Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aaFRAVDztJUley9Uou5WvjLj9aI.roa
File: aaFRAVDztJUley9Uou5WvjLj9aI.roa (raw, json)
Hash identifier: bhPo0UDXkIJycxHUzJ0app5iTY/so1q2ifT06OjyZYc=
Subject key identifier: 69:A1:51:01:50:F3:B4:95:25:7B:2F:54:A2:EE:56:BE:32:E3:F5:A2
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A9EB75752D98A65739809A30FF93AD975
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aaFRAVDztJUley9Uou5WvjLj9aI.roa
Signing time: Sat 16 Sep 2023 15:58:50 +0000
ROA not before: Sat 16 Sep 2023 15:58:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 2.57.240.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
94.177.51.0/24 maxlen: 24
176.126.174.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
93.90.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Sep 2023 17:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9e:b7:57:52:d9:8a:65:73:98:09:a3:0f:f9:3a:d9:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 16 15:58:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a1510150f3b495257b2f54a2ee56be32e3f5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f7:30:34:be:f6:b1:19:10:68:ae:ad:b4:36:
1a:a5:11:f1:75:7d:f6:41:65:86:b2:05:83:38:ef:
a2:bd:8c:f3:90:61:52:0d:08:48:d7:80:33:96:9e:
20:94:c2:f7:c6:50:55:3d:0d:1d:ff:42:f6:c5:0c:
da:51:c6:d3:4c:a6:f0:96:73:c4:fa:2d:ff:11:23:
d7:e2:13:9b:c5:86:38:f2:f9:a8:c9:3a:ed:d0:d1:
40:f0:cd:be:ca:74:57:9d:02:49:fb:4f:c6:cc:f7:
c5:50:c5:97:9d:29:35:c8:f7:a9:ec:64:33:d4:87:
b9:5e:41:ee:04:7c:17:ff:3b:ad:ea:3c:f7:2e:5c:
c2:b8:5f:e4:bc:13:51:da:c4:6f:16:44:55:0e:91:
ff:62:e6:cc:f1:e5:1e:99:b8:12:21:05:a1:30:be:
26:71:39:d3:83:1e:44:e5:f6:43:d8:16:80:bb:1f:
02:61:0b:df:94:55:19:e1:99:99:ee:13:c8:82:a7:
15:81:9a:8c:d4:4e:fe:73:ce:a1:d0:d9:5b:bb:68:
83:94:43:48:55:7c:6c:f1:0b:59:10:b7:87:d4:78:
69:8c:5e:b2:9d:3a:f0:7e:6d:17:4c:13:5f:83:5d:
54:f8:a7:4c:8f:3c:77:4e:99:c7:a4:4c:1e:fa:a2:
c3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A1:51:01:50:F3:B4:95:25:7B:2F:54:A2:EE:56:BE:32:E3:F5:A2
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aaFRAVDztJUley9Uou5WvjLj9aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/24
62.192.152.0/24
89.37.192.0/24
89.47.55.0/24
93.90.75.0/24
94.177.51.0/24
176.126.174.0/24
Signature Algorithm: sha256WithRSAEncryption
57:1c:6b:69:47:0f:9f:91:e0:94:7a:dc:51:bb:9b:64:ba:32:
53:52:5c:24:ff:be:a2:f9:fc:da:58:91:60:22:e8:40:75:e1:
f4:4c:b9:2f:b1:c8:4e:00:83:3d:f0:5b:ff:b3:17:2c:ce:01:
3e:64:f3:78:9b:9f:f8:e0:0e:b6:ab:f6:72:14:3b:1e:f3:93:
04:ad:b6:3a:93:8a:82:e8:71:96:41:a8:1f:66:9a:69:3d:83:
94:bd:a1:10:30:51:0e:28:8d:9d:f5:41:d7:6f:61:ca:82:ec:
32:c1:f5:d4:5e:98:d1:68:77:25:5b:c4:b6:0b:ce:51:77:69:
a8:65:d7:cd:48:4c:68:5b:38:4d:b8:88:28:c5:3e:1b:b4:7c:
95:2f:3a:2a:4c:04:2c:65:85:21:f0:b0:c0:35:62:42:9a:61:
32:d6:9e:2c:16:79:d3:d3:85:2a:5b:76:b8:b4:b4:7a:72:15:
ab:d6:b2:46:ac:72:a0:6b:f0:0f:b7:6f:cb:ff:8a:12:9e:00:
50:85:16:ce:f8:d3:44:19:f2:e6:e7:22:24:4b:03:c8:cb:0e:
8b:1c:55:c7:ef:e9:65:d4:9c:6f:f0:f9:13:4b:43:61:28:2a:
30:dc:1a:ed:db:c0:d8:af:0d:5d:38:d6:3b:88:2b:d3:9d:67:
fc:0b:99:11
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqet1dS2Yplc5gJow/5Otl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTE2MTU1ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWExNTEwMTUwZjNiNDk1MjU3YjJmNTRhMmVlNTZiZTMyZTNmNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivcwNL72sRkQaK6ttDYapRHxdX32
QWWGsgWDOO+ivYzzkGFSDQhI14Azlp4glML3xlBVPQ0d/0L2xQzaUcbTTKbwlnPE
+i3/ESPX4hObxYY48vmoyTrt0NFA8M2+ynRXnQJJ+0/GzPfFUMWXnSk1yPep7GQz
1Ie5XkHuBHwX/zut6jz3LlzCuF/kvBNR2sRvFkRVDpH/YubM8eUembgSIQWhML4m
cTnTgx5E5fZD2BaAux8CYQvflFUZ4ZmZ7hPIgqcVgZqM1E7+c86h0Nlbu2iDlENI
VXxs8QtZELeH1HhpjF6ynTrwfm0XTBNfg11U+KdMjzx3TpnHpEwe+qLD4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGmhUQFQ87SVJXsvVKLuVr4y4/WiMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYWFGUkFWRHp0SlVsZXk5VW91NVd2akxqOWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjnwAwQA
PsCYAwQAWSXAAwQAWS83AwQAXVpLAwQAXrEzAwQAsH6uMA0GCSqGSIb3DQEBCwUA
A4IBAQBXHGtpRw+fkeCUetxRu5tkujJTUlwk/76i+fzaWJFgIuhAdeH0TLkvschO
AIM98Fv/sxcszgE+ZPN4m5/44A62q/ZyFDse85MErbY6k4qC6HGWQagfZpppPYOU
vaEQMFEOKI2d9UHXb2HKguwywfXUXpjRaHclW8S2C85Rd2moZdfNSExoWzhNuIgo
xT4btHyVLzoqTAQsZYUh8LDANWJCmmEy1p4sFnnT04UqW3a4tLR6chWr1rJGrHKg
a/APt2/L/4oSngBQhRbO+NNEGfLm5yIkSwPIyw6LHFXH7+ll1Jxv8PkTS0NhKCow
3Brt28DYrw1dONY7iCvTnWf8C5kR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:07 2024 by rpki-client on console-fra.rpki-client.org