Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/793e7c-7139-4da6-b802-d4bc772a92bd/1/AiuJFdU139095247ceXn-qM_CWs.roa
File: AiuJFdU139095247ceXn-qM_CWs.roa (raw, json)
Hash identifier: 6eqrR6Vd8z0QZNBGpFi9HgzUo3rVbDF+l0txeIMmIHU=
Subject key identifier: 02:2B:89:15:D5:35:DF:DD:3D:E7:6E:3B:71:E5:E7:FA:A3:3F:09:6B
Certificate issuer: /CN=02f56262c9e8c7d1344df2b0f8c25da13abd6222
Certificate serial: 018CC3B698B86B69105670E96AD7FC175EC1
Authority key identifier: 02:F5:62:62:C9:E8:C7:D1:34:4D:F2:B0:F8:C2:5D:A1:3A:BD:62:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvViYsnox9E0TfKw-MJdoTq9YiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/793e7c-7139-4da6-b802-d4bc772a92bd/1/AiuJFdU139095247ceXn-qM_CWs.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207620
IP address blocks: 84.38.241.0/24 maxlen: 24
91.224.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:98:b8:6b:69:10:56:70:e9:6a:d7:fc:17:5e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02f56262c9e8c7d1344df2b0f8c25da13abd6222
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=022b8915d535dfdd3de76e3b71e5e7faa33f096b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3c:86:a6:b6:19:55:ec:1e:a2:86:e8:fb:9a:
9d:e8:16:b5:7e:09:0d:8b:56:ac:17:41:b5:e0:76:
27:7c:68:bb:96:1f:fb:ef:f4:f8:42:52:21:11:4f:
ae:f3:e1:b5:15:83:8a:88:7b:65:b6:19:7e:fc:e8:
24:72:84:08:9c:a5:3a:b8:e5:a8:1e:44:81:24:92:
0a:db:48:26:a6:11:50:d3:44:16:1e:db:18:06:37:
d3:73:ab:a4:dd:cd:b0:4e:2a:8d:b3:83:9e:bd:5f:
a8:0e:d5:a5:66:1d:2c:ad:0d:5a:72:5b:78:d4:8c:
b3:d4:6d:a2:7e:1f:5c:ef:9b:d2:6c:42:ad:80:cb:
da:f5:82:48:45:ad:27:54:46:9f:8f:1e:d1:ed:2a:
48:eb:e7:d5:91:0e:89:6c:0a:72:43:68:5f:85:41:
da:7c:af:85:c2:a7:06:af:17:98:ab:7a:09:78:b0:
0d:42:c9:83:bc:ce:1f:c1:ca:ac:ec:9a:c7:41:63:
31:a8:3e:6c:49:0f:16:c4:81:26:32:7d:04:f3:71:
bd:dc:f0:39:60:66:fb:35:76:e4:26:d5:05:34:e4:
ba:57:de:2f:a1:60:d5:0e:db:19:e0:37:d1:5b:ea:
32:dd:2e:2c:86:42:3b:a9:04:05:9d:6a:75:23:af:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:2B:89:15:D5:35:DF:DD:3D:E7:6E:3B:71:E5:E7:FA:A3:3F:09:6B
X509v3 Authority Key Identifier:
keyid:02:F5:62:62:C9:E8:C7:D1:34:4D:F2:B0:F8:C2:5D:A1:3A:BD:62:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvViYsnox9E0TfKw-MJdoTq9YiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/793e7c-7139-4da6-b802-d4bc772a92bd/1/AiuJFdU139095247ceXn-qM_CWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/793e7c-7139-4da6-b802-d4bc772a92bd/1/AvViYsnox9E0TfKw-MJdoTq9YiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.241.0/24
