Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/AaZW-tFZibBej9jT7ayNPwXXPBM.roa
File: AaZW-tFZibBej9jT7ayNPwXXPBM.roa (raw, json)
Hash identifier: +AfIXsVc7SPkT3VYSDZBtimij4YJNBKNhftHPDWxc9Y=
Subject key identifier: 01:A6:56:FA:D1:59:89:B0:5E:8F:D8:D3:ED:AC:8D:3F:05:D7:3C:13
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0AD5974A77F3F9681F30168C634AA2
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/AaZW-tFZibBej9jT7ayNPwXXPBM.roa
Signing time: Sun 01 Jan 2023 11:15:04 +0000
ROA not before: Sun 01 Jan 2023 11:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43698
IP address blocks: 78.159.0.0/19 maxlen: 19
82.151.0.0/19 maxlen: 19
95.168.0.0/19 maxlen: 19
Validation: Failed, certificate revoked on Tue 18 Jul 2023 12:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d5:97:4a:77:f3:f9:68:1f:30:16:8c:63:4a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01a656fad15989b05e8fd8d3edac8d3f05d73c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:85:c1:cb:b4:76:95:5c:36:01:a0:b5:36:3c:
cf:c0:76:cd:dd:f5:a1:f5:b6:d4:81:02:47:32:37:
c2:cb:5e:78:5e:be:ec:a4:e2:89:66:1d:72:07:ad:
7b:b8:71:c0:5a:77:72:d6:66:ae:52:ff:41:b5:68:
4c:4f:7c:b9:b1:62:3c:00:92:6c:62:2f:b6:f7:db:
a8:3b:21:69:49:2f:68:e2:6f:f5:81:75:01:50:4f:
13:9a:c2:8c:18:8c:45:93:3b:2e:79:3f:f8:51:86:
eb:90:53:c9:bc:95:9b:e3:71:d9:7b:5a:42:75:fa:
a0:b0:31:5e:30:fa:b5:6e:57:c7:d4:06:6d:c1:60:
32:bc:4e:84:0a:34:7a:01:15:50:5b:5d:14:39:d3:
6b:99:ca:e0:fe:39:e3:cd:da:11:c2:af:c6:bf:22:
d3:40:50:8f:e0:9c:92:0f:25:20:10:01:e0:c7:8c:
b3:8a:75:23:6a:d1:12:8d:05:e8:82:d7:b5:9b:83:
51:e3:e2:d8:76:78:31:9c:4c:e7:a1:ea:c2:83:ce:
54:39:99:a2:f2:7c:0c:8b:4a:cf:fe:0e:64:2b:b3:
3b:39:2c:13:ce:f6:fd:1b:73:67:ff:f5:55:13:35:
79:08:cc:78:6b:53:33:5d:1f:d2:5d:27:d4:64:05:
8a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A6:56:FA:D1:59:89:B0:5E:8F:D8:D3:ED:AC:8D:3F:05:D7:3C:13
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/AaZW-tFZibBej9jT7ayNPwXXPBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.0.0/19
82.151.0.0/19
95.168.0.0/19
Signature Algorithm: sha256WithRSAEncryption
4f:e3:76:4b:37:a7:72:5c:99:09:7d:60:5f:6f:b7:f9:58:25:
de:bc:01:c0:81:3b:37:27:49:5a:90:1f:0d:fa:fe:dc:c9:a2:
14:39:0b:8e:f9:81:05:83:12:85:99:09:49:20:90:69:e4:cf:
ce:7a:2b:4d:d3:5c:db:07:d5:77:70:3a:01:54:b7:0a:5f:73:
df:79:9b:1d:5e:49:75:05:94:3e:74:7c:b8:34:b6:6a:1f:02:
b1:7e:45:49:87:80:64:36:5b:ee:e9:5d:37:e1:b6:5f:f7:63:
fa:eb:4c:b5:ed:a6:3f:06:52:e9:8a:56:05:18:b3:96:34:1b:
83:cc:bd:1d:f3:ab:91:77:57:97:29:1a:e5:42:a4:0d:f2:7c:
d6:5b:31:46:9d:08:b3:4c:48:ca:1f:31:d1:0e:f7:a2:21:74:
38:bc:8c:d3:dc:4c:cd:ea:2e:b6:dc:1c:93:ad:0b:d6:c6:d0:
6a:77:9c:38:88:f8:be:67:a8:8e:f2:4a:91:51:46:f1:03:1c:
b2:34:f9:92:be:22:c1:f6:a9:06:bd:05:04:a0:b5:77:47:58:
79:20:d9:3d:65:f4:db:79:05:ef:c3:ae:f1:5e:dc:3f:98:5c:
a6:1b:6b:6f:7a:1a:05:53:f4:22:ec:f9:4e:0f:4a:eb:4d:11:
07:e9:c1:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtCtWXSnfz+WgfMBaMY0qiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE2NTZmYWQxNTk4OWIwNWU4ZmQ4ZDNlZGFjOGQzZjA1ZDczYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4XBy7R2lVw2AaC1NjzPwHbN3fWh
9bbUgQJHMjfCy154Xr7spOKJZh1yB617uHHAWndy1mauUv9BtWhMT3y5sWI8AJJs
Yi+299uoOyFpSS9o4m/1gXUBUE8TmsKMGIxFkzsueT/4UYbrkFPJvJWb43HZe1pC
dfqgsDFeMPq1blfH1AZtwWAyvE6ECjR6ARVQW10UOdNrmcrg/jnjzdoRwq/GvyLT
QFCP4JySDyUgEAHgx4yzinUjatESjQXogte1m4NR4+LYdngxnEznoerCg85UOZmi
8nwMi0rP/g5kK7M7OSwTzvb9G3Nn//VVEzV5CMx4a1MzXR/SXSfUZAWKFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAGmVvrRWYmwXo/Y0+2sjT8F1zwTMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvQWFaVy10RlppYkJlajlqVDdheU5Qd1hYUEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFTp8AAwQF
UpcAAwQFX6gAMA0GCSqGSIb3DQEBCwUAA4IBAQBP43ZLN6dyXJkJfWBfb7f5WCXe
vAHAgTs3J0lakB8N+v7cyaIUOQuO+YEFgxKFmQlJIJBp5M/OeitN01zbB9V3cDoB
VLcKX3PfeZsdXkl1BZQ+dHy4NLZqHwKxfkVJh4BkNlvu6V034bZf92P660y17aY/
BlLpilYFGLOWNBuDzL0d86uRd1eXKRrlQqQN8nzWWzFGnQizTEjKHzHRDveiIXQ4
vIzT3EzN6i623ByTrQvWxtBqd5w4iPi+Z6iO8kqRUUbxAxyyNPmSviLB9qkGvQUE
oLV3R1h5INk9ZfTbeQXvw67xXtw/mFymG2tvehoFU/Qi7PlOD0rrTREH6cHp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org