Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/AFJFp4w9VFq8OGF-Lu39HzDsoW0.roa
File: AFJFp4w9VFq8OGF-Lu39HzDsoW0.roa (raw, json)
Hash identifier: OveyUbBeSggh9w3zmDMa9xFyjMzG2V4VfFXykbHeAa8=
Subject key identifier: 00:52:45:A7:8C:3D:54:5A:BC:38:61:7E:2E:ED:FD:1F:30:EC:A1:6D
Certificate issuer: /CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Certificate serial: 0191A25061B432F7E28548D88689C62CFC08
Authority key identifier: 81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/AFJFp4w9VFq8OGF-Lu39HzDsoW0.roa
Signing time: Fri 30 Aug 2024 08:04:22 +0000
ROA not before: Fri 30 Aug 2024 08:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61216
IP address blocks: 91.228.113.0/24 maxlen: 24
171.25.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 Aug 2024 10:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:50:61:b4:32:f7:e2:85:48:d8:86:89:c6:2c:fc:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81e6397042a7a9645fc12f759d026195d7cbfd58
Validity
Not Before: Aug 30 08:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=005245a78c3d545abc38617e2eedfd1f30eca16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a2:03:09:7d:ed:90:e2:d4:2f:49:3d:83:38:
65:4c:50:30:44:ce:60:d8:db:0a:75:07:0c:70:df:
30:b4:58:44:eb:93:22:92:e2:45:08:cf:ef:d9:38:
92:1e:3e:18:77:98:76:45:8e:19:7f:7b:80:27:09:
77:bf:3f:19:56:e9:25:20:51:f6:20:b9:da:df:f5:
91:54:4f:09:46:63:29:45:cd:cd:ab:8b:33:eb:4b:
d7:74:c2:c7:c9:07:1d:48:1c:ed:d4:20:e6:3a:20:
76:1a:b7:4c:c1:da:3d:d0:59:61:f8:ac:0e:13:ea:
a1:73:92:4d:e4:60:31:32:b1:f8:41:00:f5:de:bf:
5e:8d:b2:b3:71:6d:af:a4:a5:06:c8:10:44:a4:74:
a0:e4:8a:93:14:3a:59:54:ca:a3:ec:f1:c8:f4:32:
b8:d6:74:74:fc:ed:7b:65:f2:86:7a:90:c8:4e:38:
87:bc:96:98:f7:92:88:2f:69:91:cd:ed:a4:8c:98:
a8:95:0c:cc:ff:0b:1e:6b:33:e2:ce:73:45:75:28:
67:c4:02:a7:72:9f:4b:36:3f:c1:7d:dd:57:15:32:
b9:06:20:13:51:ee:f4:00:b7:bf:c2:ca:7f:d1:40:
39:03:ef:11:59:ae:06:8e:b5:f9:4b:b6:ac:15:ba:
f7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:52:45:A7:8C:3D:54:5A:BC:38:61:7E:2E:ED:FD:1F:30:EC:A1:6D
X509v3 Authority Key Identifier:
keyid:81:E6:39:70:42:A7:A9:64:5F:C1:2F:75:9D:02:61:95:D7:CB:FD:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geY5cEKnqWRfwS91nQJhldfL_Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/AFJFp4w9VFq8OGF-Lu39HzDsoW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f8f1b-f3f1-4f1b-9ac4-5ca6a7ad05fa/1/geY5cEKnqWRfwS91nQJhldfL_Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.113.0/24
