Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/aaxiBqt7Xp1WWFnGEQvVkyNiwkE.roa
File: aaxiBqt7Xp1WWFnGEQvVkyNiwkE.roa (raw, json)
Hash identifier: vQgUVtnwcKSxOGUvw5XRB7I1jnmndpfeI4GKFUKRE5g=
Subject key identifier: 69:AC:62:06:AB:7B:5E:9D:56:58:59:C6:11:0B:D5:93:23:62:C2:41
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018CC3B67E48E49BC66A123466787FCC1ED6
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/aaxiBqt7Xp1WWFnGEQvVkyNiwkE.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212728
IP address blocks: 85.117.241.0/24 maxlen: 24
194.156.79.0/24 maxlen: 24
2a09:ff00:8000::/37 maxlen: 37
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7e:48:e4:9b:c6:6a:12:34:66:78:7f:cc:1e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ac6206ab7b5e9d565859c6110bd5932362c241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:47:b7:8d:03:79:bc:db:5d:37:81:dd:6f:60:
5c:44:fe:66:75:36:1e:e1:14:50:d5:88:2b:d1:f8:
20:31:82:14:70:90:12:6f:06:ee:e8:63:78:da:16:
32:63:77:44:01:57:1e:6d:17:db:ae:a7:58:a6:5a:
0f:53:90:35:a4:d1:38:f3:f2:3e:79:91:47:75:2c:
a0:07:ed:e5:7c:e9:a0:bf:56:08:70:52:53:ee:78:
5e:85:7c:cd:c5:9e:34:be:62:a1:ae:61:57:b3:90:
29:7f:92:38:a8:ba:d5:6a:48:10:ec:b2:29:44:ba:
c1:21:4d:8f:66:75:91:e4:e3:c4:6a:c8:1d:f5:53:
82:fb:20:dd:49:8e:a2:0f:5b:b0:8b:93:d9:d9:52:
b1:fb:6d:b9:50:99:e4:c9:90:d7:6f:2b:b7:49:0e:
cb:3d:27:6f:3a:ea:ce:83:2b:ec:f7:48:53:ab:dd:
5e:2a:fa:d4:c8:8d:a0:f0:3d:6d:ad:32:82:0d:5f:
bb:e5:a3:a1:53:70:84:1a:f0:c1:53:0e:5e:97:3e:
2b:1d:e9:dd:23:1a:6e:db:86:92:08:51:29:7c:4a:
b8:18:e4:2f:7b:eb:d9:d2:8d:02:2a:f5:cd:2e:fd:
d3:1e:14:8f:6c:6e:74:30:dc:e7:9f:4d:e9:c5:38:
1e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AC:62:06:AB:7B:5E:9D:56:58:59:C6:11:0B:D5:93:23:62:C2:41
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/aaxiBqt7Xp1WWFnGEQvVkyNiwkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
194.156.79.0/24
IPv6:
2a09:ff00:8000::/37
Signature Algorithm: sha256WithRSAEncryption
37:de:cf:4a:eb:80:52:26:c2:68:5f:91:83:14:e4:5e:b3:4e:
35:5f:ce:60:61:e5:76:3a:0e:a2:64:a4:1a:d0:95:55:a4:5a:
4f:1d:77:28:2e:76:af:7e:af:d6:8a:22:7f:e1:d0:4d:de:a5:
67:b2:8c:b1:69:c5:a5:28:66:f5:ff:05:68:c2:f3:df:17:46:
79:f3:7c:cd:70:cd:d2:3d:a1:8d:5b:ed:b0:db:83:91:ed:ec:
37:83:d9:76:06:fa:59:85:85:9f:58:0f:97:f1:a5:c0:06:3a:
57:75:ee:71:4f:0f:1b:c2:58:53:b6:c7:5e:63:38:50:40:91:
79:f3:63:01:ad:6e:39:47:a9:e9:1c:68:4c:79:0c:e8:09:6d:
c6:8b:1e:76:96:aa:06:26:00:d7:35:7e:c7:07:22:27:54:c3:
8c:9e:d9:43:89:dc:d1:87:29:0b:80:68:83:c1:39:a2:9d:a6:
3d:0a:2a:b3:8c:aa:7c:21:4a:9b:f7:31:c3:c0:53:d0:52:9b:
34:cd:72:7b:31:6b:35:12:f1:62:75:0b:1c:10:9b:ce:85:16:
93:43:ec:42:92:67:25:e4:83:a4:ae:c6:9a:ef:3e:82:e3:5d:
2d:4b:a2:1f:33:e4:23:aa:96:af:85:f4:a3:f9:cf:37:20:62:
82:4b:15:2d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzDtn5I5JvGahI0Znh/zB7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFjNjIwNmFiN2I1ZTlkNTY1ODU5YzYxMTBiZDU5MzIzNjJjMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAike3jQN5vNtdN4Hdb2BcRP5mdTYe
4RRQ1Ygr0fggMYIUcJASbwbu6GN42hYyY3dEAVcebRfbrqdYploPU5A1pNE48/I+
eZFHdSygB+3lfOmgv1YIcFJT7nhehXzNxZ40vmKhrmFXs5Apf5I4qLrVakgQ7LIp
RLrBIU2PZnWR5OPEasgd9VOC+yDdSY6iD1uwi5PZ2VKx+225UJnkyZDXbyu3SQ7L
PSdvOurOgyvs90hTq91eKvrUyI2g8D1trTKCDV+75aOhU3CEGvDBUw5elz4rHend
Ixpu24aSCFEpfEq4GOQve+vZ0o0CKvXNLv3THhSPbG50MNznn03pxTge+QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGmsYgare16dVlhZxhEL1ZMjYsJBMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvYWF4aUJxdDdYcDFXV0ZuR0VRdlZreU5pd2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAVXXxAwQA
wpxPMA4EAgACMAgDBgMqCf8AgDANBgkqhkiG9w0BAQsFAAOCAQEAN97PSuuAUibC
aF+RgxTkXrNONV/OYGHldjoOomSkGtCVVaRaTx13KC52r36v1ooif+HQTd6lZ7KM
sWnFpShm9f8FaMLz3xdGefN8zXDN0j2hjVvtsNuDke3sN4PZdgb6WYWFn1gPl/Gl
wAY6V3XucU8PG8JYU7bHXmM4UECRefNjAa1uOUep6RxoTHkM6AltxosedpaqBiYA
1zV+xwciJ1TDjJ7ZQ4nc0YcpC4Bog8E5op2mPQoqs4yqfCFKm/cxw8BT0FKbNM1y
ezFrNRLxYnULHBCbzoUWk0PsQpJnJeSDpK7Gmu8+guNdLUuiHzPkI6qWr4X0o/nP
NyBigksVLQ==
-----END CERTIFICATE-----
Generated at Wed Jan 3 13:03:16 2024 by rpki-client on console-ams.rpki-client.org