Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/AazIPkpPdSCd2THTX2bZYNBraDg.roa
File: AazIPkpPdSCd2THTX2bZYNBraDg.roa (raw, json)
Hash identifier: HM20VtWI36InXlF1/fjNbU0cTuqjWWGxjV1qJrcxUQ8=
Subject key identifier: 01:AC:C8:3E:4A:4F:75:20:9D:D9:31:D3:5F:66:D9:60:D0:6B:68:38
Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40
Certificate serial: 018CC94CA5F341D67B9A8FE457A57FFCDF78
Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/AazIPkpPdSCd2THTX2bZYNBraDg.roa
Signing time: Tue 02 Jan 2024 08:31:32 +0000
ROA not before: Tue 02 Jan 2024 08:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199270
IP address blocks: 141.226.249.0/24 maxlen: 24
185.23.172.0/24 maxlen: 24
185.23.172.0/23 maxlen: 23
185.23.174.0/24 maxlen: 24
2a00:66a0::/35 maxlen: 35
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a5:f3:41:d6:7b:9a:8f:e4:57:a5:7f:fc:df:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40
Validity
Not Before: Jan 2 08:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01acc83e4a4f75209dd931d35f66d960d06b6838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b2:cf:be:82:25:2d:7f:ba:f4:24:50:55:7d:
83:cc:1e:eb:ab:7b:73:d3:7c:66:66:27:2c:cc:a6:
b0:03:8c:99:4d:53:b7:d1:0b:ab:4f:fa:69:43:09:
cf:c2:48:28:99:b4:b8:ce:45:09:0d:78:10:df:a5:
23:51:2a:3a:be:52:51:87:7a:2b:4b:69:36:97:29:
ef:8e:b3:22:cc:59:1d:7b:bd:d9:7b:20:c8:e2:c0:
a7:3a:e9:6a:79:9b:02:23:16:f3:c4:0c:fe:24:7b:
4f:de:5b:d6:8a:9f:b4:09:b6:c6:e2:e5:47:78:b7:
f1:a2:67:ac:4a:25:36:c3:9a:73:47:d7:f1:4a:89:
7c:5c:e8:69:f9:97:d1:4b:0b:5e:97:93:b7:25:ee:
96:ee:d7:b6:38:73:62:4b:8b:a1:5f:63:87:7c:60:
a4:13:ae:52:af:e9:28:85:80:5f:22:75:b0:48:ed:
f2:c5:7f:0f:4f:00:83:c7:2f:98:85:8c:25:0a:dc:
43:7c:71:66:13:cb:bd:b2:f3:49:45:7d:87:2c:13:
9e:f4:6d:ef:2b:c7:d8:e8:5a:80:b4:8a:c6:8d:42:
4a:7e:81:74:7c:95:4c:70:2c:1c:4e:ef:1e:ca:e1:
db:e0:45:5d:52:37:52:79:13:12:fa:01:a9:4b:d4:
20:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:AC:C8:3E:4A:4F:75:20:9D:D9:31:D3:5F:66:D9:60:D0:6B:68:38
X509v3 Authority Key Identifier:
keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/AazIPkpPdSCd2THTX2bZYNBraDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.249.0/24
185.23.172.0-185.23.174.255
IPv6:
2a00:66a0::/35
Signature Algorithm: sha256WithRSAEncryption
77:25:82:04:72:07:11:14:42:de:ea:fd:84:5f:17:34:e0:94:
c8:83:f6:1c:fc:9b:ec:05:19:65:1b:ec:45:ed:25:52:43:af:
be:7e:b2:6d:9b:44:d3:b9:e0:2c:23:7a:4f:a3:6e:62:19:03:
53:fe:15:76:48:81:20:8f:f6:a0:5e:b4:75:6c:df:24:96:bd:
af:56:b0:49:52:12:82:53:d0:76:b9:f9:fa:03:21:75:16:15:
a6:8b:e3:c2:5b:03:68:8f:52:06:4c:11:24:0a:c7:a7:66:12:
f9:5a:77:8e:9b:68:46:6c:f4:09:20:a3:01:ea:94:29:9a:2e:
7e:43:ec:97:21:d8:7b:10:8a:7a:d3:d3:91:ce:e4:ff:18:97:
00:a9:d9:18:10:d4:a6:e9:84:65:2c:30:c9:17:02:12:21:15:
96:26:f7:4b:70:48:28:8c:aa:fe:5e:cd:16:2b:83:47:c2:8a:
71:21:3e:e0:fb:f1:74:95:32:f4:1d:82:ec:a2:bb:1d:dd:34:
31:6e:44:69:37:93:ff:e2:34:be:c0:f7:4e:26:88:f1:9c:b8:
b5:24:61:64:90:bf:4e:0c:71:21:c3:32:72:04:80:b2:49:5c:
cf:42:1e:44:96:08:31:0d:00:d3:89:62:d5:94:36:69:5e:ec:
79:03:d8:a4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTKXzQdZ7mo/kV6V//N94MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3
ZWVmNDAwHhcNMjQwMTAyMDgzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWFjYzgzZTRhNGY3NTIwOWRkOTMxZDM1ZjY2ZDk2MGQwNmI2ODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57LPvoIlLX+69CRQVX2DzB7rq3tz
03xmZicszKawA4yZTVO30QurT/ppQwnPwkgombS4zkUJDXgQ36UjUSo6vlJRh3or
S2k2lynvjrMizFkde73ZeyDI4sCnOulqeZsCIxbzxAz+JHtP3lvWip+0CbbG4uVH
eLfxomesSiU2w5pzR9fxSol8XOhp+ZfRSwtel5O3Je6W7te2OHNiS4uhX2OHfGCk
E65Sr+kohYBfInWwSO3yxX8PTwCDxy+YhYwlCtxDfHFmE8u9svNJRX2HLBOe9G3v
K8fY6FqAtIrGjUJKfoF0fJVMcCwcTu8eyuHb4EVdUjdSeRMS+gGpS9QgsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAGsyD5KT3Ugndkx019m2WDQa2g4MB8GA1UdIwQY
MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt
YmM2ZGI3MjQ4YWRkLzEvQWF6SVBrcFBkU0NkMlRIVFgyYlpZTkJyYURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk
LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQAjeL5MAwD
BAK5F6wDBAC5F64wDgQCAAIwCAMGBSoAZqAAMA0GCSqGSIb3DQEBCwUAA4IBAQB3
JYIEcgcRFELe6v2EXxc04JTIg/Yc/JvsBRllG+xF7SVSQ6++frJtm0TTueAsI3pP
o25iGQNT/hV2SIEgj/agXrR1bN8klr2vVrBJUhKCU9B2ufn6AyF1FhWmi+PCWwNo
j1IGTBEkCsenZhL5WneOm2hGbPQJIKMB6pQpmi5+Q+yXIdh7EIp609ORzuT/GJcA
qdkYENSm6YRlLDDJFwISIRWWJvdLcEgojKr+Xs0WK4NHwopxIT7g+/F0lTL0HYLs
orsd3TQxbkRpN5P/4jS+wPdOJojxnLi1JGFkkL9ODHEhwzJyBICySVzPQh5Elggx
DQDTiWLVlDZpXux5A9ik
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:24:41 2025 by rpki-client