Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/AWk6O-1OZkJzxs71hOc-XqYC3cU.roa
File: AWk6O-1OZkJzxs71hOc-XqYC3cU.roa (raw, json)
Hash identifier: SVVl1Qxw8H+Kmzlo+MU/9/1hSTBZCX1A7B3lTPVf8eg=
Subject key identifier: 01:69:3A:3B:ED:4E:66:42:73:C6:CE:F5:84:E7:3E:5E:A6:02:DD:C5
Certificate issuer: /CN=3ae145fe3b79b2bf68aadbe007def6d72aef2ac3
Certificate serial: 018CC94E44CC0AE2F4F7312C3A8CDD26FAB9
Authority key identifier: 3A:E1:45:FE:3B:79:B2:BF:68:AA:DB:E0:07:DE:F6:D7:2A:EF:2A:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OuFF_jt5sr9oqtvgB9721yrvKsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/AWk6O-1OZkJzxs71hOc-XqYC3cU.roa
Signing time: Tue 02 Jan 2024 08:33:18 +0000
ROA not before: Tue 02 Jan 2024 08:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50869
IP address blocks: 194.126.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:44:cc:0a:e2:f4:f7:31:2c:3a:8c:dd:26:fa:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ae145fe3b79b2bf68aadbe007def6d72aef2ac3
Validity
Not Before: Jan 2 08:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01693a3bed4e664273c6cef584e73e5ea602ddc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d0:55:99:94:b2:79:09:69:94:97:15:62:81:
62:3a:46:f1:ac:50:21:05:99:1b:33:72:00:45:c3:
39:39:a3:df:b9:9d:dd:f3:33:fe:ab:34:b9:a4:02:
07:93:2b:c7:df:99:7d:7b:18:51:5d:63:be:38:64:
66:a2:4b:2f:1e:62:9a:9f:85:bb:cb:53:e6:3d:56:
61:89:d6:b6:60:83:a6:e4:53:86:4f:86:dd:c4:30:
a9:36:b9:6e:7e:18:db:e0:ce:a9:c7:48:1e:c3:ba:
79:0d:39:a0:64:bf:c0:42:a3:1c:52:d3:b7:2b:43:
07:74:49:72:1e:81:57:18:4d:29:e2:2f:30:39:84:
7c:8e:bf:4a:44:dd:ff:05:68:a8:3e:b1:7a:20:5e:
a6:ce:ee:9b:ee:73:d5:25:c6:ce:5b:61:98:b3:cd:
25:ad:4f:47:8f:9e:69:7c:c3:8b:54:5e:e3:05:b5:
ce:ff:b8:88:68:45:58:6e:e5:f2:a0:9e:39:9a:bf:
f4:ef:3c:45:bf:8b:ba:1a:19:7f:39:58:4a:73:65:
f7:41:e0:6a:dc:c1:f8:34:b2:44:72:5e:8c:e6:ad:
5e:61:77:65:55:7b:1b:32:6a:e8:f4:b1:7d:c2:ba:
98:2a:95:39:73:5d:24:2f:70:4f:f7:3e:bd:02:c9:
75:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:69:3A:3B:ED:4E:66:42:73:C6:CE:F5:84:E7:3E:5E:A6:02:DD:C5
X509v3 Authority Key Identifier:
keyid:3A:E1:45:FE:3B:79:B2:BF:68:AA:DB:E0:07:DE:F6:D7:2A:EF:2A:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OuFF_jt5sr9oqtvgB9721yrvKsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/AWk6O-1OZkJzxs71hOc-XqYC3cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/82f0f1-2147-49fd-a4d6-b7b574eedc33/1/OuFF_jt5sr9oqtvgB9721yrvKsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.235.0/24
