Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/AFfielscYJnwmV3STVn04Y17JHA.roa
File: AFfielscYJnwmV3STVn04Y17JHA.roa (raw, json)
Hash identifier: RGW5/2p2p2zaWuevOugZOJvELLQPXzDIZuYXJOe0LuM=
Subject key identifier: 00:57:E2:7A:5B:1C:60:99:F0:99:5D:D2:4D:59:F4:E1:8D:7B:24:70
Certificate issuer: /CN=276abb1ad567e5bb1e475a72a0a68453e3fba1cd
Certificate serial: 018CC492EA470EFD8E70B3D4E67EDD393194
Authority key identifier: 27:6A:BB:1A:D5:67:E5:BB:1E:47:5A:72:A0:A6:84:53:E3:FB:A1:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J2q7GtVn5bseR1pyoKaEU-P7oc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/AFfielscYJnwmV3STVn04Y17JHA.roa
Signing time: Mon 01 Jan 2024 10:30:11 +0000
ROA not before: Mon 01 Jan 2024 10:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212033
IP address blocks: 193.3.45.0/24 maxlen: 24
2a10:5dc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 19 Mar 2024 12:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:ea:47:0e:fd:8e:70:b3:d4:e6:7e:dd:39:31:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=276abb1ad567e5bb1e475a72a0a68453e3fba1cd
Validity
Not Before: Jan 1 10:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0057e27a5b1c6099f0995dd24d59f4e18d7b2470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:60:f8:5f:80:44:c9:d8:ab:a6:a2:cb:13:3f:
6d:08:33:53:9c:dc:51:e9:de:05:35:27:38:e8:26:
00:0f:70:45:ec:05:b9:6f:6b:b5:d0:b1:ef:58:31:
0c:2c:3a:30:8f:cc:a7:05:a0:ce:ac:04:e6:99:e0:
ec:64:0e:8e:45:52:af:83:e0:19:65:0d:fa:23:e4:
38:eb:77:c5:54:10:4e:50:bc:50:af:05:02:af:13:
94:b0:3c:84:67:0e:38:5a:0b:10:08:be:b6:f9:8a:
ef:ec:3f:8e:49:9e:e1:f4:f2:3a:f2:10:c6:c1:75:
52:e5:1a:5d:87:84:74:bb:cb:6e:40:02:aa:b8:c1:
f3:ab:00:c6:e6:cb:ea:a5:91:70:cc:6e:e7:83:ce:
e9:da:53:2f:a5:17:ca:4f:6b:93:2c:c4:60:8b:07:
10:58:28:81:55:d9:39:b4:f4:ed:22:cf:3d:04:45:
42:7e:a5:08:d2:11:f6:7d:b5:1c:29:35:27:dc:85:
39:86:4d:55:6e:7e:6d:46:60:d5:71:32:76:57:32:
50:8c:07:20:2d:d3:61:e7:fd:9d:3b:32:88:02:55:
e6:33:71:ed:77:71:05:b0:e6:be:d4:84:a2:8d:fa:
fb:76:36:6f:26:ac:83:eb:2c:ea:f7:81:cb:4c:77:
de:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:57:E2:7A:5B:1C:60:99:F0:99:5D:D2:4D:59:F4:E1:8D:7B:24:70
X509v3 Authority Key Identifier:
keyid:27:6A:BB:1A:D5:67:E5:BB:1E:47:5A:72:A0:A6:84:53:E3:FB:A1:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J2q7GtVn5bseR1pyoKaEU-P7oc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/AFfielscYJnwmV3STVn04Y17JHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/42694f-89a6-43c8-8346-bb0eed13f23b/1/J2q7GtVn5bseR1pyoKaEU-P7oc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.45.0/24