91.224.170.0/24
Signature Algorithm: sha256WithRSAEncryption
84:a5:b0:64:14:92:c1:fb:dd:0f:de:df:22:3a:d8:6f:1e:e6:
e7:9b:e4:c6:bd:45:a2:1c:81:50:b2:12:96:16:70:18:8e:3b:
1b:2a:1a:be:ce:73:dd:6a:ee:a6:3f:c4:44:62:8b:30:d8:3c:
c8:84:4d:a9:0c:71:06:fd:9e:f1:d4:a9:5a:86:cd:a9:4e:51:
2f:fb:3b:a8:8f:e1:6f:44:0d:94:44:2b:17:b3:83:7a:2e:2b:
c3:02:90:70:31:ff:00:ba:f9:8d:0e:92:4d:45:34:49:22:7e:
02:34:f8:21:44:a4:15:6d:d5:cf:84:c4:ea:a1:5b:f4:75:3e:
d1:2e:64:46:2d:f0:ff:26:82:db:7a:ff:00:b4:91:0f:78:04:
31:dc:19:e7:55:24:a0:66:b7:f3:4b:5e:c9:45:20:6a:9d:cb:
c8:6f:2c:80:49:b1:37:df:3e:f2:e5:fc:49:56:84:da:44:2b:
bb:0c:8d:26:81:60:3e:91:46:2e:75:cb:c3:6e:8f:39:63:ef:
38:b4:b2:88:13:19:f3:ff:b3:cd:0e:f8:1a:7f:2f:db:ad:6e:
81:a0:79:83:77:df:cc:df:a0:58:03:e4:46:cc:8a:e2:c7:2b:
d8:a8:ca:77:6d:3b:84:67:30:7d:67:7a:79:38:2f:e6:bc:02:
f8:89:69:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtpi4a2kQVnDpatf8F17BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZjU2MjYyYzllOGM3ZDEzNDRkZjJiMGY4YzI1ZGExM2Fi
ZDYyMjIwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjJiODkxNWQ1MzVkZmRkM2RlNzZlM2I3MWU1ZTdmYWEzM2YwOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjyGprYZVeweoobo+5qd6Ba1fgkN
i1asF0G14HYnfGi7lh/77/T4QlIhEU+u8+G1FYOKiHtlthl+/OgkcoQInKU6uOWo
HkSBJJIK20gmphFQ00QWHtsYBjfTc6uk3c2wTiqNs4OevV+oDtWlZh0srQ1aclt4
1Iyz1G2ifh9c75vSbEKtgMva9YJIRa0nVEafjx7R7SpI6+fVkQ6JbApyQ2hfhUHa
fK+FwqcGrxeYq3oJeLANQsmDvM4fwcqs7JrHQWMxqD5sSQ8WxIEmMn0E83G93PA5
YGb7NXbkJtUFNOS6V94voWDVDtsZ4DfRW+oy3S4shkI7qQQFnWp1I682vwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAIriRXVNd/dPeduO3Hl5/qjPwlrMB8GA1UdIwQY
MBaAFAL1YmLJ6MfRNE3ysPjCXaE6vWIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZWaVlzbm94OUUwVGZLdy1NSmRvVHE5WWlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83OTNlN2MtNzEzOS00ZGE2LWI4MDIt
ZDRiYzc3MmE5MmJkLzEvQWl1SkZkVTEzOTA5NTI0N2NlWG4tcU1fQ1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83OTNlN2MtNzEzOS00ZGE2LWI4MDItZDRiYzc3MmE5MmJk
LzEvQXZWaVlzbm94OUUwVGZLdy1NSmRvVHE5WWlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCbxAwQA
W+CqMA0GCSqGSIb3DQEBCwUAA4IBAQCEpbBkFJLB+90P3t8iOthvHubnm+TGvUWi
HIFQshKWFnAYjjsbKhq+znPdau6mP8REYosw2DzIhE2pDHEG/Z7x1Klahs2pTlEv
+zuoj+FvRA2URCsXs4N6LivDApBwMf8AuvmNDpJNRTRJIn4CNPghRKQVbdXPhMTq
oVv0dT7RLmRGLfD/JoLbev8AtJEPeAQx3BnnVSSgZrfzS17JRSBqncvIbyyASbE3
3z7y5fxJVoTaRCu7DI0mgWA+kUYudcvDbo85Y+84tLKIExnz/7PNDvgafy/brW6B
oHmDd9/M36BYA+RGzIrixyvYqMp3bTuEZzB9Z3p5OC/mvAL4iWl8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:13 2025 by rpki-client