Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/aGIcfhrERTykTiIrvbEeEjqhZD0.roa
File: aGIcfhrERTykTiIrvbEeEjqhZD0.roa (raw, json)
Hash identifier: XrPMQXZjXWNFxzC9IJKCvSVVdDXccwI10zLaplz7KgQ=
Subject key identifier: 68:62:1C:7E:1A:C4:45:3C:A4:4E:22:2B:BD:B1:1E:12:3A:A1:64:3D
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 018CF7231565BDDE8C76C9B84B15C2C509FD
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/aGIcfhrERTykTiIrvbEeEjqhZD0.roa
Signing time: Thu 11 Jan 2024 06:08:40 +0000
ROA not before: Thu 11 Jan 2024 06:08:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:8::/45 maxlen: 45
Validation: Failed, certificate revoked on Thu 25 Jan 2024 03:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:23:15:65:bd:de:8c:76:c9:b8:4b:15:c2:c5:09:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Jan 11 06:08:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68621c7e1ac4453ca44e222bbdb11e123aa1643d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:03:ec:96:37:65:df:f4:8b:27:43:43:40:96:
e7:c8:7b:31:bd:80:8b:53:f6:a3:01:e4:2c:99:3e:
86:34:b9:1d:b3:39:ab:83:44:d5:48:9d:24:88:17:
5f:3f:8c:3f:41:69:1b:ab:97:f7:07:05:a2:f8:0e:
ce:d9:75:c6:b1:7d:d9:0f:d2:5e:70:9e:e7:13:23:
0e:83:54:49:e7:0c:e8:52:62:85:79:f3:d3:e1:f5:
9c:1d:b1:c6:34:d4:1c:10:f4:73:66:fc:9a:e9:d8:
d2:95:2b:15:e4:19:9a:a8:fb:9e:84:58:37:b9:3a:
07:d0:4b:9b:50:9a:2a:0b:c2:af:2c:13:04:17:1e:
d4:20:a6:99:e3:9f:0a:27:4a:a7:1f:73:6c:62:83:
7f:df:8f:12:47:8d:00:c4:f5:36:95:d0:f9:10:7a:
86:37:3f:ec:f4:7a:ca:04:e9:8a:ca:89:03:04:a9:
44:07:eb:23:9a:1c:20:60:21:61:5a:f7:0c:09:c2:
86:e0:2b:52:13:37:1e:41:7a:68:2d:39:77:67:d5:
4b:e8:90:77:3c:d5:3f:a0:6a:15:a0:77:6b:d7:80:
03:13:ff:15:c2:20:ae:84:51:d6:c6:df:59:8c:9f:
3e:6b:0e:bf:15:23:33:44:88:eb:88:ed:63:57:2f:
77:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:62:1C:7E:1A:C4:45:3C:A4:4E:22:2B:BD:B1:1E:12:3A:A1:64:3D
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/aGIcfhrERTykTiIrvbEeEjqhZD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:17:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:08:3a:d1:44:df:cf:2e:e9:96:6c:05:c1:a7:f2:e7:29:e6:
fc:0e:76:6f:d8:ee:7f:5c:ea:cd:e2:ef:06:9a:38:ea:9e:17:
43:d8:cc:6f:52:05:da:c7:47:f0:e2:79:6a:06:40:e8:ab:2e:
14:2b:ad:ff:09:b0:41:50:bd:00:a1:06:d2:8f:aa:bc:32:42:
6a:76:39:f7:e9:38:fa:b8:0e:1d:c3:da:dc:b6:72:62:53:01:
56:60:c4:dc:31:24:25:36:3c:53:c2:0b:4f:c8:85:0e:05:7c:
bb:23:d0:48:50:c7:e4:19:54:f1:bb:9d:82:88:e3:37:3c:43:
9b:60:a9:0d:62:b6:e2:33:d2:0b:be:78:5c:a3:60:49:ae:42:
05:46:2c:8f:c6:9f:51:d7:6a:3d:8d:e4:ec:6d:fa:ab:80:19:
fe:86:4a:40:83:5f:4e:dc:09:ff:31:88:39:0e:7d:39:c0:e0:
1d:30:5c:80:e4:6a:87:6a:20:53:7e:57:f9:66:d9:48:6f:5d:
1b:be:88:96:de:cb:65:4e:5c:ab:fb:23:39:fd:d5:50:4b:6a:
b3:18:49:11:f4:be:71:5d:4c:5d:07:34:d4:ea:9d:36:72:4a:
78:12:18:ac:d3:78:4a:f4:1c:dd:19:94:7d:e6:84:3a:59:08:
47:2c:fc:55
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYz3IxVlvd6Mdsm4SxXCxQn9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwMTExMDYwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODYyMWM3ZTFhYzQ0NTNjYTQ0ZTIyMmJiZGIxMWUxMjNhYTE2NDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQPsljdl3/SLJ0NDQJbnyHsxvYCL
U/ajAeQsmT6GNLkdszmrg0TVSJ0kiBdfP4w/QWkbq5f3BwWi+A7O2XXGsX3ZD9Je
cJ7nEyMOg1RJ5wzoUmKFefPT4fWcHbHGNNQcEPRzZvya6djSlSsV5BmaqPuehFg3
uToH0EubUJoqC8KvLBMEFx7UIKaZ458KJ0qnH3NsYoN/348SR40AxPU2ldD5EHqG
Nz/s9HrKBOmKyokDBKlEB+sjmhwgYCFhWvcMCcKG4CtSEzceQXpoLTl3Z9VL6JB3
PNU/oGoVoHdr14ADE/8VwiCuhFHWxt9ZjJ8+aw6/FSMzRIjriO1jVy933wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGhiHH4axEU8pE4iK72xHhI6oWQ9MB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvYUdJY2ZockVSVHlrVGlJcnZiRWVFanFoWkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQAueEaAwQA
wL2dMBoEAgACMBQwEgMHAyoUP4AACAMHAyoUP4AAEDANBgkqhkiG9w0BAQsFAAOC
AQEAQAg60UTfzy7plmwFwafy5ynm/A52b9juf1zqzeLvBpo46p4XQ9jMb1IF2sdH
8OJ5agZA6KsuFCut/wmwQVC9AKEG0o+qvDJCanY59+k4+rgOHcPa3LZyYlMBVmDE
3DEkJTY8U8ILT8iFDgV8uyPQSFDH5BlU8budgojjNzxDm2CpDWK24jPSC754XKNg
Sa5CBUYsj8afUddqPY3k7G36q4AZ/oZKQINfTtwJ/zGIOQ59OcDgHTBcgORqh2og
U35X+WbZSG9dG76Ilt7LZU5cq/sjOf3VUEtqsxhJEfS+cV1MXQc01OqdNnJKeBIY
rNN4SvQc3RmUfeaEOlkIRyz8VQ==
-----END CERTIFICATE-----
Generated at Thu Jan 25 05:10:53 2024 by rpki-client on console-ams.rpki-client.org