Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ASrH2jLQanye4BIqsSiZdqDRSOc.roa
File: ASrH2jLQanye4BIqsSiZdqDRSOc.roa (raw, json)
Hash identifier: FtRlCFJZ+TGHYaCmjtFLk/cHEf/4O9wV5xFIQa0PBqo=
Subject key identifier: 01:2A:C7:DA:32:D0:6A:7C:9E:E0:12:2A:B1:28:99:76:A0:D1:48:E7
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018AB7184B14793CBC9C145D10DB915BD869
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ASrH2jLQanye4BIqsSiZdqDRSOc.roa
Signing time: Thu 21 Sep 2023 09:35:37 +0000
ROA not before: Thu 21 Sep 2023 09:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14670
IP address blocks: 65.181.111.0/24 maxlen: 24
192.243.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 10:42:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:18:4b:14:79:3c:bc:9c:14:5d:10:db:91:5b:d8:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Sep 21 09:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=012ac7da32d06a7c9ee0122ab1289976a0d148e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:50:4c:89:bb:01:c3:7e:30:b8:99:6e:78:74:
d4:f6:00:40:f6:56:1d:05:17:00:43:5f:62:3f:35:
f1:c1:db:d2:6f:f5:05:5a:ed:42:25:e3:6f:e7:e8:
d4:33:a2:7c:9d:d4:92:4a:a4:e2:f3:99:15:61:a4:
93:bf:44:9a:86:dc:22:31:6b:41:02:76:31:2b:5d:
4e:06:83:b5:05:16:f6:c2:cf:4f:15:90:a5:3c:88:
d0:a2:ad:ea:0a:78:ad:d6:6b:7d:1a:00:90:00:7a:
43:c5:29:c9:ab:ee:37:04:6f:47:6d:d3:36:7a:43:
84:57:75:6a:1f:5f:f1:f2:b1:a4:69:ec:d9:3f:0a:
73:1f:43:66:bf:5e:cd:7a:79:d5:5c:77:ea:8b:6a:
56:02:13:3b:bb:1a:cd:bc:ad:d3:92:9f:96:b7:df:
6b:0b:49:e0:3c:18:be:12:c1:95:77:81:f0:0c:ed:
b3:0a:d8:b7:7e:51:e3:4b:ef:a0:13:d3:b1:04:97:
b2:2f:a6:60:9e:9e:e0:36:fe:b6:63:10:0b:6c:29:
ed:ce:c5:2c:16:bf:a8:55:3f:e6:56:21:9f:80:4b:
57:40:2b:b5:6e:cc:1d:bc:fd:50:6c:57:d6:af:07:
26:c6:e5:d6:dd:98:5e:93:0e:7f:e9:f9:80:4d:ac:
0f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2A:C7:DA:32:D0:6A:7C:9E:E0:12:2A:B1:28:99:76:A0:D1:48:E7
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ASrH2jLQanye4BIqsSiZdqDRSOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.111.0/24
192.243.110.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:74:0e:d8:91:92:2f:a3:1a:7e:de:7c:90:d0:32:42:f1:57:
e3:bf:9f:6c:f0:56:37:22:f8:40:4d:06:23:79:21:e6:6e:9c:
91:9b:e3:ab:e9:37:a1:be:5f:be:3c:70:00:ab:7f:02:e2:57:
ca:63:b5:a9:7b:09:65:85:b4:19:1b:cb:3c:20:22:f1:ab:fa:
82:e2:17:ce:ea:c0:48:8d:57:cf:d9:c4:50:70:ec:84:21:b5:
38:5f:39:db:27:54:e3:b2:7f:1f:48:9c:5f:91:03:3a:5e:8b:
9a:1e:a9:7f:85:82:19:6d:7f:df:40:27:5e:cf:bf:c1:4f:80:
80:43:c0:a3:00:62:e8:39:0f:89:c0:27:8f:a6:25:3b:75:44:
dd:5f:68:7e:af:aa:0a:35:2c:c9:25:d9:6c:b6:38:2d:42:fa:
f8:ac:88:13:2f:77:28:93:ee:b7:3c:ef:d8:eb:15:50:ba:16:
a7:b1:cb:e3:aa:63:d2:75:12:0c:01:a9:f5:fa:61:8e:3c:fe:
e7:a4:cc:c9:e7:8b:c0:b8:7e:8e:79:af:e2:43:56:56:cd:82:
f7:5f:ff:73:4c:d3:32:c9:d5:19:e9:06:f8:1d:69:8e:da:41:
a1:af:3b:06:26:cd:1b:6a:c6:a4:48:5b:c4:6a:af:d1:3a:08:
5d:26:50:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYq3GEsUeTy8nBRdENuRW9hpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMwOTIxMDkzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTJhYzdkYTMyZDA2YTdjOWVlMDEyMmFiMTI4OTk3NmEwZDE0OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFBMibsBw34wuJlueHTU9gBA9lYd
BRcAQ19iPzXxwdvSb/UFWu1CJeNv5+jUM6J8ndSSSqTi85kVYaSTv0SahtwiMWtB
AnYxK11OBoO1BRb2ws9PFZClPIjQoq3qCnit1mt9GgCQAHpDxSnJq+43BG9HbdM2
ekOEV3VqH1/x8rGkaezZPwpzH0Nmv17NennVXHfqi2pWAhM7uxrNvK3Tkp+Wt99r
C0ngPBi+EsGVd4HwDO2zCti3flHjS++gE9OxBJeyL6Zgnp7gNv62YxALbCntzsUs
Fr+oVT/mViGfgEtXQCu1bswdvP1QbFfWrwcmxuXW3Zhekw5/6fmATawPLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAEqx9oy0Gp8nuASKrEomXag0UjnMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvQVNySDJqTFFhbnllNEJJcXNTaVpkcURSU09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAQbVvAwQA
wPNuMA0GCSqGSIb3DQEBCwUAA4IBAQB9dA7YkZIvoxp+3nyQ0DJC8Vfjv59s8FY3
IvhATQYjeSHmbpyRm+Or6Tehvl++PHAAq38C4lfKY7WpewllhbQZG8s8ICLxq/qC
4hfO6sBIjVfP2cRQcOyEIbU4XznbJ1Tjsn8fSJxfkQM6XouaHql/hYIZbX/fQCde
z7/BT4CAQ8CjAGLoOQ+JwCePpiU7dUTdX2h+r6oKNSzJJdlstjgtQvr4rIgTL3co
k+63PO/Y6xVQuhanscvjqmPSdRIMAan1+mGOPP7npMzJ54vAuH6Oea/iQ1ZWzYL3
X/9zTNMyydUZ6Qb4HWmO2kGhrzsGJs0basakSFvEaq/ROghdJlCc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:49 2024 by rpki-client on console-fra.rpki-client.org