Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/aif4sWq1NqBvgaQa3Lxbp5go4SI.roa
File: aif4sWq1NqBvgaQa3Lxbp5go4SI.roa (raw, json)
Hash identifier: esTJhCNhq0fWG7r5wDHlhH/KTYH9J01jTAsoAO8G2UI=
Subject key identifier: 6A:27:F8:B1:6A:B5:36:A0:6F:81:A4:1A:DC:BC:5B:A7:98:28:E1:22
Certificate issuer: /CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Certificate serial: 01856D788396147592B4EFD31C42C8C7D09D
Authority key identifier: 1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/aif4sWq1NqBvgaQa3Lxbp5go4SI.roa
Signing time: Sun 01 Jan 2023 13:14:52 +0000
ROA not before: Sun 01 Jan 2023 13:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8788
IP address blocks: 193.138.87.0/24 maxlen: 24
212.26.128.0/19 maxlen: 19
194.32.109.0/24 maxlen: 24
194.32.110.0/24 maxlen: 24
178.211.96.0/19 maxlen: 20
194.32.108.0/24 maxlen: 24
194.32.108.0/23 maxlen: 23
212.26.140.0/24 maxlen: 24
212.80.32.0/19 maxlen: 20
2a00:e780:2::/48 maxlen: 48
2a00:e780::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:83:96:14:75:92:b4:ef:d3:1c:42:c8:c7:d0:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aa19c92e96677f5f96f68f1ca0aad9fa311eb45
Validity
Not Before: Jan 1 13:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a27f8b16ab536a06f81a41adcbc5ba79828e122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6a:40:82:24:78:d3:ce:8d:29:ba:67:eb:9b:
08:46:44:3c:13:37:12:b8:e5:3e:d6:3d:b5:08:9d:
97:72:4c:9b:6d:da:38:52:6f:78:d8:b5:72:a1:48:
cf:e7:76:8a:f4:cb:fb:b8:61:9f:27:02:c4:f3:34:
a1:13:49:a6:87:4b:88:59:8a:e5:df:08:56:d6:d3:
09:ea:cb:07:c5:70:a1:97:40:26:e6:62:ea:c1:2e:
2a:44:2b:ca:8e:10:bc:55:e5:2f:01:08:9c:44:b2:
3a:44:5b:50:1b:52:b2:58:45:ed:6e:d8:10:9d:a6:
0f:d8:62:32:ca:c8:d5:78:97:00:02:29:79:59:9a:
69:a8:68:4f:5f:bb:d0:c3:b0:26:97:c5:00:1b:a5:
4d:30:c5:e1:fe:81:d4:b2:35:af:d1:fe:d2:0e:a6:
aa:f7:8e:b8:ff:f5:43:60:34:b5:ab:91:e1:5b:4c:
41:56:67:f8:f5:34:cf:3c:6f:97:38:de:dd:64:14:
3b:50:5d:28:20:8e:9f:81:68:1b:6b:08:19:15:66:
43:a7:ad:c7:bf:c8:41:00:a8:5b:2d:70:c3:52:f5:
ac:71:2b:24:7a:9c:60:23:40:3f:91:6a:a7:1e:d7:
ea:de:13:f6:7e:3f:3d:5d:3e:d3:78:36:3e:ba:7d:
1f:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:27:F8:B1:6A:B5:36:A0:6F:81:A4:1A:DC:BC:5B:A7:98:28:E1:22
X509v3 Authority Key Identifier:
keyid:1A:A1:9C:92:E9:66:77:F5:F9:6F:68:F1:CA:0A:AD:9F:A3:11:EB:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GqGckulmd_X5b2jxygqtn6MR60U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/aif4sWq1NqBvgaQa3Lxbp5go4SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/00adb0-890d-47ad-a18c-4ad0abec275e/1/GqGckulmd_X5b2jxygqtn6MR60U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.96.0/19
