Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/amz2KkbmlgfbHUflGgPtb1SNw6c.roa
File: amz2KkbmlgfbHUflGgPtb1SNw6c.roa (raw, json)
Hash identifier: b2LRPL7srE3rccUCxTG5FHMwmcblp2dD5W2yxMiv3zM=
Subject key identifier: 6A:6C:F6:2A:46:E6:96:07:DB:1D:47:E5:1A:03:ED:6F:54:8D:C3:A7
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 018CC348A8BFD5F0EF0E94C0F57FC4B86784
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/amz2KkbmlgfbHUflGgPtb1SNw6c.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3188
IP address blocks: 185.8.130.0/24 maxlen: 24
185.8.131.0/24 maxlen: 24
185.8.128.0/24 maxlen: 24
185.8.129.0/24 maxlen: 24
5.2.81.0/24 maxlen: 24
5.2.82.0/24 maxlen: 24
5.2.83.0/24 maxlen: 24
5.2.84.0/24 maxlen: 24
5.2.85.0/24 maxlen: 24
5.2.80.0/24 maxlen: 24
5.2.86.0/24 maxlen: 24
5.2.87.0/24 maxlen: 24
185.8.33.0/24 maxlen: 24
185.8.34.0/24 maxlen: 24
185.8.35.0/24 maxlen: 24
185.8.32.0/24 maxlen: 24
185.150.128.0/24 maxlen: 24
185.150.129.0/24 maxlen: 24
185.150.130.0/24 maxlen: 24
185.150.131.0/24 maxlen: 24
2a04:b600::/29 maxlen: 29
2a02:d9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 Jan 2024 12:31:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a8:bf:d5:f0:ef:0e:94:c0:f5:7f:c4:b8:67:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a6cf62a46e69607db1d47e51a03ed6f548dc3a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:04:e1:bf:54:40:5c:fa:74:88:5b:62:19:7c:
65:ab:97:66:e1:00:ba:b9:59:6b:95:c2:c8:b7:57:
0c:c1:2d:d3:ce:51:02:cb:d9:b6:1e:a9:c7:31:08:
a2:fc:46:6a:6e:5f:ad:bf:74:f8:e9:71:7f:8e:2c:
53:a4:fb:d5:97:e8:f4:54:1a:cd:38:5c:9e:c8:14:
ee:99:ee:ed:ac:83:ab:2a:af:4a:06:9a:55:07:dc:
80:09:d2:e3:31:3b:a9:41:29:fd:bd:f0:be:71:b6:
1b:02:39:b8:06:f2:4b:c1:39:6f:dc:e1:57:96:f6:
ad:53:f1:67:3a:ac:e0:97:ae:f0:46:d5:af:5d:9b:
d6:52:11:00:80:33:0a:76:45:0f:16:ce:45:fc:fe:
41:f4:d4:2a:ab:34:3f:b0:07:83:ac:61:53:67:93:
36:1c:86:b0:bd:53:a0:71:f0:12:c6:06:f8:97:47:
28:4d:7a:cc:81:f1:79:fe:81:e4:fc:28:42:69:f8:
40:34:63:07:6b:02:6d:54:7f:61:f1:15:87:3f:3b:
18:a1:8c:08:a1:2f:c1:ac:72:d9:55:29:e0:7e:42:
33:6e:32:16:30:cc:18:59:e3:16:e5:10:d6:14:de:
d8:8b:90:27:01:52:aa:3f:2e:dd:a8:fc:b1:22:7c:
76:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:6C:F6:2A:46:E6:96:07:DB:1D:47:E5:1A:03:ED:6F:54:8D:C3:A7
