Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/2aqJkUHB6puhz7UWtd2-OeFyqsc.roa
File: 2aqJkUHB6puhz7UWtd2-OeFyqsc.roa (raw, json)
Hash identifier: Ay5Uk0uAnSGrI0dsVJ3qRy9r+IL710Vard6uZFHo1HE=
Subject key identifier: D9:AA:89:91:41:C1:EA:9B:A1:CF:B5:16:B5:DD:BE:39:E1:72:AA:C7
Certificate issuer: /CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Certificate serial: 01914C330D0A1227242C7D4E14FE2D8743EB
Authority key identifier: 94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/2aqJkUHB6puhz7UWtd2-OeFyqsc.roa
Signing time: Tue 13 Aug 2024 14:44:59 +0000
ROA not before: Tue 13 Aug 2024 14:44:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59721
IP address blocks: 195.80.158.0/24 maxlen: 24
2a13:1c0::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 14 Aug 2024 13:42:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:33:0d:0a:12:27:24:2c:7d:4e:14:fe:2d:87:43:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Validity
Not Before: Aug 13 14:44:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9aa899141c1ea9ba1cfb516b5ddbe39e172aac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8f:81:c9:48:30:ec:20:6d:74:7c:99:75:1f:
09:f1:8d:05:e6:f3:46:72:01:a1:c8:9e:bf:a2:77:
6a:2d:fc:6e:b0:9d:c6:b5:08:d9:7a:b8:b5:55:c3:
d1:1f:e1:7f:fb:5e:7a:26:37:cc:73:0e:2f:ad:79:
9b:40:c1:c9:c1:aa:c8:3d:44:c2:43:1f:0c:e4:1d:
3c:63:e7:13:2a:3e:87:43:e3:3f:79:95:5d:ea:58:
47:66:67:79:b3:df:2b:ca:31:8b:bf:ef:3b:11:9f:
dc:74:31:21:d4:55:e7:7c:c6:8b:b6:7a:ce:5f:70:
82:6f:34:19:07:79:1f:6d:e6:b8:a6:b5:f9:c7:c6:
9f:a4:0c:ba:9c:fd:a2:b0:f2:69:c7:3b:c2:10:ef:
c9:16:49:94:0d:58:76:dd:6f:1c:d6:16:f7:f6:e9:
ab:0b:c0:34:52:5f:5d:2f:09:7e:ca:48:ca:a0:12:
4f:ce:1d:9a:7e:cf:e8:87:49:3f:c0:15:10:ab:e8:
ce:fa:db:6a:f2:a8:f1:d7:80:74:d3:2c:a6:a7:82:
6a:5e:10:22:f0:a1:cf:3b:7f:3d:4b:a6:45:4f:23:
82:02:57:03:b3:45:63:68:7f:9b:0e:f2:ef:91:c9:
49:9d:26:bb:55:f0:74:40:19:70:72:bb:e4:b5:0d:
27:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AA:89:91:41:C1:EA:9B:A1:CF:B5:16:B5:DD:BE:39:E1:72:AA:C7
X509v3 Authority Key Identifier:
keyid:94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/2aqJkUHB6puhz7UWtd2-OeFyqsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.158.0/24
IPv6:
2a13:1c0::/64
Signature Algorithm: sha256WithRSAEncryption
7a:9e:2f:a7:e1:fd:ab:f2:b8:84:a4:9e:1c:13:39:59:d6:fe:
eb:5a:65:87:f6:94:60:c8:be:ef:ec:99:78:9c:a1:9e:da:85:
db:af:a3:c4:51:12:5d:58:71:d7:d1:7c:cc:85:de:65:0b:92:
bb:5a:68:ee:7f:9c:dd:04:18:0b:51:07:39:b7:2a:03:69:0e:
8a:4c:fb:22:15:1b:96:47:dd:eb:60:94:5a:6c:6d:dd:6d:cc:
e4:e8:29:41:03:d7:04:4b:ee:28:24:b6:12:c5:02:03:b8:6b:
e6:7c:e3:ec:e0:e8:36:6d:fe:13:03:b3:38:62:bd:6b:1e:1b:
48:ca:0f:53:15:cd:45:f8:4f:8d:c6:15:7d:3c:a3:56:fe:d5:
4f:80:82:fb:91:1b:61:07:f7:1d:de:d5:57:ca:77:bf:2f:5a:
a9:bd:27:9c:9e:4b:b7:97:10:29:1a:3e:cb:97:d3:59:e7:0c:
8c:69:88:78:e4:f8:33:9c:b7:50:20:e8:9f:0e:24:f8:bc:63:
d6:29:6a:21:d0:93:cc:79:67:c4:5f:65:8a:e2:4e:55:44:f7:
5c:10:d5:a4:2a:38:77:e9:ca:ba:88:28:91:dd:31:0d:2f:67:
e1:45:16:0a:60:19:86:0f:af:14:ad:07:fa:89:f6:3f:a6:34:
56:36:05:81
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZFMMw0KEickLH1OFP4th0PrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjUxOWM0ZWNmMTVmNWZjMWUwNmVhYTZlMDNmOWNiMDM5
NTZjYWEwHhcNMjQwODEzMTQ0NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFhODk5MTQxYzFlYTliYTFjZmI1MTZiNWRkYmUzOWUxNzJhYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArI+ByUgw7CBtdHyZdR8J8Y0F5vNG
cgGhyJ6/ondqLfxusJ3GtQjZeri1VcPRH+F/+156JjfMcw4vrXmbQMHJwarIPUTC
Qx8M5B08Y+cTKj6HQ+M/eZVd6lhHZmd5s98ryjGLv+87EZ/cdDEh1FXnfMaLtnrO
X3CCbzQZB3kfbea4prX5x8afpAy6nP2isPJpxzvCEO/JFkmUDVh23W8c1hb39umr
C8A0Ul9dLwl+ykjKoBJPzh2afs/oh0k/wBUQq+jO+ttq8qjx14B00yymp4JqXhAi
8KHPO389S6ZFTyOCAlcDs0VjaH+bDvLvkclJnSa7VfB0QBlwcrvktQ0nRQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFNmqiZFBweqboc+1FrXdvjnhcqrHMB8GA1UdIwQY
MBaAFJT1GcTs8V9fweBuqm4D+csDlWyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMt
NTE2ZWFjNDY5MDUzLzEvMmFxSmtVSEI2cHVoejdVV3RkMi1PZUZ5cXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMtNTE2ZWFjNDY5MDUz
LzEvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQAw1CeMBEE
AgACMAsDCQAqEwHAAAAAADANBgkqhkiG9w0BAQsFAAOCAQEAep4vp+H9q/K4hKSe
HBM5Wdb+61plh/aUYMi+7+yZeJyhntqF26+jxFESXVhx19F8zIXeZQuSu1po7n+c
3QQYC1EHObcqA2kOikz7IhUblkfd62CUWmxt3W3M5OgpQQPXBEvuKCS2EsUCA7hr
5nzj7ODoNm3+EwOzOGK9ax4bSMoPUxXNRfhPjcYVfTyjVv7VT4CC+5EbYQf3Hd7V
V8p3vy9aqb0nnJ5Lt5cQKRo+y5fTWecMjGmIeOT4M5y3UCDonw4k+Lxj1ilqIdCT
zHlnxF9liuJOVUT3XBDVpCo4d+nKuogokd0xDS9n4UUWCmAZhg+vFK0H+on2P6Y0
VjYFgQ==
-----END CERTIFICATE-----
Generated at Wed Aug 14 19:04:16 2024 by rpki-client on console-ams.rpki-client.org