Signature Algorithm: sha256WithRSAEncryption
35:dc:54:35:76:92:08:14:9c:aa:bc:eb:08:cd:ef:d7:7e:da:
c2:e4:c2:77:72:37:36:f9:fd:52:10:3b:49:d9:f4:91:a4:6c:
b6:2d:12:ea:4c:a1:38:c8:c4:11:15:2c:08:f5:38:42:f4:4f:
cb:a1:d1:88:bc:26:91:0e:00:e7:9c:a7:9a:d5:69:cf:ee:a0:
96:0c:bd:09:2d:ba:df:3e:c2:97:31:04:23:66:ef:fe:66:a0:
18:1f:34:5d:be:af:4c:c0:4e:70:48:92:89:85:16:63:51:6b:
f2:84:07:d8:b1:b1:06:01:e3:96:2f:1d:c2:24:ed:8e:95:2b:
c7:0d:5c:af:dc:20:d5:94:80:da:7e:4a:21:0f:8d:83:52:5b:
7f:5a:39:e9:e4:23:3f:95:d2:80:98:d8:7d:28:bd:a3:48:b7:
3d:7b:a9:dc:73:dc:34:75:3f:e3:6a:42:a0:20:c3:23:79:b1:
89:d5:ec:ef:99:ed:01:cb:f9:2d:b8:04:33:4c:30:41:d1:46:
af:5e:1a:5b:5c:71:9c:a7:3e:da:fe:b3:4b:6b:bc:b0:43:a3:
46:fa:05:e1:9f:da:cc:65:53:43:fd:ba:64:c0:48:56:93:4c:
ab:69:ca:24:5f:2a:f0:30:06:eb:86:14:42:6b:f9:06:89:53:
dd:3e:b4:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTkTMCuL09zEsOozdJvq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZTE0NWZlM2I3OWIyYmY2OGFhZGJlMDA3ZGVmNmQ3MmFl
ZjJhYzMwHhcNMjQwMTAyMDgzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTY5M2EzYmVkNGU2NjQyNzNjNmNlZjU4NGU3M2U1ZWE2MDJkZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtBVmZSyeQlplJcVYoFiOkbxrFAh
BZkbM3IARcM5OaPfuZ3d8zP+qzS5pAIHkyvH35l9exhRXWO+OGRmoksvHmKan4W7
y1PmPVZhida2YIOm5FOGT4bdxDCpNrlufhjb4M6px0gew7p5DTmgZL/AQqMcUtO3
K0MHdElyHoFXGE0p4i8wOYR8jr9KRN3/BWioPrF6IF6mzu6b7nPVJcbOW2GYs80l
rU9Hj55pfMOLVF7jBbXO/7iIaEVYbuXyoJ45mr/07zxFv4u6Ghl/OVhKc2X3QeBq
3MH4NLJEcl6M5q1eYXdlVXsbMmro9LF9wrqYKpU5c10kL3BP9z69Asl1FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFpOjvtTmZCc8bO9YTnPl6mAt3FMB8GA1UdIwQY
MBaAFDrhRf47ebK/aKrb4Afe9tcq7yrDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3VGRl9qdDVzcjlvcXR2Z0I5NzIxeXJ2S3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84MmYwZjEtMjE0Ny00OWZkLWE0ZDYt
YjdiNTc0ZWVkYzMzLzEvQVdrNk8tMU9aa0p6eHM3MWhPYy1YcVlDM2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84MmYwZjEtMjE0Ny00OWZkLWE0ZDYtYjdiNTc0ZWVkYzMz
LzEvT3VGRl9qdDVzcjlvcXR2Z0I5NzIxeXJ2S3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn7rMA0G
CSqGSIb3DQEBCwUAA4IBAQA13FQ1dpIIFJyqvOsIze/XftrC5MJ3cjc2+f1SEDtJ
2fSRpGy2LRLqTKE4yMQRFSwI9ThC9E/LodGIvCaRDgDnnKea1WnP7qCWDL0JLbrf
PsKXMQQjZu/+ZqAYHzRdvq9MwE5wSJKJhRZjUWvyhAfYsbEGAeOWLx3CJO2OlSvH
DVyv3CDVlIDafkohD42DUlt/Wjnp5CM/ldKAmNh9KL2jSLc9e6ncc9w0dT/jakKg
IMMjebGJ1ezvme0By/ktuAQzTDBB0UavXhpbXHGcpz7a/rNLa7ywQ6NG+gXhn9rM
ZVND/bpkwEhWk0yracokXyrwMAbrhhRCa/kGiVPdPrQc
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:14:32 2025 by rpki-client