Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/aUlYr3WqVUPXw3ScKMUSLISml_U.roa
File: aUlYr3WqVUPXw3ScKMUSLISml_U.roa (raw, json)
Hash identifier: DU88zRMRgnAhgrHIRtKkfMUq3u3vE9ZnhJQADnSN5IE=
Subject key identifier: 69:49:58:AF:75:AA:55:43:D7:C3:74:9C:28:C5:12:2C:84:A6:97:F5
Certificate issuer: /CN=aa7b6137f5af3c22c85a1908d40b2941ee2c06f4
Certificate serial: 0186DAD4F384AE9D5F90959574B561382089
Authority key identifier: AA:7B:61:37:F5:AF:3C:22:C8:5A:19:08:D4:0B:29:41:EE:2C:06:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnthN_WvPCLIWhkI1AspQe4sBvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/aUlYr3WqVUPXw3ScKMUSLISml_U.roa
Signing time: Mon 13 Mar 2023 11:57:14 +0000
ROA not before: Mon 13 Mar 2023 11:57:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198508
IP address blocks: 185.168.4.0/22 maxlen: 22
37.75.224.0/21 maxlen: 21
2a00:8440::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 May 2023 11:20:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:da:d4:f3:84:ae:9d:5f:90:95:95:74:b5:61:38:20:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa7b6137f5af3c22c85a1908d40b2941ee2c06f4
Validity
Not Before: Mar 13 11:57:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=694958af75aa5543d7c3749c28c5122c84a697f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9c:52:d2:46:9c:9b:29:37:4c:50:b9:35:4f:
85:92:d0:46:6e:0c:30:f0:b5:45:d8:b2:27:38:ee:
6b:7f:69:91:37:4f:98:d1:06:d3:56:36:74:27:b2:
11:ed:c0:ea:3a:45:7c:a2:c3:74:5c:d1:28:37:c0:
13:1e:8b:ed:93:72:d5:a4:36:db:81:5f:18:e5:3c:
02:1a:5e:42:cd:cb:fe:07:05:4a:89:bd:f4:78:23:
64:37:a3:cc:1e:3f:52:63:88:2d:3d:64:22:c5:e9:
23:b9:82:49:a0:4d:8d:1a:65:d0:0c:5b:df:76:f8:
82:c5:a4:61:91:80:d4:2b:1d:a3:ed:22:3c:ef:88:
33:36:09:c7:49:cf:8c:36:f5:16:67:00:e2:92:c0:
8e:b2:e1:27:1b:bb:90:5b:05:d4:d7:50:3f:8d:ec:
b2:64:fc:b3:c5:74:a7:a3:ca:98:a4:2e:47:bd:e2:
cd:5c:bd:6d:ca:4c:d6:16:40:50:1a:3c:2b:b3:0c:
f1:2e:da:d1:18:24:ee:87:11:5e:e4:ff:ca:98:a1:
e4:91:0b:36:fc:17:66:a9:13:30:ad:29:1a:c8:99:
0b:be:ab:11:b5:63:d1:45:c2:04:6b:5c:b0:c1:78:
8d:f8:88:2e:e4:2e:b6:55:ad:ef:01:ea:fe:96:ac:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:49:58:AF:75:AA:55:43:D7:C3:74:9C:28:C5:12:2C:84:A6:97:F5
X509v3 Authority Key Identifier:
keyid:AA:7B:61:37:F5:AF:3C:22:C8:5A:19:08:D4:0B:29:41:EE:2C:06:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnthN_WvPCLIWhkI1AspQe4sBvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/aUlYr3WqVUPXw3ScKMUSLISml_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5e06fa-37f9-4a1c-811a-d6a305cbf46c/1/qnthN_WvPCLIWhkI1AspQe4sBvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.224.0/21
