Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/aQtBUyqFklxoZ_Xv9YAv_seZ_1s.roa
File: aQtBUyqFklxoZ_Xv9YAv_seZ_1s.roa (raw, json)
Hash identifier: 5tcFNPveh0BSGji/0CizrtqjrZVBFpvmEiL/Wzg2hYg=
Subject key identifier: 69:0B:41:53:2A:85:92:5C:68:67:F5:EF:F5:80:2F:FE:C7:99:FF:5B
Certificate issuer: /CN=afa929be73491acd99d590372a52b815fa1f23f5
Certificate serial: 018CC2DB0A12759B330E20BB9A4D19FA9146
Authority key identifier: AF:A9:29:BE:73:49:1A:CD:99:D5:90:37:2A:52:B8:15:FA:1F:23:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6kpvnNJGs2Z1ZA3KlK4FfofI_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/aQtBUyqFklxoZ_Xv9YAv_seZ_1s.roa
Signing time: Mon 01 Jan 2024 02:29:44 +0000
ROA not before: Mon 01 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57774
IP address blocks: 176.107.192.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0a:12:75:9b:33:0e:20:bb:9a:4d:19:fa:91:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afa929be73491acd99d590372a52b815fa1f23f5
Validity
Not Before: Jan 1 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=690b41532a85925c6867f5eff5802ffec799ff5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:52:cf:64:73:76:bb:eb:8c:a5:14:37:33:56:
b6:29:b3:00:ba:b3:e4:7f:0f:ef:1a:fc:f6:9b:45:
8a:e2:79:a4:24:78:f4:7c:83:c4:ce:9d:f0:27:4d:
99:5e:bc:e7:f8:9c:d4:34:8d:cf:00:93:59:1e:a2:
4f:e7:48:94:e7:2e:79:33:e1:2a:5b:cb:a6:e1:51:
89:82:35:c3:03:19:08:49:cd:3e:01:12:8c:d2:c4:
d8:ca:4b:6c:af:d3:a6:63:58:26:39:8c:8b:1d:f6:
4f:16:4e:bc:7f:d7:12:65:8c:18:5f:aa:18:6d:d7:
ad:cd:00:34:b9:62:0c:a3:25:f9:d8:e6:66:8a:2e:
7e:a7:5e:76:0f:7f:87:08:1c:4b:df:6b:01:d6:ab:
99:4e:f4:34:45:a2:e4:c3:55:9e:e8:2f:6b:7a:9b:
19:9f:2d:7d:bf:a3:73:19:d0:c1:87:9e:03:15:3d:
3a:4d:e8:f5:72:c9:f7:36:15:21:85:33:48:2a:b5:
3e:83:a7:28:d9:c9:fd:33:6b:de:99:72:37:73:06:
18:50:0f:2e:b9:ea:04:06:5a:6e:5f:73:89:b6:ec:
fe:15:c1:80:a3:de:9a:e0:54:32:c0:60:8a:50:25:
26:a1:bf:2a:d3:50:10:51:0b:a5:12:e9:18:d5:1b:
dd:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0B:41:53:2A:85:92:5C:68:67:F5:EF:F5:80:2F:FE:C7:99:FF:5B
X509v3 Authority Key Identifier:
keyid:AF:A9:29:BE:73:49:1A:CD:99:D5:90:37:2A:52:B8:15:FA:1F:23:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6kpvnNJGs2Z1ZA3KlK4FfofI_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/aQtBUyqFklxoZ_Xv9YAv_seZ_1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/2694f8-fa1f-4c81-8312-3b6f1bdf412a/1/r6kpvnNJGs2Z1ZA3KlK4FfofI_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.107.192.0/21