193.138.87.0/24
194.32.108.0-194.32.110.255
212.26.128.0/19
212.80.32.0/19
IPv6:
2a00:e780::/32
Signature Algorithm: sha256WithRSAEncryption
93:44:a2:c9:c0:e9:20:22:e2:f9:90:9f:91:62:8b:ce:1b:2d:
b9:f5:02:f9:20:10:ba:6e:d4:d2:3a:89:d2:4f:99:e4:27:fc:
20:a6:2e:6c:0d:e3:e7:f2:a7:99:66:86:29:c0:80:51:d6:75:
0d:df:d2:68:9a:fc:ed:82:a1:01:6d:72:fb:b0:54:82:63:e2:
ab:fc:7d:36:5e:c7:8b:ee:88:dd:0a:59:2a:b2:d8:3f:78:ea:
d5:02:73:9b:c0:57:a7:da:1c:04:6f:28:ed:0d:cf:dc:90:9a:
18:38:a2:7e:51:cd:58:11:d5:b5:f7:a7:71:49:b1:6c:b2:aa:
79:39:af:ac:0d:55:17:9d:d9:db:fb:23:5e:00:59:82:a5:fd:
37:fe:aa:75:da:36:89:2e:28:9d:8a:51:b7:c6:38:78:cf:da:
c4:41:9e:de:cd:5d:ce:5e:84:af:2d:6c:b1:4e:b8:47:27:af:
95:72:f1:55:9e:fd:8b:56:6d:16:c4:ed:16:9c:b7:a2:33:21:
67:5b:1e:9a:32:bd:17:48:da:bc:ec:91:dc:d9:29:20:ba:69:
13:72:a2:e7:14:c5:7a:a7:71:24:16:6c:85:7f:be:60:1a:3a:
09:ef:c5:7d:b4:77:26:f9:6e:63:01:96:71:8c:23:e6:5f:cf:
4c:2c:1d:b8
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVteIOWFHWStO/THELIx9CdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYTE5YzkyZTk2Njc3ZjVmOTZmNjhmMWNhMGFhZDlmYTMx
MWViNDUwHhcNMjMwMTAxMTMxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTI3ZjhiMTZhYjUzNmEwNmY4MWE0MWFkY2JjNWJhNzk4MjhlMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGpAgiR4086NKbpn65sIRkQ8EzcS
uOU+1j21CJ2Xckybbdo4Um942LVyoUjP53aK9Mv7uGGfJwLE8zShE0mmh0uIWYrl
3whW1tMJ6ssHxXChl0Am5mLqwS4qRCvKjhC8VeUvAQicRLI6RFtQG1KyWEXtbtgQ
naYP2GIyysjVeJcAAil5WZppqGhPX7vQw7Aml8UAG6VNMMXh/oHUsjWv0f7SDqaq
9464//VDYDS1q5HhW0xBVmf49TTPPG+XON7dZBQ7UF0oII6fgWgbawgZFWZDp63H
v8hBAKhbLXDDUvWscSskepxgI0A/kWqnHtfq3hP2fj89XT7TeDY+un0fdQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGon+LFqtTagb4GkGty8W6eYKOEiMB8GA1UdIwQY
MBaAFBqhnJLpZnf1+W9o8coKrZ+jEetFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMt
NGFkMGFiZWMyNzVlLzEvYWlmNHNXcTFOcUJ2Z2FRYTNMeGJwNWdvNFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8wMGFkYjAtODkwZC00N2FkLWExOGMtNGFkMGFiZWMyNzVl
LzEvR3FHY2t1bG1kX1g1YjJqeHlncXRuNk1SNjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFstNgAwQA
wYpXMAwDBALCIGwDBADCIG4DBAXUGoADBAXUUCAwDQQCAAIwBwMFACoA54AwDQYJ
KoZIhvcNAQELBQADggEBAJNEosnA6SAi4vmQn5Fii84bLbn1AvkgELpu1NI6idJP
meQn/CCmLmwN4+fyp5lmhinAgFHWdQ3f0mia/O2CoQFtcvuwVIJj4qv8fTZex4vu
iN0KWSqy2D946tUCc5vAV6faHARvKO0Nz9yQmhg4on5RzVgR1bX3p3FJsWyyqnk5
r6wNVRed2dv7I14AWYKl/Tf+qnXaNokuKJ2KUbfGOHjP2sRBnt7NXc5ehK8tbLFO
uEcnr5Vy8VWe/YtWbRbE7Ract6IzIWdbHpoyvRdI2rzskdzZKSC6aRNyoucUxXqn
cSQWbIV/vmAaOgnvxX20dyb5bmMBlnGMI+Zfz0wsHbg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:24 2023 by rpki-client on console-fra.rpki-client.org