Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/AFa8YCWr1RVaGelMYdpt7faAS0k.roa
File: AFa8YCWr1RVaGelMYdpt7faAS0k.roa (raw, json)
Hash identifier: guLIWcvvSswK3Vl/POB+yh+TwsHC/6GcEqewINsSiUA=
Subject key identifier: 00:56:BC:60:25:AB:D5:15:5A:19:E9:4C:61:DA:6D:ED:F6:80:4B:49
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 01924D621E2A7413A6D25ACB6350FCE3DEB7
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/AFa8YCWr1RVaGelMYdpt7faAS0k.roa
Signing time: Wed 02 Oct 2024 13:18:48 +0000
ROA not before: Wed 02 Oct 2024 13:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 80.254.228.0/24 maxlen: 24
185.92.171.0/24 maxlen: 24
2a13:5241::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:62:1e:2a:74:13:a6:d2:5a:cb:63:50:fc:e3:de:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Oct 2 13:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0056bc6025abd5155a19e94c61da6dedf6804b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ab:73:44:da:f7:5d:9c:b3:ba:27:99:e3:cc:
0d:f2:69:1f:6c:0f:67:51:ba:1e:1d:8f:02:f2:52:
8c:cf:13:8c:1e:13:fd:38:9d:8b:21:18:58:9a:f9:
ca:a2:ba:59:e9:c3:7a:de:69:a0:41:58:55:66:66:
ed:01:93:f4:17:e0:f3:e9:e8:86:67:89:94:d3:6f:
f8:7e:5d:6c:c7:dd:59:c0:0d:59:fb:a4:96:54:8f:
7a:55:40:c9:aa:d6:4b:b8:d4:1d:4c:ce:6d:c4:f6:
7a:55:6b:07:01:e0:a2:fd:32:62:5f:53:c8:39:aa:
51:fe:8a:6c:01:5c:d1:e4:f2:b9:11:d6:7c:00:a3:
5f:e3:4a:2d:e9:57:ea:dc:0b:60:76:ae:0e:af:fe:
2b:fe:90:9d:25:f1:d0:b2:75:72:b5:a1:be:e9:ee:
09:fc:da:6f:f8:9a:84:f4:a0:b1:5c:2c:58:18:61:
bd:e1:88:25:3a:0c:4b:e6:31:19:95:4b:d1:79:7c:
e3:60:2c:09:cf:58:a8:25:bc:c7:d1:9e:7f:c3:00:
71:bd:d0:0a:bf:f5:3c:1c:c1:50:3c:7b:ee:b5:c8:
4b:ce:10:f0:80:95:1a:03:c2:4a:cd:8e:43:4e:fb:
f1:d3:c0:36:d3:ac:8d:d2:cd:27:66:d4:35:97:bf:
90:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:56:BC:60:25:AB:D5:15:5A:19:E9:4C:61:DA:6D:ED:F6:80:4B:49
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/AFa8YCWr1RVaGelMYdpt7faAS0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.228.0/24
185.92.171.0/24
IPv6:
2a13:5241::/32
Signature Algorithm: sha256WithRSAEncryption
77:c4:fd:77:45:39:80:ad:5d:13:62:fb:ca:56:d5:c7:30:d2:
0e:dd:12:68:4d:98:64:68:16:3e:41:f7:59:93:61:27:1a:1e:
b6:b0:08:0f:2d:f0:cc:85:61:69:f8:8f:2a:be:12:77:96:d1:
c4:33:26:da:d4:18:25:d7:17:39:20:36:a8:bd:e8:73:d1:54:
16:56:90:03:f6:81:a2:3b:a4:66:a3:39:12:16:6d:d4:df:2a:
1a:cd:91:13:75:8a:e8:5a:4c:c7:ed:5d:66:c8:0b:c3:1a:ea:
c6:7b:f2:b9:fa:89:d6:1c:68:74:7d:3b:56:92:89:69:9e:62:
04:10:be:b3:21:15:6a:67:84:73:1b:b5:f7:8f:9e:e4:db:90:
84:ad:e2:f9:68:1f:9e:01:ce:10:f3:fc:b4:6b:47:d6:8b:d5:
10:a6:91:c3:69:5d:00:83:b5:b6:9f:5d:c8:55:f5:db:c6:ff:
8a:96:67:08:53:cd:0e:10:8e:fb:06:94:88:3e:f8:9f:d0:c8:
c8:2e:d0:b6:f3:71:b0:af:4c:53:7e:55:6e:6a:ed:43:8a:40:
25:07:9b:cb:5e:e7:68:98:af:fb:40:8e:9e:f0:76:d4:eb:7e:
ce:e6:05:45:58:55:c6:89:4b:f0:5f:c2:a1:2f:47:0e:35:25:
ea:5b:be:c3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZJNYh4qdBOm0lrLY1D84963MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjQxMDAyMTMxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU2YmM2MDI1YWJkNTE1NWExOWU5NGM2MWRhNmRlZGY2ODA0YjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qtzRNr3XZyzuieZ48wN8mkfbA9n
UboeHY8C8lKMzxOMHhP9OJ2LIRhYmvnKorpZ6cN63mmgQVhVZmbtAZP0F+Dz6eiG
Z4mU02/4fl1sx91ZwA1Z+6SWVI96VUDJqtZLuNQdTM5txPZ6VWsHAeCi/TJiX1PI
OapR/opsAVzR5PK5EdZ8AKNf40ot6Vfq3Atgdq4Or/4r/pCdJfHQsnVytaG+6e4J
/Npv+JqE9KCxXCxYGGG94YglOgxL5jEZlUvReXzjYCwJz1ioJbzH0Z5/wwBxvdAK
v/U8HMFQPHvutchLzhDwgJUaA8JKzY5DTvvx08A206yN0s0nZtQ1l7+QtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFABWvGAlq9UVWhnpTGHabe32gEtJMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvQUZhOFlDV3IxUlZhR2VsTVlkcHQ3ZmFBUzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUP7kAwQA
uVyrMA0EAgACMAcDBQAqE1JBMA0GCSqGSIb3DQEBCwUAA4IBAQB3xP13RTmArV0T
YvvKVtXHMNIO3RJoTZhkaBY+QfdZk2EnGh62sAgPLfDMhWFp+I8qvhJ3ltHEMyba
1Bgl1xc5IDaovehz0VQWVpAD9oGiO6RmozkSFm3U3yoazZETdYroWkzH7V1myAvD
GurGe/K5+onWHGh0fTtWkolpnmIEEL6zIRVqZ4RzG7X3j57k25CEreL5aB+eAc4Q
8/y0a0fWi9UQppHDaV0Ag7W2n13IVfXbxv+KlmcIU80OEI77BpSIPvif0MjILtC2
83Gwr0xTflVuau1DikAlB5vLXudomK/7QI6e8HbU637O5gVFWFXGiUvwX8KhL0cO
NSXqW77D
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:45 2025 by rpki-client