185.168.4.0/22
IPv6:
2a00:8440::/32
Signature Algorithm: sha256WithRSAEncryption
44:e5:ba:0a:a1:a9:4b:22:63:58:f7:f3:07:22:38:4d:fe:e9:
85:db:3d:06:82:d4:5a:af:ff:3a:96:ff:22:b5:53:6c:9b:21:
d8:ee:de:8c:18:42:db:f5:dd:ad:93:9e:0e:98:9d:d5:d4:91:
ab:b9:bc:59:b2:5c:0b:b2:dc:27:72:43:28:f3:bf:77:04:0f:
be:68:cb:6c:ec:2b:ce:2e:25:cf:72:dc:d3:82:4d:f4:12:3b:
04:2e:1a:d7:63:98:77:40:43:2d:eb:07:8e:c1:fc:26:d7:4d:
46:2e:76:85:63:d2:73:fc:58:2b:08:09:2f:d5:12:a0:24:83:
2c:53:cf:06:5c:67:bd:e6:2f:c2:c0:ff:4a:7b:0d:46:8e:d3:
3f:dd:27:f5:f0:66:b6:1f:e1:c5:52:95:1e:5e:86:94:57:e9:
78:2d:05:6f:89:95:f7:19:b0:a1:95:46:00:88:65:49:da:aa:
e5:bf:80:20:34:e1:53:76:40:0a:5e:55:bc:8b:b5:9a:9a:2a:
fd:69:50:1e:ef:4a:5b:0c:2e:ce:4d:df:cc:40:8e:67:85:8a:
8e:22:5a:de:4d:82:f0:00:1c:23:70:b1:7d:6f:6e:7c:1b:86:
fd:2c:ab:64:0e:5b:0f:98:61:be:b1:f1:5e:26:8e:50:bf:0b:
53:22:ae:c6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYba1POErp1fkJWVdLVhOCCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhN2I2MTM3ZjVhZjNjMjJjODVhMTkwOGQ0MGIyOTQxZWUy
YzA2ZjQwHhcNMjMwMzEzMTE1NzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQ5NThhZjc1YWE1NTQzZDdjMzc0OWMyOGM1MTIyYzg0YTY5N2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpxS0kacmyk3TFC5NU+FktBGbgww
8LVF2LInOO5rf2mRN0+Y0QbTVjZ0J7IR7cDqOkV8osN0XNEoN8ATHovtk3LVpDbb
gV8Y5TwCGl5Czcv+BwVKib30eCNkN6PMHj9SY4gtPWQixekjuYJJoE2NGmXQDFvf
dviCxaRhkYDUKx2j7SI874gzNgnHSc+MNvUWZwDiksCOsuEnG7uQWwXU11A/jeyy
ZPyzxXSno8qYpC5HveLNXL1tykzWFkBQGjwrswzxLtrRGCTuhxFe5P/KmKHkkQs2
/BdmqRMwrSkayJkLvqsRtWPRRcIEa1ywwXiN+Igu5C62Va3vAer+lqz5MwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGlJWK91qlVD18N0nCjFEiyEppf1MB8GA1UdIwQY
MBaAFKp7YTf1rzwiyFoZCNQLKUHuLAb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW50aE5fV3ZQQ0xJV2hrSTFBc3BRZTRzQnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81ZTA2ZmEtMzdmOS00YTFjLTgxMWEt
ZDZhMzA1Y2JmNDZjLzEvYVVsWXIzV3FWVVBYdzNTY0tNVVNMSVNtbF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81ZTA2ZmEtMzdmOS00YTFjLTgxMWEtZDZhMzA1Y2JmNDZj
LzEvcW50aE5fV3ZQQ0xJV2hrSTFBc3BRZTRzQnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJUvgAwQC
uagEMA0EAgACMAcDBQAqAIRAMA0GCSqGSIb3DQEBCwUAA4IBAQBE5boKoalLImNY
9/MHIjhN/umF2z0GgtRar/86lv8itVNsmyHY7t6MGELb9d2tk54OmJ3V1JGrubxZ
slwLstwnckMo8793BA++aMts7CvOLiXPctzTgk30EjsELhrXY5h3QEMt6weOwfwm
101GLnaFY9Jz/FgrCAkv1RKgJIMsU88GXGe95i/CwP9Kew1GjtM/3Sf18Ga2H+HF
UpUeXoaUV+l4LQVviZX3GbChlUYAiGVJ2qrlv4AgNOFTdkAKXlW8i7Wamir9aVAe
70pbDC7OTd/MQI5nhYqOIlreTYLwABwjcLF9b258G4b9LKtkDlsPmGG+sfFeJo5Q
vwtTIq7G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:34 2024 by rpki-client on console-ams.rpki-client.org