Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/AQkJ_znsSt5r67zyRnuSFG9AKu8.roa
File: AQkJ_znsSt5r67zyRnuSFG9AKu8.roa (raw, json)
Hash identifier: P4Hk1tAfzzBcu41FFWuQuqCivLvTXx9Ap7S9YdecinM=
Subject key identifier: 01:09:09:FF:39:EC:4A:DE:6B:EB:BC:F2:46:7B:92:14:6F:40:2A:EF
Certificate issuer: /CN=bccd52a6a7f957171b15f7be5e20916428369401
Certificate serial: 018FBFCCD3A9AA754584B9A26995DE2D75B5
Authority key identifier: BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/AQkJ_znsSt5r67zyRnuSFG9AKu8.roa
Signing time: Tue 28 May 2024 15:23:42 +0000
ROA not before: Tue 28 May 2024 15:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6735
IP address blocks: 5.252.124.0/22 maxlen: 22
45.87.16.0/22 maxlen: 22
62.68.0.0/19 maxlen: 24
185.218.168.0/22 maxlen: 22
195.245.0.0/18 maxlen: 24
2a09:48c0::/29 maxlen: 29
2a0e:ed80::/29 maxlen: 29
2a0f:8040::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 29 May 2024 15:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:cc:d3:a9:aa:75:45:84:b9:a2:69:95:de:2d:75:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bccd52a6a7f957171b15f7be5e20916428369401
Validity
Not Before: May 28 15:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=010909ff39ec4ade6bebbcf2467b92146f402aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b4:b5:36:46:29:c1:0e:77:45:07:2c:1d:82:
0f:dd:1f:93:fe:52:7d:c8:a5:a5:fa:c8:9c:0c:36:
1b:5f:81:96:3a:dd:f6:b9:28:d6:b8:50:f4:e0:fd:
d4:62:ae:b0:5e:dd:f2:c2:93:b1:8d:f0:3a:db:33:
62:7a:49:69:0c:d9:74:f3:58:7a:ba:21:a3:f0:db:
49:49:6a:2a:ae:bf:1d:8c:ab:33:c6:18:1a:90:92:
ea:a4:45:d8:e4:1d:cf:97:09:77:bb:c2:90:6a:5c:
1c:13:32:79:4c:3f:c0:96:5d:d9:10:ba:94:8c:eb:
c3:f9:19:9a:71:63:e4:eb:bb:c8:ef:b6:ce:25:66:
69:8a:bd:f0:f2:0f:b2:e1:67:76:56:8f:4b:88:92:
e9:7b:c5:09:6f:4f:7b:25:b1:0e:4a:fe:15:34:f3:
9b:c2:07:2d:0c:bc:49:f1:93:a0:ff:c8:d0:02:8a:
a8:88:10:c0:df:80:3a:55:8e:29:15:57:dc:84:1f:
92:2d:e7:70:ed:5d:10:20:38:16:95:21:70:f8:ac:
a2:77:4c:6b:42:54:22:94:ef:d1:c3:f3:18:01:36:
7d:6b:9c:11:f4:e7:f1:d1:1d:62:c9:8f:56:cd:6d:
38:f5:c5:5f:65:0c:a7:2a:df:d8:b7:5c:0e:6e:5c:
f4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:09:09:FF:39:EC:4A:DE:6B:EB:BC:F2:46:7B:92:14:6F:40:2A:EF
X509v3 Authority Key Identifier:
keyid:BC:CD:52:A6:A7:F9:57:17:1B:15:F7:BE:5E:20:91:64:28:36:94:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM1Spqf5VxcbFfe-XiCRZCg2lAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/AQkJ_znsSt5r67zyRnuSFG9AKu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/eeab9a-d207-4b2e-a525-e823e17bb5cc/1/vM1Spqf5VxcbFfe-XiCRZCg2lAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.124.0/22
