Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/aoQFDQ1Hz3xfGImr7ayS2sebINg.roa
File: aoQFDQ1Hz3xfGImr7ayS2sebINg.roa (raw, json)
Hash identifier: w63rrIuoS76rOFiyiSb2zOWNPP/z5oF++v8FnkkjaMY=
Subject key identifier: 6A:84:05:0D:0D:47:CF:7C:5F:18:89:AB:ED:AC:92:DA:C7:9B:20:D8
Certificate issuer: /CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Certificate serial: 0193BFF0FF7AF5EE80F47F8A0C4BD9C451A0
Authority key identifier: 99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/aoQFDQ1Hz3xfGImr7ayS2sebINg.roa
Signing time: Fri 13 Dec 2024 12:14:22 +0000
ROA not before: Fri 13 Dec 2024 12:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39032
IP address blocks: 87.237.232.0/21 maxlen: 21
89.236.216.0/22 maxlen: 22
217.30.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Sat 14 Dec 2024 06:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bf:f0:ff:7a:f5:ee:80:f4:7f:8a:0c:4b:d9:c4:51:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Validity
Not Before: Dec 13 12:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a84050d0d47cf7c5f1889abedac92dac79b20d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f3:69:4e:46:b3:e6:4c:fa:1e:01:f2:ab:51:
73:42:0b:55:e3:6f:75:f8:bd:64:a9:c6:fe:a1:3c:
a1:81:9e:e9:e0:9d:35:89:0b:1a:e4:89:fe:25:f6:
79:51:0d:3a:af:fb:6a:ba:e9:14:6f:0b:3c:8d:a1:
09:e6:97:1b:ad:30:f9:50:74:cb:71:36:fe:79:4b:
42:92:13:a0:27:80:7f:63:06:68:cd:35:75:e6:93:
32:09:cd:ab:eb:79:61:10:3c:4f:03:46:3b:5a:9e:
c7:1d:4b:28:78:3d:a6:be:e1:37:56:a4:55:64:73:
19:15:a6:ac:c7:4e:7b:eb:57:99:57:3a:5e:12:93:
18:e0:53:57:d2:8e:d3:c1:50:bf:1b:d9:86:6f:d9:
97:ff:d9:56:8e:b5:66:c9:b5:04:ce:c0:32:ff:1f:
34:ea:01:cf:8e:7d:fa:65:51:79:d0:66:2e:3a:8d:
77:f3:dd:ed:8a:98:41:77:e3:5b:38:77:63:12:41:
f2:73:4f:87:21:29:e9:51:3a:c4:9f:a2:69:37:c9:
9c:81:b8:62:9f:f4:16:7f:2e:74:08:49:08:f5:3f:
cc:44:4c:6b:22:f4:57:1a:3e:07:b2:8e:ee:c7:22:
85:be:a6:c7:fb:b4:ec:76:ed:01:6a:d2:80:1b:98:
36:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:84:05:0D:0D:47:CF:7C:5F:18:89:AB:ED:AC:92:DA:C7:9B:20:D8
X509v3 Authority Key Identifier:
keyid:99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/aoQFDQ1Hz3xfGImr7ayS2sebINg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.232.0/21
89.236.216.0/22
217.30.160.0/20
Signature Algorithm: sha256WithRSAEncryption
72:a5:82:15:bc:77:1e:7b:9a:e5:f3:d9:2c:18:21:18:74:6b:
37:17:0e:2f:14:c9:c5:21:43:18:4d:6d:2c:51:43:e0:8f:7b:
ec:aa:c7:ac:81:fc:4d:b4:c3:e5:7c:b1:57:e7:0a:af:79:a3:
24:8d:29:59:c3:5d:1a:80:a6:eb:b2:d4:40:6b:84:5a:92:7a:
66:de:dd:15:29:0b:23:9b:4d:a2:78:25:c9:98:e6:37:40:ad:
c7:3f:5b:dc:56:aa:87:e9:c7:ce:9c:4f:14:64:1f:1c:1e:d9:
04:f0:72:b2:ab:1a:4e:98:df:26:14:3c:f4:5d:4c:0a:50:cf:
95:02:42:e9:ad:93:78:d4:2b:1b:c2:e1:27:bd:da:0c:5f:b8:
29:6e:cb:1a:ce:66:b1:a3:e1:72:4b:b7:cd:6e:39:39:61:3c:
20:56:f9:37:20:30:ed:6f:fb:60:6f:81:b7:72:3b:5a:28:83:
5b:67:78:ec:10:f6:b5:0c:0d:15:e6:2c:de:43:4b:f3:60:63:
f3:e8:e4:69:38:a4:16:42:f8:2b:96:6c:e1:98:0e:4b:4b:c3:
b9:25:ca:78:89:e5:09:9e:c1:51:06:52:26:11:21:f4:92:61:
48:5f:06:5c:89:37:72:f9:5b:23:ac:dd:f9:72:97:2c:c1:43:
6a:76:80:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZO/8P969e6A9H+KDEvZxFGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzkwMGY2NmU3MGIyZmZmZDljMGNlOTI2MDJmMmY0NWM2
NTk5NjEwHhcNMjQxMjEzMTIxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg0MDUwZDBkNDdjZjdjNWYxODg5YWJlZGFjOTJkYWM3OWIyMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/NpTkaz5kz6HgHyq1FzQgtV4291
+L1kqcb+oTyhgZ7p4J01iQsa5In+JfZ5UQ06r/tquukUbws8jaEJ5pcbrTD5UHTL
cTb+eUtCkhOgJ4B/YwZozTV15pMyCc2r63lhEDxPA0Y7Wp7HHUsoeD2mvuE3VqRV
ZHMZFaasx05761eZVzpeEpMY4FNX0o7TwVC/G9mGb9mX/9lWjrVmybUEzsAy/x80
6gHPjn36ZVF50GYuOo13893tiphBd+NbOHdjEkHyc0+HISnpUTrEn6JpN8mcgbhi
n/QWfy50CEkI9T/MRExrIvRXGj4Hso7uxyKFvqbH+7Tsdu0BatKAG5g2fwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGqEBQ0NR898XxiJq+2sktrHmyDYMB8GA1UdIwQY
MBaAFJk5APZucLL//ZwM6SYC8vRcZZlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2Qt
ZGVmNmVmYjQ0MzE5LzEvYW9RRkRRMUh6M3hmR0ltcjdheVMyc2ViSU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2QtZGVmNmVmYjQ0MzE5
LzEvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDV+3oAwQC
WezYAwQE2R6gMA0GCSqGSIb3DQEBCwUAA4IBAQBypYIVvHcee5rl89ksGCEYdGs3
Fw4vFMnFIUMYTW0sUUPgj3vsqsesgfxNtMPlfLFX5wqveaMkjSlZw10agKbrstRA
a4Raknpm3t0VKQsjm02ieCXJmOY3QK3HP1vcVqqH6cfOnE8UZB8cHtkE8HKyqxpO
mN8mFDz0XUwKUM+VAkLprZN41CsbwuEnvdoMX7gpbssazmaxo+FyS7fNbjk5YTwg
Vvk3IDDtb/tgb4G3cjtaKINbZ3jsEPa1DA0V5izeQ0vzYGPz6ORpOKQWQvgrlmzh
mA5LS8O5Jcp4ieUJnsFRBlImESH0kmFIXwZciTdy+VsjrN35cpcswUNqdoDN
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:51:31 2025 by rpki-client