Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/alcfXOsQo5HqeM4nNweim9JEHQU.roa
File: alcfXOsQo5HqeM4nNweim9JEHQU.roa (raw, json)
Hash identifier: P5CALig4hSDrjhUJzXK5iEoBHlsdwlpMqxUtXUmmBr4=
Subject key identifier: 6A:57:1F:5C:EB:10:A3:91:EA:78:CE:27:37:07:A2:9B:D2:44:1D:05
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC794A2DD2A0798175ADC8D341393ABA6
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/alcfXOsQo5HqeM4nNweim9JEHQU.roa
Signing time: Tue 02 Jan 2024 00:30:56 +0000
ROA not before: Tue 02 Jan 2024 00:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205370
IP address blocks: 84.38.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a2:dd:2a:07:98:17:5a:dc:8d:34:13:93:ab:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a571f5ceb10a391ea78ce273707a29bd2441d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a7:15:23:fd:55:6b:31:6e:18:16:1b:a8:ec:
f1:33:76:ed:d8:09:9e:f7:e3:aa:cc:07:9f:1b:e2:
29:25:e6:a9:3e:67:8e:b9:72:f7:bb:ec:b8:51:d1:
19:9f:3b:bf:eb:fe:06:45:8a:13:f1:14:95:b3:a3:
8e:a6:e3:81:6d:c2:7c:b6:f0:12:42:7f:c1:c1:c1:
8c:3d:ea:f4:49:74:5c:ef:cf:e7:cc:64:c4:c3:65:
c5:b8:79:25:8c:2d:71:10:42:27:ca:2a:5e:0d:6b:
8e:84:7b:a3:10:6d:ad:f5:43:06:e7:4e:22:89:5c:
fe:78:71:f7:f6:42:9f:9b:bb:c8:6d:af:ee:8a:bf:
a3:3d:65:69:99:55:f7:58:26:42:c5:3d:43:ec:6e:
1f:34:c9:1f:51:cd:66:80:67:6f:39:fb:3c:b2:6b:
93:3d:d2:60:1e:7d:66:d0:a7:93:6c:4e:89:cd:25:
e7:59:66:53:8b:98:85:1e:5e:20:96:cd:47:b3:70:
0d:e2:4f:6f:c4:af:de:76:43:ee:de:cc:f9:2f:b3:
1b:3e:4a:c6:e7:c6:b6:65:3d:bb:0c:9a:7e:e9:87:
56:8b:c8:e7:16:be:9a:8e:6c:3f:5a:b9:d0:11:66:
de:ca:df:7b:1a:b4:1b:c4:81:b6:b1:2e:a7:96:7a:
af:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:57:1F:5C:EB:10:A3:91:EA:78:CE:27:37:07:A2:9B:D2:44:1D:05
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/alcfXOsQo5HqeM4nNweim9JEHQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.141.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e2:7e:0a:3d:54:33:be:cf:17:fe:23:ae:c6:50:ee:ec:1b:
6a:23:9b:35:81:92:41:56:5d:b8:f7:8e:cf:1d:ee:2a:3e:1d:
f2:50:c3:53:d7:c0:79:dc:e6:ba:e1:51:e9:8a:ee:06:ff:de:
19:30:c9:8c:f2:ed:ab:74:49:0d:65:21:9a:c6:79:48:5c:92:
35:70:3c:80:a3:a8:a5:0c:d5:b0:d1:b5:03:96:b3:93:28:c4:
13:99:57:6b:c9:aa:a0:91:df:cd:75:08:ea:91:59:d4:f1:b2:
79:cb:b5:f3:2a:87:88:84:f5:33:89:18:08:0d:53:26:f9:fc:
6a:c6:37:0c:54:8d:c3:c7:ed:94:dc:8a:11:46:c7:ce:95:cf:
02:ba:40:64:8a:96:88:fe:2c:0c:b0:85:06:da:74:cd:b9:a3:
28:69:59:d7:08:c3:c6:14:ef:7a:b0:be:11:52:da:4e:c9:90:
10:85:b0:d6:a8:b4:2a:35:cd:d3:e7:bc:66:a3:8b:7b:aa:67:
04:ba:92:c5:95:d8:8f:71:24:03:c0:47:03:94:b8:37:80:5d:
0f:9c:5b:51:a1:8a:01:f5:0f:82:c4:29:63:82:23:39:2a:e5:
0e:c8:d4:a9:3d:23:d7:c3:fd:c6:7a:8e:0d:c2:9b:f2:93:3d:
a3:3b:6a:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlKLdKgeYF1rcjTQTk6umMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTU3MWY1Y2ViMTBhMzkxZWE3OGNlMjczNzA3YTI5YmQyNDQxZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqcVI/1VazFuGBYbqOzxM3bt2Ame
9+OqzAefG+IpJeapPmeOuXL3u+y4UdEZnzu/6/4GRYoT8RSVs6OOpuOBbcJ8tvAS
Qn/BwcGMPer0SXRc78/nzGTEw2XFuHkljC1xEEInyipeDWuOhHujEG2t9UMG504i
iVz+eHH39kKfm7vIba/uir+jPWVpmVX3WCZCxT1D7G4fNMkfUc1mgGdvOfs8smuT
PdJgHn1m0KeTbE6JzSXnWWZTi5iFHl4gls1Hs3AN4k9vxK/edkPu3sz5L7MbPkrG
58a2ZT27DJp+6YdWi8jnFr6ajmw/WrnQEWbeyt97GrQbxIG2sS6nlnqv9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpXH1zrEKOR6njOJzcHopvSRB0FMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvYWxjZlhPc1FvNUhxZU00bk53ZWltOUpFSFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCaNMA0G
CSqGSIb3DQEBCwUAA4IBAQCb4n4KPVQzvs8X/iOuxlDu7BtqI5s1gZJBVl24947P
He4qPh3yUMNT18B53Oa64VHpiu4G/94ZMMmM8u2rdEkNZSGaxnlIXJI1cDyAo6il
DNWw0bUDlrOTKMQTmVdryaqgkd/NdQjqkVnU8bJ5y7XzKoeIhPUziRgIDVMm+fxq
xjcMVI3Dx+2U3IoRRsfOlc8CukBkipaI/iwMsIUG2nTNuaMoaVnXCMPGFO96sL4R
UtpOyZAQhbDWqLQqNc3T57xmo4t7qmcEupLFldiPcSQDwEcDlLg3gF0PnFtRoYoB
9Q+CxCljgiM5KuUOyNSpPSPXw/3Geo4Nwpvykz2jO2oP
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:30:15 2025 by rpki-client