Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/AmPMKqYGvXuqkbs5rlLjIlhTYdU.roa
File: AmPMKqYGvXuqkbs5rlLjIlhTYdU.roa (raw, json)
Hash identifier: 85SrKZaeWAxcUn1N6r2oHLweSRbJb8fR+V6f7Ozbdt4=
Subject key identifier: 02:63:CC:2A:A6:06:BD:7B:AA:91:BB:39:AE:52:E3:22:58:53:61:D5
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 018570FBC399DD2995E800EABEB332FED9A8
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/AmPMKqYGvXuqkbs5rlLjIlhTYdU.roa
Signing time: Mon 02 Jan 2023 05:37:05 +0000
ROA not before: Mon 02 Jan 2023 05:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24634
IP address blocks: 82.112.160.0/21 maxlen: 24
193.227.160.0/19 maxlen: 24
37.209.248.0/21 maxlen: 24
213.175.160.0/19 maxlen: 24
185.124.212.0/22 maxlen: 24
2a06:b540::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c3:99:dd:29:95:e8:00:ea:be:b3:32:fe:d9:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jan 2 05:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0263cc2aa606bd7baa91bb39ae52e322585361d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1f:17:d1:be:0e:a5:34:19:e1:a1:bd:b8:6f:
4e:d0:9a:bf:a5:49:36:af:d3:96:7e:a9:3a:10:80:
de:0d:d1:13:b5:64:0b:a2:9b:e8:90:01:c8:6f:b7:
85:b3:c3:49:89:9f:15:0d:a1:7a:4a:b4:0d:23:ac:
6b:6c:a4:ea:5c:12:a4:07:1e:22:5c:77:b8:6d:75:
e0:8c:c5:59:1b:91:44:29:4f:02:91:4a:fb:f2:4a:
ed:78:fa:d3:d7:fa:d2:0d:b8:2f:2c:b0:a1:d5:4d:
d4:da:f8:70:f2:2c:5c:7c:7c:2f:77:ee:ea:a4:b4:
4a:a2:2f:88:7d:38:67:60:83:64:85:de:90:dd:c1:
7a:b2:7f:a7:ee:aa:de:4a:cf:62:4e:a5:1b:d2:8f:
e2:8a:be:1e:a3:05:81:39:d8:e7:48:d5:2d:5e:d3:
b0:fe:03:41:04:84:20:4f:09:78:6a:38:a8:e9:34:
74:f2:8f:28:6c:8f:b1:c3:63:8e:4b:0e:5c:c9:29:
01:82:a0:58:a2:7d:b0:42:53:3c:86:69:2b:0a:cc:
8a:d7:a6:d1:1d:fb:e4:6d:de:79:3e:28:32:49:39:
be:8f:04:ae:92:f5:63:f6:91:30:a1:cf:73:81:22:
a0:d9:d8:b4:7b:fe:e8:16:83:e0:db:84:20:97:a6:
20:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:63:CC:2A:A6:06:BD:7B:AA:91:BB:39:AE:52:E3:22:58:53:61:D5
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/AmPMKqYGvXuqkbs5rlLjIlhTYdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
26:37:48:cd:ea:65:12:00:9f:29:ed:4c:a0:8c:8b:19:e2:30:
cb:09:0b:e9:01:ae:8d:c5:ff:75:81:54:93:43:c7:cd:08:14:
8c:db:8d:e4:fa:f8:3b:76:11:6a:09:42:68:cc:49:8f:a7:e0:
1f:84:e4:b0:63:fa:90:35:a4:91:d1:46:f7:e3:38:43:ff:20:
77:42:d2:35:70:ae:d7:0a:a0:62:27:50:4b:ea:92:fa:a5:9b:
2d:65:5b:73:56:d7:a5:bc:53:ac:29:14:8b:90:b2:a7:23:26:
58:2d:e5:02:5f:06:39:d9:1b:c3:9e:0b:99:26:9f:de:dd:42:
1b:a2:c0:c4:52:69:3e:82:35:f8:22:86:72:1a:eb:57:8c:89:
d5:07:98:45:e4:74:37:51:e1:a8:2e:43:d9:39:c0:4b:1f:14:
16:ed:45:1c:b0:b6:a6:6a:8e:25:93:3a:5a:44:7a:bd:f3:c1:
76:53:b9:97:7c:c3:17:ba:e9:fc:a5:d9:c9:90:14:e4:18:50:
a0:2f:1d:59:db:87:64:d4:86:fc:36:b2:11:bf:da:e3:10:20:
c1:19:6c:d1:2f:ee:63:f4:06:07:00:99:15:ff:a2:d4:01:9b:
08:f8:f7:27:77:ba:8a:30:96:e4:c0:7b:3e:84:52:67:90:a2:
97:73:c7:87
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVw+8OZ3SmV6ADqvrMy/tmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI2NjNjNDVkN2JjMjcyNGQxNjg0ODUwODc1ODFlMTQ0
NDhmYjYwHhcNMjMwMTAyMDUzNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYzY2MyYWE2MDZiZDdiYWE5MWJiMzlhZTUyZTMyMjU4NTM2MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth8X0b4OpTQZ4aG9uG9O0Jq/pUk2
r9OWfqk6EIDeDdETtWQLopvokAHIb7eFs8NJiZ8VDaF6SrQNI6xrbKTqXBKkBx4i
XHe4bXXgjMVZG5FEKU8CkUr78krtePrT1/rSDbgvLLCh1U3U2vhw8ixcfHwvd+7q
pLRKoi+IfThnYINkhd6Q3cF6sn+n7qreSs9iTqUb0o/iir4eowWBOdjnSNUtXtOw
/gNBBIQgTwl4ajio6TR08o8obI+xw2OOSw5cySkBgqBYon2wQlM8hmkrCsyK16bR
Hfvkbd55PigySTm+jwSukvVj9pEwoc9zgSKg2di0e/7oFoPg24Qgl6YgkwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAJjzCqmBr17qpG7Oa5S4yJYU2HVMB8GA1UdIwQY
MBaAFN0LZjxF17wnJNFoSFCHWB4URI+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQt
M2I5ZTNjOGEyZmNhLzEvQW1QTUtxWUd2WHVxa2JzNXJsTGpJbGhUWWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQtM2I5ZTNjOGEyZmNh
LzEvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQD
UnCgAwQCuXzUAwQFweOgAwQF1a+gMA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEB
CwUAA4IBAQAmN0jN6mUSAJ8p7UygjIsZ4jDLCQvpAa6Nxf91gVSTQ8fNCBSM243k
+vg7dhFqCUJozEmPp+AfhOSwY/qQNaSR0Ub34zhD/yB3QtI1cK7XCqBiJ1BL6pL6
pZstZVtzVtelvFOsKRSLkLKnIyZYLeUCXwY52RvDnguZJp/e3UIbosDEUmk+gjX4
IoZyGutXjInVB5hF5HQ3UeGoLkPZOcBLHxQW7UUcsLamao4lkzpaRHq988F2U7mX
fMMXuun8pdnJkBTkGFCgLx1Z24dk1Ib8NrIRv9rjECDBGWzRL+5j9AYHAJkV/6LU
AZsI+Pcnd7qKMJbkwHs+hFJnkKKXc8eH
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:06 2024 by rpki-client on console-fra.rpki-client.org