Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aLoVTC9Sukc5XlPN0aeYcsRnZG0.roa
File: aLoVTC9Sukc5XlPN0aeYcsRnZG0.roa (raw, json)
Hash identifier: AtIicVjtxY4OOXY12o6DAWRD/zzTLuC7Lkz7v+gNCQ0=
Subject key identifier: 68:BA:15:4C:2F:52:BA:47:39:5E:53:CD:D1:A7:98:72:C4:67:64:6D
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018B63ABA91D288CC1FCF2B6AFC8DDF8839A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aLoVTC9Sukc5XlPN0aeYcsRnZG0.roa
Signing time: Tue 24 Oct 2023 21:51:16 +0000
ROA not before: Tue 24 Oct 2023 21:51:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.253.12.0/22 maxlen: 22
82.115.0.0/21 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 12:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:63:ab:a9:1d:28:8c:c1:fc:f2:b6:af:c8:dd:f8:83:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 24 21:51:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ba154c2f52ba47395e53cdd1a79872c467646d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:53:ee:17:78:b3:f3:25:c6:18:41:49:54:84:
a5:4b:47:08:be:f0:a8:a0:0e:d5:77:12:2b:cf:c1:
6f:a4:5b:c0:4e:71:ba:cc:26:43:1d:60:92:f8:bc:
fa:dd:fe:37:46:25:59:eb:11:66:ce:75:fe:d5:04:
64:6c:45:01:45:7d:b2:9d:41:d2:1b:0b:bc:08:5f:
12:c9:cb:38:be:44:73:d1:52:82:47:72:58:8c:fb:
c4:58:81:68:d3:07:03:ee:ee:40:19:df:f0:5d:4e:
07:01:6c:51:97:6b:64:2b:57:da:93:82:9c:4f:23:
06:04:c0:ce:e9:e1:c9:c2:34:db:44:70:3b:17:f9:
86:44:9f:26:02:9a:e8:bc:cc:99:d4:fb:f2:1b:63:
ce:e2:08:c0:c6:03:37:ac:2b:fe:b8:68:7d:6c:2a:
c6:59:4c:15:19:54:04:8a:70:4a:e9:c0:91:8d:b5:
3e:0e:e6:40:6f:e5:b1:79:0a:cb:ad:68:0b:76:24:
5d:8a:26:da:80:52:08:74:3a:d2:44:61:2f:5a:11:
e4:62:4d:af:64:5e:c4:88:2b:ab:a2:70:43:7f:af:
a5:96:ce:c6:35:e8:04:69:ec:c3:a7:4e:40:80:76:
9f:a5:4a:5c:ef:c2:b8:92:e4:f4:a5:28:94:dd:07:
89:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BA:15:4C:2F:52:BA:47:39:5E:53:CD:D1:A7:98:72:C4:67:64:6D
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/aLoVTC9Sukc5XlPN0aeYcsRnZG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.0.0/21
159.255.32.0/21
188.214.236.0/22
188.253.12.0/22
Signature Algorithm: sha256WithRSAEncryption
78:84:d8:8a:84:de:77:5d:f1:87:9f:74:e5:d3:40:b6:eb:3a:
f1:c3:95:18:b3:cd:04:29:bf:40:d4:f1:fd:bc:79:2b:b9:d6:
9d:14:3d:1b:b3:40:05:ca:b2:f0:5e:30:39:a0:11:80:54:a6:
00:a2:01:c2:53:c9:7b:a9:00:6b:d8:a1:31:4e:fd:cb:de:9e:
73:42:14:47:7e:18:b4:02:7c:ae:3d:6a:9d:dd:02:27:db:d3:
63:af:94:1f:d4:9d:ec:a7:2b:33:3c:f2:bd:5e:7e:e4:65:66:
f6:7a:d7:c2:75:d3:6a:e1:90:6b:59:80:2c:65:98:7a:07:f0:
17:6e:9f:b2:06:11:99:12:fc:e0:92:1b:b6:61:34:32:34:ed:
99:4d:7b:ee:3e:47:9d:08:8b:f9:a3:1c:ae:a3:36:90:ef:05:
e7:93:6d:a8:d1:3b:62:e4:7f:68:ae:8b:e1:0f:af:68:97:3b:
75:ec:40:c1:77:15:60:1b:d6:f4:ef:3c:90:49:8c:b8:43:89:
83:a9:1a:af:d5:10:da:d0:c5:36:96:63:5f:95:e5:02:7d:f0:
90:a9:4a:a9:b7:59:23:7f:75:cc:a5:77:6f:76:4d:45:ce:ba:
72:06:07:63:ad:47:eb:3e:b8:c4:b4:3b:c1:c8:f0:dd:18:e9:
42:53:d2:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtjq6kdKIzB/PK2r8jd+IOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMDI0MjE1MTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJhMTU0YzJmNTJiYTQ3Mzk1ZTUzY2RkMWE3OTg3MmM0Njc2NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFPuF3iz8yXGGEFJVISlS0cIvvCo
oA7VdxIrz8FvpFvATnG6zCZDHWCS+Lz63f43RiVZ6xFmznX+1QRkbEUBRX2ynUHS
Gwu8CF8Sycs4vkRz0VKCR3JYjPvEWIFo0wcD7u5AGd/wXU4HAWxRl2tkK1fak4Kc
TyMGBMDO6eHJwjTbRHA7F/mGRJ8mAprovMyZ1PvyG2PO4gjAxgM3rCv+uGh9bCrG
WUwVGVQEinBK6cCRjbU+DuZAb+WxeQrLrWgLdiRdiibagFIIdDrSRGEvWhHkYk2v
ZF7EiCuronBDf6+lls7GNegEaezDp05AgHafpUpc78K4kuT0pSiU3QeJEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGi6FUwvUrpHOV5TzdGnmHLEZ2RtMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYUxvVlRDOVN1a2M1WGxQTjBhZVljc1JuWkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDUnMAAwQD
n/8gAwQCvNbsAwQCvP0MMA0GCSqGSIb3DQEBCwUAA4IBAQB4hNiKhN53XfGHn3Tl
00C26zrxw5UYs80EKb9A1PH9vHkrudadFD0bs0AFyrLwXjA5oBGAVKYAogHCU8l7
qQBr2KExTv3L3p5zQhRHfhi0AnyuPWqd3QIn29Njr5Qf1J3spyszPPK9Xn7kZWb2
etfCddNq4ZBrWYAsZZh6B/AXbp+yBhGZEvzgkhu2YTQyNO2ZTXvuPkedCIv5oxyu
ozaQ7wXnk22o0Tti5H9orovhD69olzt17EDBdxVgG9b07zyQSYy4Q4mDqRqv1RDa
0MU2lmNfleUCffCQqUqpt1kjf3XMpXdvdk1FzrpyBgdjrUfrPrjEtDvByPDdGOlC
U9L5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org