Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ApzRKiakKeNKXlaYMv1e5uNnLxE.roa
File: ApzRKiakKeNKXlaYMv1e5uNnLxE.roa (raw, json)
Hash identifier: vF0ksXMWE25kQDXMxda7Svf3XatL+oN6NkQIg4+b1ps=
Subject key identifier: 02:9C:D1:2A:26:A4:29:E3:4A:5E:56:98:32:FD:5E:E6:E3:67:2F:11
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0190918B3815411A21E45FBC5397A3256EDC
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ApzRKiakKeNKXlaYMv1e5uNnLxE.roa
Signing time: Mon 08 Jul 2024 08:52:18 +0000
ROA not before: Mon 08 Jul 2024 08:52:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214774
IP address blocks: 45.132.180.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 08:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:91:8b:38:15:41:1a:21:e4:5f:bc:53:97:a3:25:6e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jul 8 08:52:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=029cd12a26a429e34a5e569832fd5ee6e3672f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:13:04:f9:ca:00:0d:d0:8f:c2:dd:f1:8b:3a:
2f:49:b5:5d:b5:51:58:51:87:81:7e:ac:44:d3:5b:
44:a9:e1:10:64:70:fa:d3:54:91:4f:26:40:c3:19:
da:81:36:cd:bf:05:5e:99:94:da:ac:3c:05:43:fc:
5e:7f:04:4c:09:1f:43:3b:dd:38:0a:79:93:a6:4f:
b7:ea:e6:46:13:85:37:0a:66:c7:38:64:9c:63:12:
a6:49:8c:83:0c:bf:24:43:d2:17:c9:11:e7:0e:6f:
49:1d:6e:ee:0d:89:05:08:a2:f3:10:11:69:f3:9e:
c6:9a:75:f5:ff:01:88:59:50:1c:68:d9:a3:75:22:
0a:21:90:d5:e5:5f:6e:fb:e8:43:cf:3a:02:a5:ed:
5f:4e:d6:32:4d:ff:54:a1:1d:c8:6e:c2:8d:a4:fc:
56:e3:85:69:a0:60:4c:b1:18:15:d5:71:0a:ed:0c:
67:4b:dd:ca:85:09:e3:4c:ab:4a:cb:ef:a8:be:aa:
57:08:bf:33:d2:3c:17:21:af:cb:4c:a0:d8:14:90:
da:4b:90:10:86:0b:ab:85:e7:cc:9a:57:9a:bf:d1:
d8:0f:a6:af:2c:90:3a:de:ce:c2:b3:91:c2:09:15:
dd:6c:0b:ae:36:95:1e:b2:9c:c4:ac:2e:99:22:3d:
2a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9C:D1:2A:26:A4:29:E3:4A:5E:56:98:32:FD:5E:E6:E3:67:2F:11
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/ApzRKiakKeNKXlaYMv1e5uNnLxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.180.0/24
193.30.241.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:39:54:1c:81:1d:a8:92:4b:c9:0d:23:ec:9b:10:8c:e3:48:
da:b3:ee:f9:88:af:6b:ea:cd:b8:d3:be:be:ad:b6:25:96:b8:
95:84:3b:0a:5d:c5:84:98:9a:93:15:5e:5f:62:98:90:3a:aa:
a3:25:38:32:55:55:62:cb:e4:69:7e:9b:67:59:0b:42:49:dc:
36:ca:01:dc:f9:7a:22:c6:da:b4:15:56:e3:a0:b5:d9:c3:21:
56:4f:b0:9e:79:a9:07:ab:2c:a5:dc:86:c9:08:80:59:08:f4:
00:6e:7f:a0:7a:fb:52:56:56:d9:05:02:6f:58:e7:55:84:80:
05:a0:ec:9c:78:95:d5:65:39:7e:f2:75:1f:8e:cd:62:f3:46:
1c:3e:cd:09:34:99:39:15:e9:ad:5f:8f:0e:8f:80:0f:b5:d7:
d2:9b:6f:33:ba:70:50:d6:f8:3f:4e:79:7b:33:e2:d5:c5:61:
e3:98:1f:63:27:c8:80:4e:d7:26:12:e2:0a:7e:79:2d:f8:71:
08:ed:0b:04:92:50:36:c0:ee:3d:af:52:da:d4:2f:4c:5c:3b:
19:42:9c:aa:f0:30:a4:49:46:6e:4c:68:6f:74:48:35:e9:96:
80:ac:52:ef:6b:4c:9c:ab:4a:4f:9c:94:a5:7b:a9:ad:94:b8:
15:ef:a1:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCRizgVQRoh5F+8U5ejJW7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNzA4MDg1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjljZDEyYTI2YTQyOWUzNGE1ZTU2OTgzMmZkNWVlNmUzNjcyZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhME+coADdCPwt3xizovSbVdtVFY
UYeBfqxE01tEqeEQZHD601SRTyZAwxnagTbNvwVemZTarDwFQ/xefwRMCR9DO904
CnmTpk+36uZGE4U3CmbHOGScYxKmSYyDDL8kQ9IXyRHnDm9JHW7uDYkFCKLzEBFp
857GmnX1/wGIWVAcaNmjdSIKIZDV5V9u++hDzzoCpe1fTtYyTf9UoR3IbsKNpPxW
44VpoGBMsRgV1XEK7QxnS93KhQnjTKtKy++ovqpXCL8z0jwXIa/LTKDYFJDaS5AQ
hgurhefMmleav9HYD6avLJA63s7Cs5HCCRXdbAuuNpUespzErC6ZIj0quwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKc0SompCnjSl5WmDL9XubjZy8RMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQXB6UktpYWtLZU5LWGxhWU12MWU1dU5uTHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYS0AwQA
wR7xMA0GCSqGSIb3DQEBCwUAA4IBAQBvOVQcgR2okkvJDSPsmxCM40jas+75iK9r
6s24076+rbYllriVhDsKXcWEmJqTFV5fYpiQOqqjJTgyVVViy+RpfptnWQtCSdw2
ygHc+Xoixtq0FVbjoLXZwyFWT7CeeakHqyyl3IbJCIBZCPQAbn+gevtSVlbZBQJv
WOdVhIAFoOyceJXVZTl+8nUfjs1i80YcPs0JNJk5FemtX48Oj4APtdfSm28zunBQ
1vg/Tnl7M+LVxWHjmB9jJ8iATtcmEuIKfnkt+HEI7QsEklA2wO49r1La1C9MXDsZ
Qpyq8DCkSUZuTGhvdEg16ZaArFLva0ycq0pPnJSle6mtlLgV76EY
-----END CERTIFICATE-----
Generated at Wed Oct 2 10:29:21 2024 by rpki-client on console-fra.rpki-client.org