Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/aiRX1OUgJd3gX19NW9wLrbVCOAE.roa
File: aiRX1OUgJd3gX19NW9wLrbVCOAE.roa (raw, json)
Hash identifier: e7VFsaO3by3OL8Kmb+9vocxEurg9Q+7rmFeyw8GL6ao=
Subject key identifier: 6A:24:57:D4:E5:20:25:DD:E0:5F:5F:4D:5B:DC:0B:AD:B5:42:38:01
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0192044E3D39EF2A980700A829291C85ED0F
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/aiRX1OUgJd3gX19NW9wLrbVCOAE.roa
Signing time: Wed 18 Sep 2024 08:44:49 +0000
ROA not before: Wed 18 Sep 2024 08:44:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 51.198.64.0/23 maxlen: 24
51.198.66.0/23 maxlen: 24
51.198.70.0/23 maxlen: 24
51.199.252.0/23 maxlen: 24
51.199.254.0/23 maxlen: 24
2a06:5901:8000::/40 maxlen: 48
2a06:5901:8100::/40 maxlen: 48
2a06:5901:8200::/40 maxlen: 48
2a06:5901:8300::/40 maxlen: 48
2a06:5901:8500::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:4e:3d:39:ef:2a:98:07:00:a8:29:29:1c:85:ed:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Sep 18 08:44:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a2457d4e52025dde05f5f4d5bdc0badb5423801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5f:22:d7:e2:85:c8:36:62:90:75:9f:2a:02:
96:a5:6d:ee:63:e0:05:a3:81:c0:f6:be:33:74:ca:
4a:6d:e4:44:1b:82:43:73:70:94:f6:01:dc:ab:7b:
6c:eb:b1:2b:a8:9c:7a:82:d1:ae:e7:19:4d:59:29:
b6:91:57:8b:2b:3f:1a:04:3f:aa:e0:ae:12:08:3f:
3f:46:a9:36:18:7f:5f:66:5d:d1:32:e0:8d:0c:d0:
7e:3d:57:91:b1:a0:02:0f:83:0b:2a:41:e1:48:36:
94:e8:91:a6:6c:bc:35:9a:a7:e7:ea:8b:0c:fe:f6:
ba:32:8f:d0:14:2d:cc:79:c2:48:99:37:d2:89:85:
41:df:d2:a5:b4:df:0b:c2:24:a4:c2:f9:0c:ea:8c:
cf:46:ea:ff:da:95:85:31:ad:26:2c:f5:d3:b4:8f:
d1:1c:67:5f:6e:f3:e5:2e:01:6a:92:8d:46:e0:7c:
ad:b9:2f:a8:93:99:53:d7:e5:06:33:78:4e:f6:60:
b5:9b:05:4b:e1:b2:24:65:41:43:d1:8b:61:ad:a8:
8d:0c:3f:b0:7b:6c:c7:1f:d7:c4:f3:b3:20:92:f4:
31:ab:be:da:bb:dc:da:ec:bc:60:9c:86:d3:c4:2e:
e5:15:65:1c:cc:7c:43:7b:72:1a:f6:83:d3:54:34:
87:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:24:57:D4:E5:20:25:DD:E0:5F:5F:4D:5B:DC:0B:AD:B5:42:38:01
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/aiRX1OUgJd3gX19NW9wLrbVCOAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.198.64.0/22
51.198.70.0/23
51.199.252.0/22
IPv6:
2a06:5901:8000::/38
2a06:5901:8500::/40
Signature Algorithm: sha256WithRSAEncryption
7e:ae:32:93:ba:f6:19:9d:a6:24:a8:cf:9b:01:88:61:9e:92:
bb:f4:51:c0:0b:ae:39:88:28:d7:97:e1:12:57:1b:5b:ab:0e:
43:21:2d:f4:02:45:bb:ae:e5:85:dc:6f:c4:bb:df:92:d7:a1:
b3:4f:48:56:20:dd:4e:74:d1:43:a7:3b:7d:94:1f:80:cb:6e:
c2:4f:97:b2:76:67:6a:03:bd:86:83:9a:54:66:36:ff:7a:97:
72:2b:42:b5:b5:7a:9e:00:4b:5d:70:21:dd:0e:80:ad:56:02:
b8:4a:75:f0:a5:f3:31:e0:44:69:6b:1e:62:00:ac:ca:b5:ff:
e1:db:2a:92:d3:c4:34:80:6a:cf:39:8f:cd:1e:e0:1c:41:0a:
82:07:d3:9b:d5:33:ce:35:a5:a6:f4:0b:f0:1f:f4:d8:00:a3:
d3:66:37:ef:6b:c5:3d:be:6b:f0:1f:63:34:0e:4f:7a:16:4c:
05:43:54:c4:4a:bf:aa:f2:ab:a5:1c:15:e4:39:49:ac:ed:54:
dc:17:c2:2a:75:f3:b5:eb:c9:78:3f:9a:bf:ab:a4:e5:7d:3d:
f3:b7:15:bc:97:bb:f6:d4:76:a3:bd:15:58:92:02:c3:37:14:
49:f8:5d:9d:bc:59:97:97:f1:b7:b7:1f:49:36:25:b4:b6:63:
3e:eb:83:9e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZIETj057yqYBwCoKSkche0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjQwOTE4MDg0NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTI0NTdkNGU1MjAyNWRkZTA1ZjVmNGQ1YmRjMGJhZGI1NDIzODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl8i1+KFyDZikHWfKgKWpW3uY+AF
o4HA9r4zdMpKbeREG4JDc3CU9gHcq3ts67ErqJx6gtGu5xlNWSm2kVeLKz8aBD+q
4K4SCD8/Rqk2GH9fZl3RMuCNDNB+PVeRsaACD4MLKkHhSDaU6JGmbLw1mqfn6osM
/va6Mo/QFC3MecJImTfSiYVB39KltN8LwiSkwvkM6ozPRur/2pWFMa0mLPXTtI/R
HGdfbvPlLgFqko1G4HytuS+ok5lT1+UGM3hO9mC1mwVL4bIkZUFD0YthraiNDD+w
e2zHH9fE87MgkvQxq77au9za7LxgnIbTxC7lFWUczHxDe3Ia9oPTVDSHSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGokV9TlICXd4F9fTVvcC621QjgBMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvYWlSWDFPVWdKZDNnWDE5Tlc5d0xyYlZDT0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCM8ZAAwQB
M8ZGAwQCM8f8MBYEAgACMBADBgIqBlkBgAMGACoGWQGFMA0GCSqGSIb3DQEBCwUA
A4IBAQB+rjKTuvYZnaYkqM+bAYhhnpK79FHAC645iCjXl+ESVxtbqw5DIS30AkW7
ruWF3G/Eu9+S16GzT0hWIN1OdNFDpzt9lB+Ay27CT5eydmdqA72Gg5pUZjb/epdy
K0K1tXqeAEtdcCHdDoCtVgK4SnXwpfMx4ERpax5iAKzKtf/h2yqS08Q0gGrPOY/N
HuAcQQqCB9Ob1TPONaWm9AvwH/TYAKPTZjfva8U9vmvwH2M0Dk96FkwFQ1TESr+q
8qulHBXkOUms7VTcF8IqdfO168l4P5q/q6TlfT3ztxW8l7v21HajvRVYkgLDNxRJ
+F2dvFmXl/G3tx9JNiW0tmM+64Oe
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:08:14 2025 by rpki-client