra.rpki-client.org