Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/AoW4TTUveHyCsgd-QYny5FSXG70.roa
File: AoW4TTUveHyCsgd-QYny5FSXG70.roa (raw, json)
Hash identifier: wAT34siCXIP+MJqmIjIUMS6YWEUCWiFIE9sV8HV1abc=
Subject key identifier: 02:85:B8:4D:35:2F:78:7C:82:B2:07:7E:41:89:F2:E4:54:97:1B:BD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191CD04B283463706CE9FAE52FDBDFE75C3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/AoW4TTUveHyCsgd-QYny5FSXG70.roa
Signing time: Sat 07 Sep 2024 15:05:22 +0000
ROA not before: Sat 07 Sep 2024 15:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2.56.0.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cd:04:b2:83:46:37:06:ce:9f:ae:52:fd:bd:fe:75:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 7 15:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0285b84d352f787c82b2077e4189f2e454971bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:97:e7:2d:82:c6:2c:ce:8f:c2:34:bf:ac:
99:9e:a6:f4:ea:be:c2:6e:cf:db:84:ee:b1:85:52:
21:2d:69:85:1c:92:10:bf:98:de:85:f5:d8:bd:55:
ed:52:9f:f6:a9:03:92:3d:e7:36:2e:bf:51:53:18:
39:1a:f0:5c:89:32:17:56:6a:60:49:1e:a8:4d:41:
6e:0d:3c:63:57:56:74:21:60:d0:e7:e2:56:9c:5f:
6d:12:4a:84:f0:2a:75:33:f0:d4:02:3d:9f:81:d4:
a3:61:e9:ee:e9:6f:48:4c:ab:16:ce:dc:1f:74:ae:
aa:7b:c3:49:6e:83:bd:f3:92:64:32:74:2b:1c:32:
f4:4e:cb:c6:d5:79:28:a5:5d:7f:3d:47:c9:1d:eb:
85:79:0b:fc:e6:12:9b:c2:7a:61:47:1a:28:9e:49:
da:c3:7c:29:82:1b:cf:81:e8:26:5a:ca:88:c3:d6:
28:22:c1:f7:b3:57:ae:23:1e:33:21:63:47:83:e6:
ea:ec:9f:8f:ee:3d:0b:07:d8:3a:a2:ed:33:5b:a7:
1f:77:b5:b9:c6:aa:69:ea:30:64:0c:6f:6b:c8:68:
b5:60:45:d4:75:6c:c1:24:f0:b5:d4:6d:48:c7:eb:
8d:4a:6b:e2:8d:52:a9:ec:ed:ac:fa:50:f1:4b:c2:
97:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:85:B8:4D:35:2F:78:7C:82:B2:07:7E:41:89:F2:E4:54:97:1B:BD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/AoW4TTUveHyCsgd-QYny5FSXG70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.125.0/24
91.242.127.0/24
185.40.105.0/24
194.180.238.0/24
Signature Algorithm: sha256WithRSAEncryption
20:be:5e:40:a6:1f:12:18:c4:e4:84:f7:f1:a7:ba:71:13:63:
1c:17:60:43:ba:30:0a:50:d4:d5:24:19:4a:1d:8c:1f:59:db:
15:4f:9a:00:d3:39:2d:ab:af:00:74:2d:b7:ec:31:cb:da:5d:
52:d6:67:06:a4:45:92:10:10:2b:a0:bb:48:45:fc:15:5c:d9:
dd:10:4d:b5:25:1e:53:82:57:47:d4:ab:55:64:af:f8:98:c1:
3e:c3:82:20:57:95:6b:ad:e3:58:70:a2:19:ef:78:d3:8a:20:
75:4c:43:46:3c:30:4c:f6:e9:69:a5:3a:b5:28:89:8d:21:ac:
94:b1:a3:3f:56:9e:51:bb:cb:99:4b:f7:95:bb:ee:7d:57:43:
5b:09:f8:18:15:d3:9a:9b:ee:75:6c:59:7b:f2:d8:8d:4e:3f:
45:e6:1a:c1:bc:43:93:0d:0e:7c:d9:1e:5a:1c:a3:bc:61:22:
ac:f9:d4:5e:18:13:6a:74:8c:ab:20:4a:5c:94:14:98:1d:54:
d2:71:a7:6a:a6:58:09:63:7a:c1:19:b8:f8:23:8f:a4:83:73:
f2:7f:95:de:9f:a0:b0:81:a9:e1:84:c2:d3:8f:0b:73:cf:09:
6d:1e:5b:f0:d8:4a:d4:5c:5d:d3:aa:33:b3:4d:f9:39:2d:fd:
3b:00:76:b0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZHNBLKDRjcGzp+uUv29/nXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTA3MTUwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg1Yjg0ZDM1MmY3ODdjODJiMjA3N2U0MTg5ZjJlNDU0OTcxYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1KX5y2CxizOj8I0v6yZnqb06r7C
bs/bhO6xhVIhLWmFHJIQv5jehfXYvVXtUp/2qQOSPec2Lr9RUxg5GvBciTIXVmpg
SR6oTUFuDTxjV1Z0IWDQ5+JWnF9tEkqE8Cp1M/DUAj2fgdSjYenu6W9ITKsWztwf
dK6qe8NJboO985JkMnQrHDL0TsvG1XkopV1/PUfJHeuFeQv85hKbwnphRxoonkna
w3wpghvPgegmWsqIw9YoIsH3s1euIx4zIWNHg+bq7J+P7j0LB9g6ou0zW6cfd7W5
xqpp6jBkDG9ryGi1YEXUdWzBJPC11G1Ix+uNSmvijVKp7O2s+lDxS8KXbwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAKFuE01L3h8grIHfkGJ8uRUlxu9MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQW9XNFRUVXZlSHlDc2dkLVFZbnk1RlNYRzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCAjgAAwQA
WSihMAwDBAFb8kYDBAFb8kgDBABb8ksDBABb8n0DBABb8n8DBAC5KGkDBADCtO4w
DQYJKoZIhvcNAQELBQADggEBACC+XkCmHxIYxOSE9/GnunETYxwXYEO6MApQ1NUk
GUodjB9Z2xVPmgDTOS2rrwB0LbfsMcvaXVLWZwakRZIQECugu0hF/BVc2d0QTbUl
HlOCV0fUq1Vkr/iYwT7DgiBXlWut41hwohnveNOKIHVMQ0Y8MEz26WmlOrUoiY0h
rJSxoz9WnlG7y5lL95W77n1XQ1sJ+BgV05qb7nVsWXvy2I1OP0XmGsG8Q5MNDnzZ
Hloco7xhIqz51F4YE2p0jKsgSlyUFJgdVNJxp2qmWAljesEZuPgjj6SDc/J/ld6f
oLCBqeGEwtOPC3PPCW0eW/DYStRcXdOqM7NN+Tkt/TsAdrA=
-----END CERTIFICATE-----
Generated at Wed Sep 11 18:35:55 2024 by rpki-client on console-ams.rpki-client.org