171.25.192.0/24
Signature Algorithm: sha256WithRSAEncryption
38:ab:18:60:dd:bf:06:60:41:84:e1:79:fe:ea:5e:4f:86:fb:
9a:fe:63:73:84:1b:4b:45:74:78:cc:19:69:18:9c:2a:07:83:
81:5a:19:22:ad:ee:f1:53:d0:61:5b:b2:73:ea:70:1f:c1:c6:
23:de:69:f3:e5:b6:f3:c1:14:c1:4e:86:40:b8:41:8b:6d:59:
80:8f:d1:ac:a9:34:72:07:d5:b7:9d:a7:61:31:a7:e4:c7:e3:
78:6b:57:46:60:06:43:1b:22:32:fc:64:0d:49:93:0c:4f:a6:
ec:e8:95:d9:41:b0:08:41:e7:25:e9:a4:bb:18:03:5b:36:21:
38:2a:68:92:97:b2:55:d4:3e:a2:b2:d3:30:ed:b5:0a:f0:1f:
72:d3:23:b3:74:a7:68:2b:b8:45:b5:5e:c0:68:4b:c8:99:82:
91:fa:09:5d:9f:19:db:d6:dc:7e:5e:e3:db:4a:7c:9a:70:b3:
28:0a:1c:3a:d6:bc:4e:fa:ad:12:cc:bd:68:4b:f6:17:fe:82:
66:16:10:c4:22:76:c2:0f:cb:49:f3:99:80:4d:10:a9:37:f0:
d8:f2:84:c5:a5:3e:7b:fb:2e:81:25:84:c3:1d:b0:35:7f:b6:
c9:91:2f:43:b7:7a:ed:37:3c:cb:39:47:dd:95:25:48:61:43:
3a:d7:3c:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGiUGG0MvfihUjYhonGLPwIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTYzOTcwNDJhN2E5NjQ1ZmMxMmY3NTlkMDI2MTk1ZDdj
YmZkNTgwHhcNMjQwODMwMDgwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDUyNDVhNzhjM2Q1NDVhYmMzODYxN2UyZWVkZmQxZjMwZWNhMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aIDCX3tkOLUL0k9gzhlTFAwRM5g
2NsKdQcMcN8wtFhE65MikuJFCM/v2TiSHj4Yd5h2RY4Zf3uAJwl3vz8ZVuklIFH2
ILna3/WRVE8JRmMpRc3Nq4sz60vXdMLHyQcdSBzt1CDmOiB2GrdMwdo90Flh+KwO
E+qhc5JN5GAxMrH4QQD13r9ejbKzcW2vpKUGyBBEpHSg5IqTFDpZVMqj7PHI9DK4
1nR0/O17ZfKGepDITjiHvJaY95KIL2mRze2kjJiolQzM/wseazPiznNFdShnxAKn
cp9LNj/Bfd1XFTK5BiATUe70ALe/wsp/0UA5A+8RWa4GjrX5S7asFbr3UwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFABSRaeMPVRavDhhfi7t/R8w7KFtMB8GA1UdIwQY
MBaAFIHmOXBCp6lkX8EvdZ0CYZXXy/1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQt
NWNhNmE3YWQwNWZhLzEvQUZKRnA0dzlWRnE4T0dGLUx1MzlIekRzb1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjhmMWItZjNmMS00ZjFiLTlhYzQtNWNhNmE3YWQwNWZh
LzEvZ2VZNWNFS25xV1Jmd1M5MW5RSmhsZGZMX1ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+RxAwQA
qxnAMA0GCSqGSIb3DQEBCwUAA4IBAQA4qxhg3b8GYEGE4Xn+6l5Phvua/mNzhBtL
RXR4zBlpGJwqB4OBWhkire7xU9BhW7Jz6nAfwcYj3mnz5bbzwRTBToZAuEGLbVmA
j9GsqTRyB9W3nadhMafkx+N4a1dGYAZDGyIy/GQNSZMMT6bs6JXZQbAIQecl6aS7
GANbNiE4KmiSl7JV1D6istMw7bUK8B9y0yOzdKdoK7hFtV7AaEvImYKR+gldnxnb
1tx+XuPbSnyacLMoChw61rxO+q0SzL1oS/YX/oJmFhDEInbCD8tJ85mATRCpN/DY
8oTFpT57+y6BJYTDHbA1f7bJkS9Dt3rtNzzLOUfdlSVIYUM61zza
-----END CERTIFICATE-----
Generated at Fri Aug 30 13:00:13 2024 by rpki-client on console-ams.rpki-client.org