Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AaMWakP1RuYKNpJ_5Y7TX57OMt4.roa
File: AaMWakP1RuYKNpJ_5Y7TX57OMt4.roa (raw, json)
Hash identifier: prmeE6AZiRZRAOaCNGv6oFMz8YRF1sMJkfVdyJVKumQ=
Subject key identifier: 01:A3:16:6A:43:F5:46:E6:0A:36:92:7F:E5:8E:D3:5F:9E:CE:32:DE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191843CCD0BA2091B84B3128F63C5ED6A1D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AaMWakP1RuYKNpJ_5Y7TX57OMt4.roa
Signing time: Sat 24 Aug 2024 11:54:22 +0000
ROA not before: Sat 24 Aug 2024 11:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.242.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 08:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:84:3c:cd:0b:a2:09:1b:84:b3:12:8f:63:c5:ed:6a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Aug 24 11:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01a3166a43f546e60a36927fe58ed35f9ece32de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:89:87:41:0d:cc:de:79:41:71:5d:a5:c2:
cb:aa:7c:a6:03:63:77:d9:d7:bc:4c:30:ad:2e:dd:
a9:69:13:d0:85:7c:05:c1:9e:84:a6:fe:34:14:f3:
3b:fa:4c:40:c9:6a:8e:ba:8c:30:c8:3c:cc:af:c6:
ec:98:3f:ef:7b:9a:2b:7d:34:fe:01:fa:a6:55:cb:
17:9b:6a:e2:57:63:dc:4e:08:92:65:51:47:7b:e4:
06:8a:84:b2:fe:bb:24:8f:29:de:cd:5b:12:9d:4b:
03:07:a0:87:e1:fa:4d:9a:66:ef:b8:ba:1a:a2:77:
ac:a8:36:f4:31:b7:1b:fb:5f:85:09:be:70:ef:c7:
49:2d:13:63:d3:45:d2:c5:f3:46:cf:7c:51:f9:56:
89:d1:46:a1:b2:0d:9b:ac:d7:69:c1:fe:b7:cf:79:
14:49:e5:6f:ba:ed:6c:6e:69:09:db:9b:a3:6f:f7:
ac:ff:e9:93:88:79:8a:6e:63:72:dc:f3:01:16:6b:
fc:1f:f4:9e:90:ad:0e:60:a3:13:81:f3:dd:83:64:
01:4f:3c:81:ca:00:4b:9f:62:a8:c8:fc:47:8b:58:
6a:98:be:b2:66:3b:2e:65:ce:24:47:a2:6b:2a:36:
b8:f0:8e:03:ec:23:14:dc:a5:b2:02:8e:81:6f:ac:
d1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A3:16:6A:43:F5:46:E6:0A:36:92:7F:E5:8E:D3:5F:9E:CE:32:DE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/AaMWakP1RuYKNpJ_5Y7TX57OMt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
45.135.182.0/23
89.34.106.0/24
89.40.70.0/24
93.114.183.0/24
188.208.103.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
84:18:34:87:67:6f:b5:ef:32:ae:a0:08:f3:00:2c:7a:7c:fd:
ec:7c:a6:5d:58:a6:2c:e3:ab:87:69:4d:d3:2a:a3:06:c8:46:
db:96:bc:b4:56:18:ec:54:1c:f3:92:2d:a9:26:83:4f:a1:5f:
33:c2:54:ef:96:1f:05:1c:4a:1a:32:26:06:78:28:d5:4b:00:
26:be:6a:63:4d:1d:ba:87:84:3b:86:a0:01:37:6c:5a:79:9a:
24:61:77:31:eb:79:df:22:eb:55:c4:41:d3:e6:12:ab:c5:ee:
6a:c1:ed:99:1e:18:0e:81:37:47:88:cb:c8:57:e8:34:72:0c:
3d:8f:25:64:b3:27:0f:63:f2:0f:a4:4d:a0:fa:67:b9:13:e0:
d4:3f:9c:50:f2:ab:18:59:fe:9a:e1:15:fc:3c:24:15:be:82:
df:f1:4b:0a:7f:d4:23:32:d1:8c:5d:5d:42:de:78:4f:9c:4d:
28:a0:3e:91:4b:b5:fc:75:6c:19:5b:92:31:13:69:20:b3:13:
48:c9:8f:f9:88:6d:60:8c:90:3f:3b:aa:31:6c:cf:47:5d:b3:
22:3d:88:07:2a:a0:b5:69:00:a4:27:0a:8e:15:b0:6c:c4:dd:
0f:58:5d:2f:4d:57:c6:34:34:82:b8:af:68:52:6c:bc:df:3e:
31:a2:39:b3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZGEPM0LogkbhLMSj2PF7WodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwODI0MTE1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWEzMTY2YTQzZjU0NmU2MGEzNjkyN2ZlNThlZDM1ZjllY2UzMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut6Jh0ENzN55QXFdpcLLqnymA2N3
2de8TDCtLt2paRPQhXwFwZ6Epv40FPM7+kxAyWqOuowwyDzMr8bsmD/ve5orfTT+
AfqmVcsXm2riV2PcTgiSZVFHe+QGioSy/rskjynezVsSnUsDB6CH4fpNmmbvuLoa
onesqDb0Mbcb+1+FCb5w78dJLRNj00XSxfNGz3xR+VaJ0Uahsg2brNdpwf63z3kU
SeVvuu1sbmkJ25ujb/es/+mTiHmKbmNy3PMBFmv8H/SekK0OYKMTgfPdg2QBTzyB
ygBLn2KoyPxHi1hqmL6yZjsuZc4kR6JrKja48I4D7CMU3KWyAo6Bb6zRTQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAGjFmpD9UbmCjaSf+WO01+ezjLeMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvQWFNV2FrUDFSdVlLTnBKXzVZN1RYNTdPTXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjnyAwQB
LYe2AwQAWSJqAwQAWShGAwQAXXK3AwQAvNBnAwQA2RMEMA0GCSqGSIb3DQEBCwUA
A4IBAQCEGDSHZ2+17zKuoAjzACx6fP3sfKZdWKYs46uHaU3TKqMGyEbblry0Vhjs
VBzzki2pJoNPoV8zwlTvlh8FHEoaMiYGeCjVSwAmvmpjTR26h4Q7hqABN2xaeZok
YXcx63nfIutVxEHT5hKrxe5qwe2ZHhgOgTdHiMvIV+g0cgw9jyVksycPY/IPpE2g
+me5E+DUP5xQ8qsYWf6a4RX8PCQVvoLf8UsKf9QjMtGMXV1C3nhPnE0ooD6RS7X8
dWwZW5IxE2kgsxNIyY/5iG1gjJA/O6oxbM9HXbMiPYgHKqC1aQCkJwqOFbBsxN0P
WF0vTVfGNDSCuK9oUmy83z4xojmz
-----END CERTIFICATE-----
Generated at Fri Aug 30 10:31:45 2024 by rpki-client on console-fra.rpki-client.org