Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aomUkZN7xgWt1en3qiB4IQpOrTc.roa
File: aomUkZN7xgWt1en3qiB4IQpOrTc.roa (raw, json)
Hash identifier: ztiFlKKYOyRypkSHKwZS8W+xGtSPLxLp4wDXK++iPDI=
Subject key identifier: 6A:89:94:91:93:7B:C6:05:AD:D5:E9:F7:AA:20:78:21:0A:4E:AD:37
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0191BB2D213B94564749314A67959CD2A36D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aomUkZN7xgWt1en3qiB4IQpOrTc.roa
Signing time: Wed 04 Sep 2024 03:56:22 +0000
ROA not before: Wed 04 Sep 2024 03:56:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215224
IP address blocks: 93.115.104.0/24 maxlen: 24
185.141.218.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.241.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 16:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:2d:21:3b:94:56:47:49:31:4a:67:95:9c:d2:a3:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 4 03:56:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a899491937bc605add5e9f7aa2078210a4ead37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1c:8d:0b:68:ce:71:cc:2b:83:f6:80:35:da:
ac:d3:e5:dd:ee:13:90:a2:5c:9f:0d:7b:90:a0:d1:
8f:c7:9a:6d:71:13:73:14:a2:e4:1a:1d:21:7b:83:
b9:b7:54:28:fc:e9:f9:15:ea:59:7f:08:90:8e:98:
c0:2b:d7:b4:5b:62:af:8a:f7:75:75:57:dd:86:32:
a6:5d:89:0f:fd:15:5e:f5:7b:1a:66:7d:68:cf:b8:
0c:8a:76:26:ac:8c:21:62:fd:63:74:f2:32:16:d3:
45:31:8f:52:bf:25:39:33:39:62:a2:19:f5:78:cf:
58:01:dc:30:a6:0e:3b:64:61:a9:64:de:0e:4b:32:
6a:6c:14:92:c4:64:b7:ed:58:e3:f8:14:4d:69:09:
aa:96:8d:a7:98:46:bb:f9:ed:e3:41:c0:85:00:87:
09:36:64:6f:5f:83:21:e7:42:52:8e:e1:4c:9c:2f:
9e:bb:9d:7c:bf:37:49:4d:59:d6:c1:81:8f:7f:ba:
1e:c9:63:a7:ed:e8:bb:8e:d3:cc:bf:e4:27:04:28:
54:94:c2:49:ce:80:66:a9:7c:d9:99:b6:a0:ab:c0:
ce:7a:a8:ce:87:14:23:ab:ad:e5:b2:1c:f0:da:be:
44:cf:47:80:c1:b7:9c:75:ae:63:14:26:e6:95:c9:
3d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:89:94:91:93:7B:C6:05:AD:D5:E9:F7:AA:20:78:21:0A:4E:AD:37
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aomUkZN7xgWt1en3qiB4IQpOrTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.104.0/24
185.141.218.0/24
185.198.235.0/24
188.241.136.0/24
Signature Algorithm: sha256WithRSAEncryption
69:4b:e5:20:26:1c:4c:ba:06:5d:a8:fe:df:00:c9:1f:42:07:
56:62:63:21:b4:d4:d5:61:9a:6e:f4:58:70:a1:bf:5d:4c:df:
44:d7:ba:ad:54:63:79:9b:fd:c4:d6:52:85:a4:dc:df:b8:80:
d7:8c:ea:78:71:69:d0:83:18:09:f3:75:43:e6:c3:d1:38:91:
77:fc:0c:8a:35:25:16:34:19:38:1c:be:c9:68:a7:6d:b6:74:
aa:ab:04:77:b0:52:e2:4d:dd:78:b6:64:e5:fd:ce:b3:98:b2:
9c:29:b0:d3:44:d6:aa:72:11:b6:f5:ec:64:0d:ed:a7:83:25:
8c:dc:93:eb:f4:be:3f:77:89:4a:c1:61:43:3c:76:83:f1:4f:
f8:77:0c:57:5f:b7:d2:de:19:8e:64:2b:36:e3:ef:7d:55:4d:
cd:e3:b3:a4:2a:79:9a:fd:db:35:34:ef:85:b5:8c:a2:b7:10:
8c:28:60:17:23:70:de:34:ad:d1:ee:4c:4e:94:87:51:7a:25:
b9:69:6b:d3:77:9f:18:0a:84:92:9e:db:bf:ae:ff:e7:18:c9:
73:57:fa:15:b8:80:9f:ac:ad:34:b0:fd:e4:d9:f8:35:74:e2:
04:6f:76:e9:8e:b4:5c:b3:f9:8b:d0:5a:1a:36:6b:75:08:62:
a4:db:da:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZG7LSE7lFZHSTFKZ5Wc0qNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwOTA0MDM1NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg5OTQ5MTkzN2JjNjA1YWRkNWU5ZjdhYTIwNzgyMTBhNGVhZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hyNC2jOccwrg/aANdqs0+Xd7hOQ
olyfDXuQoNGPx5ptcRNzFKLkGh0he4O5t1Qo/On5FepZfwiQjpjAK9e0W2Kvivd1
dVfdhjKmXYkP/RVe9XsaZn1oz7gMinYmrIwhYv1jdPIyFtNFMY9SvyU5Mzliohn1
eM9YAdwwpg47ZGGpZN4OSzJqbBSSxGS37Vjj+BRNaQmqlo2nmEa7+e3jQcCFAIcJ
NmRvX4Mh50JSjuFMnC+eu518vzdJTVnWwYGPf7oeyWOn7ei7jtPMv+QnBChUlMJJ
zoBmqXzZmbagq8DOeqjOhxQjq63lshzw2r5Ez0eAwbecda5jFCbmlck9XwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGqJlJGTe8YFrdXp96ogeCEKTq03MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYW9tVWtaTjd4Z1d0MWVuM3FpQjRJUXBPclRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXNoAwQA
uY3aAwQAucbrAwQAvPGIMA0GCSqGSIb3DQEBCwUAA4IBAQBpS+UgJhxMugZdqP7f
AMkfQgdWYmMhtNTVYZpu9Fhwob9dTN9E17qtVGN5m/3E1lKFpNzfuIDXjOp4cWnQ
gxgJ83VD5sPROJF3/AyKNSUWNBk4HL7JaKdttnSqqwR3sFLiTd14tmTl/c6zmLKc
KbDTRNaqchG29exkDe2ngyWM3JPr9L4/d4lKwWFDPHaD8U/4dwxXX7fS3hmOZCs2
4+99VU3N47OkKnma/ds1NO+FtYyitxCMKGAXI3DeNK3R7kxOlIdReiW5aWvTd58Y
CoSSntu/rv/nGMlzV/oVuICfrK00sP3k2fg1dOIEb3bpjrRcs/mL0FoaNmt1CGKk
29pj
-----END CERTIFICATE-----
Generated at Fri Sep 6 19:15:49 2024 by rpki-client on console-ams.rpki-client.org