Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/AIkmWArhBj3_rZ1i3VzgF2sW0oA.roa
File: AIkmWArhBj3_rZ1i3VzgF2sW0oA.roa (raw, json)
Hash identifier: wLIK4l41Pi2LCg+7AJKG732pSTTHNn+BhV/fo/8ynGQ=
Subject key identifier: 00:89:26:58:0A:E1:06:3D:FF:AD:9D:62:DD:5C:E0:17:6B:16:D2:80
Certificate issuer: /CN=4b8d822165e7f01f722c973967f7554605240802
Certificate serial: 0190E072D0C386FE71D6718B66A98ABC35A4
Authority key identifier: 4B:8D:82:21:65:E7:F0:1F:72:2C:97:39:67:F7:55:46:05:24:08:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S42CIWXn8B9yLJc5Z_dVRgUkCAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/AIkmWArhBj3_rZ1i3VzgF2sW0oA.roa
Signing time: Tue 23 Jul 2024 16:35:39 +0000
ROA not before: Tue 23 Jul 2024 16:35:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 167.94.170.0/23 maxlen: 23
167.94.172.0/23 maxlen: 23
185.242.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 24 Sep 2024 17:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e0:72:d0:c3:86:fe:71:d6:71:8b:66:a9:8a:bc:35:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b8d822165e7f01f722c973967f7554605240802
Validity
Not Before: Jul 23 16:35:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=008926580ae1063dffad9d62dd5ce0176b16d280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f6:bf:39:3e:49:f6:50:38:0f:45:32:8b:d8:
50:bb:02:e5:2f:6e:2b:96:ad:8d:f2:2e:42:bc:24:
67:01:1a:64:32:e1:a6:31:23:7f:9e:6e:27:2b:83:
4f:8e:ea:ad:eb:a6:02:94:5c:27:74:38:ca:77:8f:
92:31:58:a9:a9:a5:01:88:18:87:08:9f:60:f9:98:
8a:0f:2b:7c:c3:16:3b:53:ac:8c:23:e9:c3:7b:56:
86:24:4e:ed:ef:9b:5c:76:a2:a1:f6:7e:b5:c1:71:
bc:f9:f4:01:ac:bb:06:5d:fb:aa:bc:22:f3:63:ae:
2d:7f:1f:35:08:69:79:f8:ab:df:6e:f1:e7:e9:77:
d2:22:c3:66:50:22:0b:2f:b2:26:79:bc:46:9e:8c:
32:b8:b5:90:3b:6d:90:66:0e:90:7f:64:e4:0f:49:
9b:0e:04:ea:1b:9c:10:66:04:53:b6:44:9b:5e:3a:
c0:2f:29:7d:c1:40:c9:bf:27:73:90:ff:81:c9:8b:
d4:db:4c:5a:32:42:b2:06:6f:a9:24:d1:07:cd:d4:
99:48:6a:b4:2c:df:83:2f:10:ae:a3:af:ed:79:da:
5d:5a:41:81:24:4b:c0:64:c2:39:f4:ba:37:5d:f8:
09:18:9b:2e:76:9d:24:9b:93:57:40:77:8d:4a:eb:
96:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:89:26:58:0A:E1:06:3D:FF:AD:9D:62:DD:5C:E0:17:6B:16:D2:80
X509v3 Authority Key Identifier:
keyid:4B:8D:82:21:65:E7:F0:1F:72:2C:97:39:67:F7:55:46:05:24:08:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S42CIWXn8B9yLJc5Z_dVRgUkCAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/AIkmWArhBj3_rZ1i3VzgF2sW0oA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/32e776-8f36-4d16-956a-5af958ceaf6e/1/S42CIWXn8B9yLJc5Z_dVRgUkCAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.94.170.0-167.94.173.255