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/amz2KkbmlgfbHUflGgPtb1SNw6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.80.0/21
185.8.32.0/22
185.8.128.0/22
185.150.128.0/22
IPv6:
2a02:d9c0::/29
2a04:b600::/29
Signature Algorithm: sha256WithRSAEncryption
a3:cf:86:81:05:0e:57:40:9d:82:f8:8e:a4:78:69:ca:57:ea:
9b:b0:5a:02:fa:ad:61:cd:67:d5:34:9a:6f:f2:49:c1:86:50:
02:a0:9c:79:f0:33:b1:9f:6f:3d:fd:b7:8a:03:1e:c6:92:59:
04:3f:97:10:3c:3c:01:99:73:bf:9e:41:7e:48:5b:36:51:36:
4e:51:53:fb:d0:0e:0d:0c:b7:e1:71:ab:76:0d:3e:e6:11:e5:
2b:2d:70:0d:d1:61:45:5c:8a:36:99:9d:cd:8b:78:5a:ff:18:
c2:3b:7b:1b:e4:cc:4d:40:70:3e:75:b0:5e:e7:f9:0a:cb:e4:
36:40:1c:e8:bc:6f:5b:e4:77:99:14:67:5a:71:e6:3a:e9:bf:
83:ba:1f:bb:3d:40:3c:98:0d:58:25:65:3e:70:c5:e1:64:9a:
6d:8f:f6:2f:9c:f4:bd:49:ba:8d:87:de:c6:aa:cb:c0:d6:95:
5b:09:f7:31:7f:c9:d0:55:34:3b:b7:cc:e7:b1:b0:63:cb:cb:
d1:48:5f:c1:20:c7:cf:ac:ee:8e:13:ba:03:4f:3f:70:0c:79:
2d:86:4f:14:4a:2d:10:8c:f1:0b:a3:ae:d9:bb:b3:87:87:f4:
c6:b3:4a:c8:c9:c3:00:e9:ef:48:5b:4f:25:04:d0:5a:29:47:
3b:36:fb:7e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDSKi/1fDvDpTA9X/EuGeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZjZjYyYTQ2ZTY5NjA3ZGIxZDQ3ZTUxYTAzZWQ2ZjU0OGRjM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQThv1RAXPp0iFtiGXxlq5dm4QC6
uVlrlcLIt1cMwS3TzlECy9m2HqnHMQii/EZqbl+tv3T46XF/jixTpPvVl+j0VBrN
OFyeyBTume7trIOrKq9KBppVB9yACdLjMTupQSn9vfC+cbYbAjm4BvJLwTlv3OFX
lvatU/FnOqzgl67wRtWvXZvWUhEAgDMKdkUPFs5F/P5B9NQqqzQ/sAeDrGFTZ5M2
HIawvVOgcfASxgb4l0coTXrMgfF5/oHk/ChCafhANGMHawJtVH9h8RWHPzsYoYwI
oS/BrHLZVSngfkIzbjIWMMwYWeMW5RDWFN7Yi5AnAVKqPy7dqPyxInx2OwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGps9ipG5pYH2x1H5RoD7W9UjcOnMB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEvYW16MktrYm1sZ2ZiSFVmbEdnUHRiMVNOdzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDBQJQAwQC
uQggAwQCuQiAAwQCuZaAMBQEAgACMA4DBQMqAtnAAwUDKgS2ADANBgkqhkiG9w0B
AQsFAAOCAQEAo8+GgQUOV0CdgviOpHhpylfqm7BaAvqtYc1n1TSab/JJwYZQAqCc
efAzsZ9vPf23igMexpJZBD+XEDw8AZlzv55BfkhbNlE2TlFT+9AODQy34XGrdg0+
5hHlKy1wDdFhRVyKNpmdzYt4Wv8Ywjt7G+TMTUBwPnWwXuf5CsvkNkAc6LxvW+R3
mRRnWnHmOum/g7ofuz1APJgNWCVlPnDF4WSabY/2L5z0vUm6jYfexqrLwNaVWwn3
MX/J0FU0O7fM57GwY8vL0UhfwSDHz6zujhO6A08/cAx5LYZPFEotEIzxC6Ou2buz
h4f0xrNKyMnDAOnvSFtPJQTQWilHOzb7fg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:03 2024 by rpki-client on console-fra.rpki-client.org