Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/aXnSEBjPBkSdv685fIH6nuJjlN8.roa
File: aXnSEBjPBkSdv685fIH6nuJjlN8.roa (raw, json)
Hash identifier: xmANAmC0jkPnZZElhyELTjxnKm07PCvh0+RaKQ6VJrQ=
Subject key identifier: 69:79:D2:10:18:CF:06:44:9D:BF:AF:39:7C:81:FA:9E:E2:63:94:DF
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 018AD75B1CB35B88560EC8E7F30C00414FB7
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/aXnSEBjPBkSdv685fIH6nuJjlN8.roa
Signing time: Wed 27 Sep 2023 15:56:27 +0000
ROA not before: Wed 27 Sep 2023 15:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 185.69.118.0/24 maxlen: 24
185.69.116.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:5b:1c:b3:5b:88:56:0e:c8:e7:f3:0c:00:41:4f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: Sep 27 15:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6979d21018cf06449dbfaf397c81fa9ee26394df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:73:74:13:59:d0:52:1b:89:da:0d:0e:cc:d4:
01:1c:c1:06:6d:5b:03:bf:98:a9:af:ea:4d:90:bf:
cb:d8:e4:be:6d:4b:f5:ec:44:91:69:09:3b:bd:0f:
78:68:7b:0b:e3:93:ed:7f:a5:52:f0:67:03:7b:61:
e6:65:fa:78:04:4f:34:10:cc:89:88:93:72:1f:9c:
00:b8:8a:ac:74:59:b4:af:9e:31:57:4a:ee:19:68:
97:91:39:77:54:87:4a:e4:19:83:5e:4e:d9:bd:4d:
74:cd:ef:a9:fa:2f:36:78:cc:6d:0b:b9:24:60:48:
47:02:c2:a3:bf:94:50:af:b9:44:13:c3:c6:1e:5d:
8f:5e:42:cf:3e:eb:ad:fb:de:20:f6:ed:9e:3f:55:
e4:e9:67:c7:75:32:60:84:cf:1c:16:1c:f9:be:45:
39:e6:b0:87:3b:dc:d7:23:2f:22:e0:f7:5e:89:10:
49:b9:71:f7:05:40:2b:27:2c:2c:91:a4:6c:0d:df:
b3:77:1b:f3:69:7d:69:a5:d1:2c:c1:c4:1d:a4:d6:
d8:5d:04:af:47:22:5f:25:df:fe:f3:8e:04:49:e8:
4f:e0:5d:64:a8:8b:87:f1:1d:1e:72:13:5b:ce:72:
be:cd:8d:66:d1:0c:a1:29:9f:cb:ac:4c:69:ac:fd:
a4:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:79:D2:10:18:CF:06:44:9D:BF:AF:39:7C:81:FA:9E:E2:63:94:DF
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/aXnSEBjPBkSdv685fIH6nuJjlN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:4d:3d:d9:2a:7c:15:fb:33:e1:61:4d:b0:a6:b1:f8:76:20:
a1:a8:ac:b9:fa:55:90:75:f0:ed:cf:fa:6c:f5:b7:a8:56:6c:
41:80:c9:39:3b:b4:d4:82:aa:36:be:0d:23:b7:b4:80:0d:1d:
72:41:51:e6:e3:d2:0e:71:93:f4:39:27:32:46:20:db:c8:0b:
e5:b7:61:d7:8f:5e:73:7a:90:04:16:29:ed:63:ed:dc:42:bf:
3d:f3:82:76:50:b2:e0:5c:c2:d0:16:11:9b:84:98:b1:68:d8:
72:3f:10:46:52:cd:38:16:02:a7:dd:1a:c8:7e:43:db:b2:dc:
21:13:0a:2b:b7:79:dd:12:e0:cc:ee:8e:0f:f5:ec:e0:c6:b7:
0e:b1:c6:36:36:43:b9:e6:6d:57:05:50:7c:f4:23:9f:a4:1b:
d7:04:0b:ac:5a:09:ac:fc:cf:4a:2f:38:1b:2f:e1:f0:f3:67:
ea:2e:da:29:5f:09:72:15:d1:41:09:54:80:bb:aa:99:6a:29:
e5:f1:45:05:5f:61:ad:4a:58:76:61:aa:1f:d7:c9:cf:77:7e:
06:42:e9:e5:9d:c0:e7:13:19:4d:87:a1:97:5b:3b:d9:ac:73:
0f:29:c2:3f:f3:b3:28:72:1e:02:9d:db:18:e8:70:42:47:87:
b9:af:b1:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrXWxyzW4hWDsjn8wwAQU+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjMwOTI3MTU1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc5ZDIxMDE4Y2YwNjQ0OWRiZmFmMzk3YzgxZmE5ZWUyNjM5NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3N0E1nQUhuJ2g0OzNQBHMEGbVsD
v5ipr+pNkL/L2OS+bUv17ESRaQk7vQ94aHsL45Ptf6VS8GcDe2HmZfp4BE80EMyJ
iJNyH5wAuIqsdFm0r54xV0ruGWiXkTl3VIdK5BmDXk7ZvU10ze+p+i82eMxtC7kk
YEhHAsKjv5RQr7lEE8PGHl2PXkLPPuut+94g9u2eP1Xk6WfHdTJghM8cFhz5vkU5
5rCHO9zXIy8i4PdeiRBJuXH3BUArJywskaRsDd+zdxvzaX1ppdEswcQdpNbYXQSv
RyJfJd/+844ESehP4F1kqIuH8R0echNbznK+zY1m0QyhKZ/LrExprP2k0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGl50hAYzwZEnb+vOXyB+p7iY5TfMB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvYVhuU0VCalBCa1NkdjY4NWZJSDZudUpqbE44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQCcTT3ZKnwV
+zPhYU2wprH4diChqKy5+lWQdfDtz/ps9beoVmxBgMk5O7TUgqo2vg0jt7SADR1y
QVHm49IOcZP0OScyRiDbyAvlt2HXj15zepAEFintY+3cQr8984J2ULLgXMLQFhGb
hJixaNhyPxBGUs04FgKn3RrIfkPbstwhEwort3ndEuDM7o4P9ezgxrcOscY2NkO5
5m1XBVB89COfpBvXBAusWgms/M9KLzgbL+Hw82fqLtopXwlyFdFBCVSAu6qZainl
8UUFX2GtSlh2Yaof18nPd34GQunlncDnExlNh6GXWzvZrHMPKcI/87Moch4CndsY
6HBCR4e5r7Ef
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:38 2024 by rpki-client on console-ams.rpki-client.org