185.242.80.0/22
Signature Algorithm: sha256WithRSAEncryption
69:99:35:f7:fd:8a:44:9d:5c:e4:c3:ce:d9:5c:91:e5:53:d3:
06:e9:63:5e:2f:64:1c:c2:07:78:1b:91:60:42:0c:f5:49:55:
db:17:8d:a0:40:ee:72:df:4b:15:c5:44:86:8c:73:8b:23:5b:
a1:21:4a:a8:6c:52:b2:3f:bc:55:cb:ff:7f:6f:cf:9b:42:5e:
8d:4a:1f:88:d3:a4:4e:aa:a2:a2:72:c1:fb:a6:31:a9:8e:a5:
94:92:fc:c6:2e:84:3e:fd:af:10:ff:bf:e9:bd:c8:ef:f8:d7:
d9:e8:0c:4d:c1:8c:b4:2d:69:7d:4b:b2:2f:e0:5f:69:86:e9:
c2:ce:73:71:ec:43:ce:4f:50:f8:07:1d:23:e4:15:76:48:6d:
d2:7a:cd:fa:20:ec:81:fd:89:ef:64:73:0b:21:ac:8f:ff:27:
6b:c3:44:89:15:4a:ea:89:07:65:ff:7f:9f:4f:2a:bc:43:30:
39:c0:71:49:d4:9e:43:da:c8:3d:af:22:2e:5c:9a:42:21:af:
8a:28:79:66:bf:3d:44:3e:f6:9a:eb:07:e5:50:9f:96:21:f2:
da:84:1a:0f:dc:6a:a1:6e:6f:e2:de:6d:d9:13:4c:7b:b6:e4:
7c:b1:1f:87:8a:ec:99:30:55:17:b2:f8:26:2f:56:6d:f2:c1:
13:0c:12:0e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZDgctDDhv5x1nGLZqmKvDWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOGQ4MjIxNjVlN2YwMWY3MjJjOTczOTY3Zjc1NTQ2MDUy
NDA4MDIwHhcNMjQwNzIzMTYzNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg5MjY1ODBhZTEwNjNkZmZhZDlkNjJkZDVjZTAxNzZiMTZkMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/a/OT5J9lA4D0Uyi9hQuwLlL24r
lq2N8i5CvCRnARpkMuGmMSN/nm4nK4NPjuqt66YClFwndDjKd4+SMVipqaUBiBiH
CJ9g+ZiKDyt8wxY7U6yMI+nDe1aGJE7t75tcdqKh9n61wXG8+fQBrLsGXfuqvCLz
Y64tfx81CGl5+KvfbvHn6XfSIsNmUCILL7ImebxGnowyuLWQO22QZg6Qf2TkD0mb
DgTqG5wQZgRTtkSbXjrALyl9wUDJvydzkP+ByYvU20xaMkKyBm+pJNEHzdSZSGq0
LN+DLxCuo6/tedpdWkGBJEvAZMI59Lo3XfgJGJsudp0km5NXQHeNSuuWkQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFACJJlgK4QY9/62dYt1c4BdrFtKAMB8GA1UdIwQY
MBaAFEuNgiFl5/AfciyXOWf3VUYFJAgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzQyQ0lXWG44Qjl5TEpjNVpfZFZSZ1VrQ0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zMmU3NzYtOGYzNi00ZDE2LTk1NmEt
NWFmOTU4Y2VhZjZlLzEvQUlrbVdBcmhCajNfcloxaTNWemdGMnNXMG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zMmU3NzYtOGYzNi00ZDE2LTk1NmEtNWFmOTU4Y2VhZjZl
LzEvUzQyQ0lXWG44Qjl5TEpjNVpfZFZSZ1VrQ0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAGnXqoD
BAGnXqwDBAK58lAwDQYJKoZIhvcNAQELBQADggEBAGmZNff9ikSdXOTDztlckeVT
0wbpY14vZBzCB3gbkWBCDPVJVdsXjaBA7nLfSxXFRIaMc4sjW6EhSqhsUrI/vFXL
/39vz5tCXo1KH4jTpE6qoqJywfumMamOpZSS/MYuhD79rxD/v+m9yO/419noDE3B
jLQtaX1Lsi/gX2mG6cLOc3HsQ85PUPgHHSPkFXZIbdJ6zfog7IH9ie9kcwshrI//
J2vDRIkVSuqJB2X/f59PKrxDMDnAcUnUnkPayD2vIi5cmkIhr4ooeWa/PUQ+9prr
B+VQn5Yh8tqEGg/caqFub+LebdkTTHu25HyxH4eK7JkwVRey+CYvVm3ywRMMEg4=
-----END CERTIFICATE-----
Generated at Tue Sep 24 20:31:13 2024 by rpki-client on console-fra.rpki-client.org