Signature Algorithm: sha256WithRSAEncryption
31:9c:31:d6:0a:68:7b:8b:d7:6a:d9:af:ca:63:f4:0d:36:9d:
db:01:2d:04:7d:2d:a9:4a:bc:96:ae:f2:d4:67:c5:a6:be:e4:
1e:cc:93:f5:ca:c9:29:b3:65:1c:99:58:88:5d:e0:bd:58:77:
07:84:12:e4:3a:b2:9b:42:4e:ab:32:50:a7:55:c3:35:09:cb:
c5:e8:54:95:42:89:d0:ef:43:e1:4d:a8:1b:45:9e:ed:5a:79:
1d:08:c8:5d:db:c9:6f:e4:90:cb:21:0d:45:2a:d6:73:7a:56:
69:ca:e0:5d:39:e0:ab:f3:95:d2:a0:ea:7c:76:19:0a:08:f7:
83:16:01:29:40:2f:2a:4e:19:80:49:68:8c:2c:d2:c4:c9:f4:
b1:8f:89:7d:83:ef:94:b2:11:39:bb:20:b2:01:e6:97:66:49:
1b:2e:3b:01:87:b6:10:c0:c7:ac:3b:65:e9:5c:31:39:9f:aa:
45:2f:26:55:dd:01:1b:f7:63:a8:b3:3d:51:49:58:fa:83:7b:
0a:21:0a:3c:04:1a:f3:70:b4:7b:d3:9d:08:89:7b:5b:8c:c0:
72:84:40:bc:a7:28:59:65:cd:d0:19:2e:2e:92:af:68:e4:87:
e4:15:87:48:47:b6:f1:8f:f1:51:6a:3e:db:f7:0b:c1:18:bc:
a5:4c:63:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2woSdZszDiC7mk0Z+pFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYTkyOWJlNzM0OTFhY2Q5OWQ1OTAzNzJhNTJiODE1ZmEx
ZjIzZjUwHhcNMjQwMTAxMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBiNDE1MzJhODU5MjVjNjg2N2Y1ZWZmNTgwMmZmZWM3OTlmZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9FLPZHN2u+uMpRQ3M1a2KbMAurPk
fw/vGvz2m0WK4nmkJHj0fIPEzp3wJ02ZXrzn+JzUNI3PAJNZHqJP50iU5y55M+Eq
W8um4VGJgjXDAxkISc0+ARKM0sTYyktsr9OmY1gmOYyLHfZPFk68f9cSZYwYX6oY
bdetzQA0uWIMoyX52OZmii5+p152D3+HCBxL32sB1quZTvQ0RaLkw1We6C9repsZ
ny19v6NzGdDBh54DFT06Tej1csn3NhUhhTNIKrU+g6co2cn9M2vemXI3cwYYUA8u
ueoEBlpuX3OJtuz+FcGAo96a4FQywGCKUCUmob8q01AQUQulEukY1RvdtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkLQVMqhZJcaGf17/WAL/7Hmf9bMB8GA1UdIwQY
MBaAFK+pKb5zSRrNmdWQNypSuBX6HyP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZrcHZuTkpHczJaMVpBM0tsSzRGZm9mSV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8yNjk0ZjgtZmExZi00YzgxLTgzMTIt
M2I2ZjFiZGY0MTJhLzEvYVF0QlV5cUZrbHhvWl9YdjlZQXZfc2VaXzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8yNjk0ZjgtZmExZi00YzgxLTgzMTItM2I2ZjFiZGY0MTJh
LzEvcjZrcHZuTkpHczJaMVpBM0tsSzRGZm9mSV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGvAMA0G
CSqGSIb3DQEBCwUAA4IBAQAxnDHWCmh7i9dq2a/KY/QNNp3bAS0EfS2pSryWrvLU
Z8WmvuQezJP1yskps2UcmViIXeC9WHcHhBLkOrKbQk6rMlCnVcM1CcvF6FSVQonQ
70PhTagbRZ7tWnkdCMhd28lv5JDLIQ1FKtZzelZpyuBdOeCr85XSoOp8dhkKCPeD
FgEpQC8qThmASWiMLNLEyfSxj4l9g++UshE5uyCyAeaXZkkbLjsBh7YQwMesO2Xp
XDE5n6pFLyZV3QEb92Oosz1RSVj6g3sKIQo8BBrzcLR7050IiXtbjMByhEC8pyhZ
Zc3QGS4ukq9o5IfkFYdIR7bxj/FRaj7b9wvBGLylTGPP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:26 2025 by rpki-client