45.87.16.0/22
62.68.0.0/19
185.218.168.0/22
195.245.0.0/18
IPv6:
2a09:48c0::/29
2a0e:ed80::/29
2a0f:8040::/29
Signature Algorithm: sha256WithRSAEncryption
15:68:9e:d4:0a:49:8d:4c:18:d6:ba:76:b2:fa:b9:26:d2:73:
13:0c:b3:c4:d7:33:d5:30:8b:e4:c0:8d:0c:7d:85:24:61:51:
5b:8a:bd:b0:46:a2:d6:3d:a5:8e:d7:9c:86:39:4b:31:58:4d:
43:23:fd:d6:51:ec:6a:be:11:8f:66:34:1b:a1:b5:90:48:8e:
70:4c:7d:c2:c7:da:70:b4:a6:c9:5f:1a:30:fc:5c:fc:80:e4:
76:20:a1:73:b2:d7:31:5e:04:fe:59:a5:b4:7d:a6:98:3b:0d:
2e:fe:45:02:2a:81:0d:a3:ca:ea:76:d4:31:1e:30:03:6a:af:
62:1a:62:78:55:17:80:fd:47:28:72:ac:fa:d1:27:07:b5:28:
c0:d1:db:39:fd:39:58:a4:f3:6e:66:79:e1:b9:b1:b9:c6:91:
1e:36:8a:22:63:ff:d3:cf:1e:76:d5:fa:61:9c:12:14:76:c9:
17:ff:8c:7b:c9:88:c5:0a:b4:93:91:97:19:9d:fc:b5:9f:ac:
8d:89:69:a4:9e:50:cf:92:5d:1b:cb:4b:81:c7:ee:a1:3b:2b:
04:bf:a7:ed:4d:e7:b1:3a:ec:f7:94:f3:ef:93:59:59:31:39:
cb:82:a3:0c:51:f8:cf:48:69:69:39:44:e8:84:c1:89:ab:75:
66:34:e6:3d
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY+/zNOpqnVFhLmiaZXeLXW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2Q1MmE2YTdmOTU3MTcxYjE1ZjdiZTVlMjA5MTY0Mjgz
Njk0MDEwHhcNMjQwNTI4MTUyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTA5MDlmZjM5ZWM0YWRlNmJlYmJjZjI0NjdiOTIxNDZmNDAyYWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7S1NkYpwQ53RQcsHYIP3R+T/lJ9
yKWl+sicDDYbX4GWOt32uSjWuFD04P3UYq6wXt3ywpOxjfA62zNieklpDNl081h6
uiGj8NtJSWoqrr8djKszxhgakJLqpEXY5B3Plwl3u8KQalwcEzJ5TD/All3ZELqU
jOvD+RmacWPk67vI77bOJWZpir3w8g+y4Wd2Vo9LiJLpe8UJb097JbEOSv4VNPOb
wgctDLxJ8ZOg/8jQAoqoiBDA34A6VY4pFVfchB+SLedw7V0QIDgWlSFw+Kyid0xr
QlQilO/Rw/MYATZ9a5wR9Ofx0R1iyY9WzW049cVfZQynKt/Yt1wOblz01wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAEJCf857Erea+u88kZ7khRvQCrvMB8GA1UdIwQY
MBaAFLzNUqan+VcXGxX3vl4gkWQoNpQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUt
ZTgyM2UxN2JiNWNjLzEvQVFrSl96bnNTdDVyNjd6eVJudVNGRzlBS3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9lZWFiOWEtZDIwNy00YjJlLWE1MjUtZTgyM2UxN2JiNWNj
LzEvdk0xU3BxZjVWeGNiRmZlLVhpQ1JaQ2cybEFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCBfx8AwQC
LVcQAwQFPkQAAwQCudqoAwQGw/UAMBsEAgACMBUDBQMqCUjAAwUDKg7tgAMFAyoP
gEAwDQYJKoZIhvcNAQELBQADggEBABVontQKSY1MGNa6drL6uSbScxMMs8TXM9Uw
i+TAjQx9hSRhUVuKvbBGotY9pY7XnIY5SzFYTUMj/dZR7Gq+EY9mNBuhtZBIjnBM
fcLH2nC0pslfGjD8XPyA5HYgoXOy1zFeBP5ZpbR9ppg7DS7+RQIqgQ2jyup21DEe
MANqr2IaYnhVF4D9RyhyrPrRJwe1KMDR2zn9OVik825meeG5sbnGkR42iiJj/9PP
HnbV+mGcEhR2yRf/jHvJiMUKtJORlxmd/LWfrI2JaaSeUM+SXRvLS4HH7qE7KwS/
p+1N57E67PeU8++TWVkxOcuCowxR+M9IaWk5ROiEwYmrdWY05j0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:59 2024 by rpki-client on console-ams.rpki-client.org