Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/AVmI3VoCAg3Etn8JbSGBgYby4IQ.roa
File: AVmI3VoCAg3Etn8JbSGBgYby4IQ.roa (raw, json)
Hash identifier: pMF9D+dTFhVXiFieUhBrbezjxUe7uTrd3sF4lfmTXZs=
Subject key identifier: 01:59:88:DD:5A:02:02:0D:C4:B6:7F:09:6D:21:81:81:86:F2:E0:84
Certificate issuer: /CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Certificate serial: 01856EEFE1E9E90678CF82AA63B068F0740D
Authority key identifier: 2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/AVmI3VoCAg3Etn8JbSGBgYby4IQ.roa
Signing time: Sun 01 Jan 2023 20:04:52 +0000
ROA not before: Sun 01 Jan 2023 20:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5482
IP address blocks: 193.36.4.0/22 maxlen: 22
45.9.23.0/24 maxlen: 24
2a0b:6dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e1:e9:e9:06:78:cf:82:aa:63:b0:68:f0:74:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Validity
Not Before: Jan 1 20:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=015988dd5a02020dc4b67f096d21818186f2e084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:39:a0:ce:f7:6b:16:84:da:46:d2:00:eb:e9:
61:03:2b:8e:8e:e4:75:3b:c4:b5:08:38:20:23:dc:
9a:b2:7d:f8:7f:97:41:6e:d0:43:41:66:69:98:06:
ce:e9:33:18:ea:bd:23:9d:c1:9e:00:5e:56:db:25:
44:57:a2:66:cd:0e:42:2a:a6:6c:e5:7b:4b:b1:f7:
3d:75:10:06:cd:2f:54:0d:b3:ad:36:34:1e:73:a5:
33:1d:fa:84:42:6e:18:bc:f7:5e:61:c5:8a:d1:7b:
b0:25:4f:59:47:d2:0b:eb:24:34:60:79:5f:61:60:
2f:17:71:67:42:2a:36:86:74:19:57:04:a4:7f:48:
84:7b:b4:d4:28:fd:38:39:15:7e:93:0e:28:53:68:
e0:30:f5:a9:0a:a9:c3:51:67:f8:be:e9:a6:7d:11:
c7:a3:9a:9a:35:2d:1b:21:be:90:12:f5:01:5f:44:
06:00:a8:8f:88:c3:ff:ec:28:17:7f:26:70:39:18:
54:7e:ee:26:7d:99:37:72:c3:31:01:56:26:a5:3b:
e4:19:27:2a:84:2d:fa:90:65:f1:6b:b1:c6:91:20:
4b:0a:3f:ad:bd:86:09:db:cb:1d:97:99:42:ef:19:
9a:21:3e:b6:f5:8c:eb:4c:91:df:df:59:d6:96:4d:
e0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:59:88:DD:5A:02:02:0D:C4:B6:7F:09:6D:21:81:81:86:F2:E0:84
X509v3 Authority Key Identifier:
keyid:2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/AVmI3VoCAg3Etn8JbSGBgYby4IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.23.0/24
193.36.4.0/22
IPv6:
2a0b:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:f6:70:fe:9d:04:e2:14:01:6d:5e:05:8f:fe:a9:54:cc:bf:
cc:bd:26:01:9a:77:e7:dd:0f:8c:3c:fb:9b:81:61:94:c6:71:
2f:c9:ae:70:96:bd:a7:15:63:7c:58:c1:74:72:33:42:f7:eb:
6f:37:81:89:63:25:b0:5d:c2:4d:3f:e2:84:d7:4d:23:ae:17:
13:99:35:37:63:a6:bb:ad:47:91:a3:74:7d:c5:8e:be:a9:77:
f3:75:c8:d6:7d:09:a9:a0:e8:81:62:66:f4:cc:2f:4c:40:d3:
5d:65:78:e9:cd:df:ab:fd:c2:c5:72:e3:7b:37:e7:a0:0f:6b:
c2:aa:e1:94:f2:f5:08:62:c3:58:12:c6:86:32:be:85:94:32:
a2:d5:a4:f6:a6:74:f4:05:61:f6:1d:6e:de:36:6e:74:f0:6f:
01:be:12:00:ba:a9:0a:8c:4a:f8:d5:dd:c5:cc:06:45:d0:c5:
16:1a:59:eb:6e:fe:cc:ca:3a:7b:c2:07:ce:c8:a8:12:76:83:
ec:78:4d:e1:f0:bc:d4:af:c9:a4:48:fa:d4:aa:0f:e3:88:c6:
ab:21:1f:57:02:0a:c2:3a:f7:76:ca:a4:92:a3:20:62:ff:61:
1f:1a:a4:63:fb:5a:72:e8:47:12:e0:d0:82:03:b4:b4:15:aa:
eb:b1:a1:6b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVu7+Hp6QZ4z4KqY7Bo8HQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzI5MWI4ZGI2Y2ZkZGY2ZGQyYTFkNTViMjI2ZDQ5NDky
YTI3MDUwHhcNMjMwMTAxMjAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU5ODhkZDVhMDIwMjBkYzRiNjdmMDk2ZDIxODE4MTg2ZjJlMDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjmgzvdrFoTaRtIA6+lhAyuOjuR1
O8S1CDggI9yasn34f5dBbtBDQWZpmAbO6TMY6r0jncGeAF5W2yVEV6JmzQ5CKqZs
5XtLsfc9dRAGzS9UDbOtNjQec6UzHfqEQm4YvPdeYcWK0XuwJU9ZR9IL6yQ0YHlf
YWAvF3FnQio2hnQZVwSkf0iEe7TUKP04ORV+kw4oU2jgMPWpCqnDUWf4vummfRHH
o5qaNS0bIb6QEvUBX0QGAKiPiMP/7CgXfyZwORhUfu4mfZk3csMxAVYmpTvkGScq
hC36kGXxa7HGkSBLCj+tvYYJ28sdl5lC7xmaIT629YzrTJHf31nWlk3gfwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAFZiN1aAgINxLZ/CW0hgYGG8uCEMB8GA1UdIwQY
MBaAFC3CkbjbbP3fbdKh1VsibUlJKicFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjIt
MmIxNzBlOTVjMmI3LzEvQVZtSTNWb0NBZzNFdG44SmJTR0JnWWJ5NElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjItMmIxNzBlOTVjMmI3
LzEvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQkXAwQC
wSQEMA0EAgACMAcDBQMqC23AMA0GCSqGSIb3DQEBCwUAA4IBAQCi9nD+nQTiFAFt
XgWP/qlUzL/MvSYBmnfn3Q+MPPubgWGUxnEvya5wlr2nFWN8WMF0cjNC9+tvN4GJ
YyWwXcJNP+KE100jrhcTmTU3Y6a7rUeRo3R9xY6+qXfzdcjWfQmpoOiBYmb0zC9M
QNNdZXjpzd+r/cLFcuN7N+egD2vCquGU8vUIYsNYEsaGMr6FlDKi1aT2pnT0BWH2
HW7eNm508G8BvhIAuqkKjEr41d3FzAZF0MUWGlnrbv7Myjp7wgfOyKgSdoPseE3h
8LzUr8mkSPrUqg/jiMarIR9XAgrCOvd2yqSSoyBi/2EfGqRj+1py6EcS4NCCA7S0
FarrsaFr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:21 2024 by rpki-client on console-fra.rpki-client.org