Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/1-AwaulVyn8t5WV2_NEaoPNyWSjA.roa
File: 1-AwaulVyn8t5WV2_NEaoPNyWSjA.roa (raw, json)
Hash identifier: 3ihwnFszJVQ7bJG8jzcsEQabjMeD/O7iC6/lrj3lzWk=
Subject key identifier: F8:0C:1A:BA:55:72:9F:CB:79:59:5D:BF:34:46:A8:3C:DC:96:4A:30
Certificate issuer: /CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Certificate serial: 018CC492E2AB9EAC82D435A5E315EABB9F71
Authority key identifier: C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/1-AwaulVyn8t5WV2_NEaoPNyWSjA.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198454
IP address blocks: 128.0.52.0/24 maxlen: 24
5.154.187.0/24 maxlen: 24
185.33.132.0/22 maxlen: 24
31.211.184.0/21 maxlen: 24
188.208.100.0/24 maxlen: 24
94.24.38.0/23 maxlen: 24
2a00:fdc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e2:ab:9e:ac:82:d4:35:a5:e3:15:ea:bb:9f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0142e5d5cfaa452166bc7b55a65558f524d6751
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f80c1aba55729fcb79595dbf3446a83cdc964a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:47:9c:04:42:3a:c2:80:99:6b:95:d7:17:
a2:bd:31:13:33:d6:58:99:7e:40:a5:ce:ba:5d:2f:
a8:aa:77:f2:ee:af:7d:1d:d4:74:17:20:6e:00:98:
40:91:a4:ec:89:a0:3b:eb:e8:9f:85:2c:86:19:6f:
e6:83:12:c7:bc:cb:04:4e:82:d5:8a:e1:52:5e:e8:
4e:b0:ee:a2:c7:21:19:8e:31:fe:8e:d8:44:b7:b0:
35:16:8a:48:6e:4b:de:74:b8:1d:fd:bc:32:ae:19:
5b:c2:4a:70:a8:b8:f4:a6:50:7e:d1:df:1b:3f:c4:
09:57:3f:2a:7c:b4:f8:ca:f0:ea:11:8a:2e:38:ef:
76:b6:18:5e:a8:90:c7:7c:1e:be:89:a8:a3:f2:ef:
ce:f8:f3:02:25:5b:5a:7a:d2:73:7c:fd:4c:2b:36:
b6:e8:50:76:4b:b4:92:0b:29:92:2d:73:b6:fc:33:
b0:a0:bd:3a:b2:c1:da:3a:0b:21:bc:1a:3b:69:25:
65:b9:d3:53:2d:f6:cc:f3:a2:e0:e1:85:f8:16:06:
13:96:75:94:83:0c:00:b8:b0:bb:e1:da:36:eb:1e:
64:7b:5b:0b:69:e5:ac:b8:67:67:0e:26:af:ff:da:
eb:cf:bd:d1:22:c8:3e:da:0b:58:b6:5b:e1:2c:a2:
ea:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0C:1A:BA:55:72:9F:CB:79:59:5D:BF:34:46:A8:3C:DC:96:4A:30
X509v3 Authority Key Identifier:
keyid:C0:14:2E:5D:5C:FA:A4:52:16:6B:C7:B5:5A:65:55:8F:52:4D:67:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/1-AwaulVyn8t5WV2_NEaoPNyWSjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b7f1da-467a-4362-8b2e-1970de84a1f0/1/wBQuXVz6pFIWa8e1WmVVj1JNZ1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.187.0/24
31.211.184.0/21
94.24.38.0/23
128.0.52.0/24
185.33.132.0/22
188.208.100.0/24
IPv6:
2a00:fdc0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:18:58:51:a4:4c:3c:5b:23:39:5e:54:a5:23:59:87:21:33:
f8:df:40:68:a1:3d:83:57:c7:8d:8a:03:c1:45:f0:84:c7:96:
1b:b0:33:91:f7:a4:f7:d6:59:a7:0c:b0:79:d1:9e:e0:18:9d:
34:8d:44:bb:05:aa:32:48:0e:40:fa:d2:00:f5:4e:e4:d9:01:
55:b8:84:39:46:8d:c1:f7:5b:09:67:50:88:0d:48:26:58:64:
c1:db:82:fb:89:54:6a:3a:79:84:f7:b2:b2:58:3f:5c:a3:e2:
1d:53:bb:d5:5f:53:f5:b2:a8:9d:47:11:34:aa:11:ec:38:7f:
a4:64:a1:f2:6d:da:aa:a7:e8:2b:9f:ec:83:74:60:80:db:59:
a5:4a:cd:7f:8a:3d:4e:60:be:9d:b7:b5:ab:41:20:be:a7:6b:
b4:d3:1e:3a:73:8d:d2:66:3f:32:9b:3a:18:e3:9b:ff:ac:19:
f2:36:d5:3c:f5:7b:24:bd:1d:c1:17:b2:43:33:17:18:ca:6f:
31:a9:ec:45:d3:77:61:bd:60:81:bd:56:b0:4a:ec:27:da:4e:
72:2b:a6:03:59:fc:1d:ac:f6:8b:67:c0:7c:8f:ee:a4:90:a5:
68:5a:6b:36:d1:72:8d:a6:16:97:1f:4d:35:63:9a:f7:40:f1:
df:09:2d:ca
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzEkuKrnqyC1DWl4xXqu59xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTQyZTVkNWNmYWE0NTIxNjZiYzdiNTVhNjU1NThmNTI0
ZDY3NTEwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBjMWFiYTU1NzI5ZmNiNzk1OTVkYmYzNDQ2YTgzY2RjOTY0YTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpVHnARCOsKAmWuV1xeivTETM9ZY
mX5Apc66XS+oqnfy7q99HdR0FyBuAJhAkaTsiaA76+ifhSyGGW/mgxLHvMsEToLV
iuFSXuhOsO6ixyEZjjH+jthEt7A1FopIbkvedLgd/bwyrhlbwkpwqLj0plB+0d8b
P8QJVz8qfLT4yvDqEYouOO92thheqJDHfB6+iaij8u/O+PMCJVtaetJzfP1MKza2
6FB2S7SSCymSLXO2/DOwoL06ssHaOgshvBo7aSVludNTLfbM86Lg4YX4FgYTlnWU
gwwAuLC74do26x5ke1sLaeWsuGdnDiav/9rrz73RIsg+2gtYtlvhLKLqowIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPgMGrpVcp/LeVldvzRGqDzclkowMB8GA1UdIwQY
MBaAFMAULl1c+qRSFmvHtVplVY9STWdRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0JRdVhWejZwRklXYThlMVdtVlZqMUpOWjFFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iN2YxZGEtNDY3YS00MzYyLThiMmUt
MTk3MGRlODRhMWYwLzEvMS1Bd2F1bFZ5bjh0NVdWMl9ORWFvUE55V1NqQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvYjdmMWRhLTQ2N2EtNDM2Mi04YjJlLTE5NzBkZTg0YTFm
MC8xL3dCUXVYVno2cEZJV2E4ZTFXbVZWajFKTloxRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBMBggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAAWauwME
Ax/TuAMEAV4YJgMEAIAANAMEArkhhAMEALzQZDANBAIAAjAHAwUAKgD9wDANBgkq
hkiG9w0BAQsFAAOCAQEAtBhYUaRMPFsjOV5UpSNZhyEz+N9AaKE9g1fHjYoDwUXw
hMeWG7Azkfek99ZZpwywedGe4BidNI1EuwWqMkgOQPrSAPVO5NkBVbiEOUaNwfdb
CWdQiA1IJlhkwduC+4lUajp5hPeyslg/XKPiHVO71V9T9bKonUcRNKoR7Dh/pGSh
8m3aqqfoK5/sg3RggNtZpUrNf4o9TmC+nbe1q0EgvqdrtNMeOnON0mY/Mps6GOOb
/6wZ8jbVPPV7JL0dwReyQzMXGMpvMansRdN3Yb1ggb1WsErsJ9pOciumA1n8Haz2
i2fAfI/upJClaFprNtFyjaYWlx9NNWOa90Dx3wktyg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:11 2025 by rpki-client