Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AqdIYLrWhO3rPGUr5gVMreDoYaQ.roa
File: AqdIYLrWhO3rPGUr5gVMreDoYaQ.roa (raw, json)
Hash identifier: qaSb2kzrKAC3HzyBq/OIF+AxpaX8ijIacRrIQ19qtUU=
Subject key identifier: 02:A7:48:60:BA:D6:84:ED:EB:3C:65:2B:E6:05:4C:AD:E0:E8:61:A4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192C92C9F740F045DD3BB52E5BDA4049C8C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AqdIYLrWhO3rPGUr5gVMreDoYaQ.roa
Signing time: Sat 26 Oct 2024 14:13:17 +0000
ROA not before: Sat 26 Oct 2024 14:13:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 31.13.247.0/24 maxlen: 24
45.128.97.0/24 maxlen: 24
87.121.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c9:2c:9f:74:0f:04:5d:d3:bb:52:e5:bd:a4:04:9c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 26 14:13:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02a74860bad684edeb3c652be6054cade0e861a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1f:d2:d8:03:6e:59:7b:69:89:01:82:78:43:
63:c8:29:15:65:7e:ff:85:a0:35:88:76:9e:aa:c5:
6f:e7:8d:e0:f9:eb:ca:2d:74:0b:94:41:f2:a7:b5:
ec:ef:9e:95:53:87:8c:f8:aa:6f:b0:34:62:9d:20:
59:34:6a:76:62:3c:5b:21:e6:00:c3:f9:5b:2d:2f:
06:a7:d7:ef:38:e3:36:2f:75:05:22:77:68:78:40:
10:71:b7:bb:b9:60:80:49:66:bd:89:72:6d:48:36:
29:7f:c4:2f:53:5e:c3:9d:37:21:3a:fc:c3:30:f4:
f9:c0:58:75:cc:0a:9a:3b:bb:49:5f:ef:25:7b:49:
e5:4b:28:3b:e3:37:f2:59:28:94:7c:3b:e7:0b:a9:
38:88:a6:f6:6d:41:da:38:86:3d:05:37:91:06:f9:
ac:38:b4:b7:39:7c:89:ff:24:45:64:a3:c2:94:08:
30:f2:be:aa:f8:93:dc:8a:55:4f:6f:84:00:fa:b1:
fb:19:3c:ad:23:24:43:fd:cd:5d:66:41:8d:d0:78:
f5:6d:50:db:2a:fc:5a:9b:2c:02:6f:75:1a:50:93:
46:88:48:bb:cf:7b:75:09:e7:5e:ac:08:a7:24:26:
b4:fa:8c:0e:47:56:cb:6b:5a:b9:12:49:f7:f5:24:
d9:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A7:48:60:BA:D6:84:ED:EB:3C:65:2B:E6:05:4C:AD:E0:E8:61:A4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AqdIYLrWhO3rPGUr5gVMreDoYaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.247.0/24
45.128.97.0/24
87.121.219.0/24
Signature Algorithm: sha256WithRSAEncryption
67:8c:13:b9:22:38:ce:cf:42:a9:99:6a:45:d8:fc:00:f7:5a:
bd:8b:a9:a9:20:04:4d:96:3a:ed:05:6e:35:d8:a9:19:43:96:
43:fd:7d:c4:b0:bf:bb:40:53:25:f8:6d:70:21:e9:40:1b:25:
bd:ed:3e:f1:a2:77:f4:62:ef:65:0d:48:07:00:10:02:05:6b:
c0:26:8e:7d:51:79:fb:00:32:cb:b5:b7:2a:bb:e4:c9:9f:f4:
73:ff:e4:fb:e4:5f:c9:8a:a0:a1:a5:69:da:e0:0e:33:6d:90:
28:e5:62:00:06:2b:e4:70:e9:aa:17:46:b2:2b:ff:04:77:c9:
39:e3:f8:66:73:73:c7:36:89:29:13:d3:69:92:ea:03:09:d7:
f8:5c:46:cd:c0:6f:d5:d9:41:e1:87:fb:ea:4f:fc:45:5e:2c:
7f:65:c2:7f:f6:25:c9:c3:c2:c0:76:d7:5e:c6:b5:cd:d2:8e:
70:7e:b9:ad:f7:6a:fa:a9:75:83:9e:9c:5f:d7:92:6e:20:40:
4c:d9:ba:0f:06:6e:38:8b:a3:40:c1:7c:14:34:d7:13:ef:c1:
ed:e4:d7:2e:10:dd:98:6e:16:1e:cd:51:23:45:4d:3a:53:a6:
ae:55:07:bc:f1:d2:c5:72:2d:43:e3:c7:65:67:25:b0:38:e4:
f5:74:b3:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLJLJ90DwRd07tS5b2kBJyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI2MTQxMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE3NDg2MGJhZDY4NGVkZWIzYzY1MmJlNjA1NGNhZGUwZTg2MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx/S2ANuWXtpiQGCeENjyCkVZX7/
haA1iHaeqsVv543g+evKLXQLlEHyp7Xs756VU4eM+KpvsDRinSBZNGp2YjxbIeYA
w/lbLS8Gp9fvOOM2L3UFIndoeEAQcbe7uWCASWa9iXJtSDYpf8QvU17DnTchOvzD
MPT5wFh1zAqaO7tJX+8le0nlSyg74zfyWSiUfDvnC6k4iKb2bUHaOIY9BTeRBvms
OLS3OXyJ/yRFZKPClAgw8r6q+JPcilVPb4QA+rH7GTytIyRD/c1dZkGN0Hj1bVDb
KvxamywCb3UaUJNGiEi7z3t1CederAinJCa0+owOR1bLa1q5Ekn39STZTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAKnSGC61oTt6zxlK+YFTK3g6GGkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQXFkSVlMcldoTzNyUEdVcjVnVk1yZURvWWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHw33AwQA
LYBhAwQAV3nbMA0GCSqGSIb3DQEBCwUAA4IBAQBnjBO5IjjOz0KpmWpF2PwA91q9
i6mpIARNljrtBW412KkZQ5ZD/X3EsL+7QFMl+G1wIelAGyW97T7xonf0Yu9lDUgH
ABACBWvAJo59UXn7ADLLtbcqu+TJn/Rz/+T75F/JiqChpWna4A4zbZAo5WIABivk
cOmqF0ayK/8Ed8k54/hmc3PHNokpE9NpkuoDCdf4XEbNwG/V2UHhh/vqT/xFXix/
ZcJ/9iXJw8LAdtdexrXN0o5wfrmt92r6qXWDnpxf15JuIEBM2boPBm44i6NAwXwU
NNcT78Ht5NcuEN2YbhYezVEjRU06U6auVQe88dLFci1D48dlZyWwOOT1dLMO
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:18 2025 by rpki-client