IPv6:
2a10:5dc0::/32
Signature Algorithm: sha256WithRSAEncryption
09:ef:e3:1e:ac:3c:86:9c:bd:c6:a5:cd:f5:7b:20:0d:38:33:
b5:2a:cb:9e:00:7f:17:37:c0:56:d5:56:8f:c5:24:fd:81:9f:
5e:16:5a:2d:ff:4c:a0:07:de:2f:76:0c:d6:e4:24:68:38:69:
ce:69:a4:4b:c7:d0:b4:9e:54:ff:07:ba:51:32:84:86:f9:97:
31:f4:db:20:2a:28:7d:39:ea:15:a1:8b:25:ed:43:e0:98:15:
c0:05:68:2b:18:a4:94:72:9e:e0:92:06:38:64:27:32:ec:1f:
35:5c:b3:1e:23:5d:9a:c8:c8:3f:47:bc:7d:eb:78:29:48:cb:
36:cc:a1:2a:8d:46:46:56:e7:72:78:df:2c:1e:f9:13:42:ff:
d8:43:23:cc:cf:83:28:6c:e1:46:97:0c:e5:cd:61:f8:1a:b8:
ed:aa:a2:4d:74:31:89:ed:ca:cd:b3:6f:bf:0e:a1:d7:bd:b3:
fb:ab:09:c7:e8:de:cd:9a:cb:fa:73:c6:8c:4a:92:19:86:13:
5c:c7:3a:ce:8f:78:08:23:ef:43:62:a2:ac:e8:8d:e8:ca:2a:
89:4c:9c:b6:9b:bf:aa:0c:29:02:fa:2a:90:6d:c0:9b:cd:af:
65:44:3a:3e:74:65:6c:0d:bc:4d:04:b1:2c:60:8c:bd:fd:da:
a8:87:94:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkupHDv2OcLPU5n7dOTGUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NmFiYjFhZDU2N2U1YmIxZTQ3NWE3MmEwYTY4NDUzZTNm
YmExY2QwHhcNMjQwMTAxMTAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU3ZTI3YTViMWM2MDk5ZjA5OTVkZDI0ZDU5ZjRlMThkN2IyNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWD4X4BEydirpqLLEz9tCDNTnNxR
6d4FNSc46CYAD3BF7AW5b2u10LHvWDEMLDowj8ynBaDOrATmmeDsZA6ORVKvg+AZ
ZQ36I+Q463fFVBBOULxQrwUCrxOUsDyEZw44WgsQCL62+Yrv7D+OSZ7h9PI68hDG
wXVS5Rpdh4R0u8tuQAKquMHzqwDG5svqpZFwzG7ng87p2lMvpRfKT2uTLMRgiwcQ
WCiBVdk5tPTtIs89BEVCfqUI0hH2fbUcKTUn3IU5hk1Vbn5tRmDVcTJ2VzJQjAcg
LdNh5/2dOzKIAlXmM3Htd3EFsOa+1ISijfr7djZvJqyD6yzq94HLTHfeSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABX4npbHGCZ8Jld0k1Z9OGNeyRwMB8GA1UdIwQY
MBaAFCdquxrVZ+W7HkdacqCmhFPj+6HNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjJxN0d0Vm41YnNlUjFweW9LYUVVLVA3b2MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80MjY5NGYtODlhNi00M2M4LTgzNDYt
YmIwZWVkMTNmMjNiLzEvQUZmaWVsc2NZSm53bVYzU1RWbjA0WTE3SkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80MjY5NGYtODlhNi00M2M4LTgzNDYtYmIwZWVkMTNmMjNi
LzEvSjJxN0d0Vm41YnNlUjFweW9LYUVVLVA3b2MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwQMtMA0E
AgACMAcDBQAqEF3AMA0GCSqGSIb3DQEBCwUAA4IBAQAJ7+MerDyGnL3Gpc31eyAN
ODO1KsueAH8XN8BW1VaPxST9gZ9eFlot/0ygB94vdgzW5CRoOGnOaaRLx9C0nlT/
B7pRMoSG+Zcx9NsgKih9OeoVoYsl7UPgmBXABWgrGKSUcp7gkgY4ZCcy7B81XLMe
I12ayMg/R7x963gpSMs2zKEqjUZGVudyeN8sHvkTQv/YQyPMz4MobOFGlwzlzWH4
GrjtqqJNdDGJ7crNs2+/DqHXvbP7qwnH6N7Nmsv6c8aMSpIZhhNcxzrOj3gII+9D
YqKs6I3oyiqJTJy2m7+qDCkC+iqQbcCbza9lRDo+dGVsDbxNBLEsYIy9/dqoh5SI
-----END CERTIFICATE-----
Generated at Tue Mar 19 14:59:05 2024 by rpki-client on console-fra.rpki-client.org