Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/AJI4PdTa9LXB5nl2VI9gbBpfcDg.roa
File: AJI4PdTa9LXB5nl2VI9gbBpfcDg.roa (raw, json)
Hash identifier: ZnRc2wd+Hes16nBrWd0KvkmB+ZKXNJIGc4GPvXlZUm0=
Subject key identifier: 00:92:38:3D:D4:DA:F4:B5:C1:E6:79:76:54:8F:60:6C:1A:5F:70:38
Certificate issuer: /CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Certificate serial: 018AF6739321E058A0BBAD555B12FB823DAD
Authority key identifier: F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/AJI4PdTa9LXB5nl2VI9gbBpfcDg.roa
Signing time: Tue 03 Oct 2023 16:51:24 +0000
ROA not before: Tue 03 Oct 2023 16:51:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208537
IP address blocks: 213.159.24.0/23 maxlen: 23
94.101.104.0/24 maxlen: 24
192.83.120.0/24 maxlen: 24
194.102.239.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f6:73:93:21:e0:58:a0:bb:ad:55:5b:12:fb:82:3d:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6ada20bd98babdf74c3d56cd78ada66ed87a148
Validity
Not Before: Oct 3 16:51:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0092383dd4daf4b5c1e67976548f606c1a5f7038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ee:f7:d4:9e:2f:9c:11:49:86:8a:bd:84:2e:
96:2d:17:7d:15:93:83:48:9a:e2:70:92:f4:29:fc:
ce:53:b6:6e:4f:63:d0:cc:d2:92:e6:e5:ed:52:87:
4d:61:39:b6:b0:d7:b1:c2:9c:5d:d4:cc:cd:b4:9c:
1c:4f:63:1e:27:ac:1c:46:6d:81:f7:b6:f1:a9:f2:
c8:24:a3:94:69:cc:6c:d3:16:01:e6:52:34:95:e1:
96:c5:49:31:4c:cf:95:fe:e9:0b:37:e3:93:05:d6:
99:fd:ac:c4:6b:8b:67:b5:b1:ca:7c:68:c4:c8:6e:
07:a0:04:cc:a9:6d:50:34:6e:cf:e8:01:9c:cc:9a:
95:c4:21:fe:a1:f3:ca:f1:82:2e:d8:35:6e:ea:81:
25:27:34:a5:68:83:e0:cb:2a:43:67:21:94:4b:ef:
f5:4e:81:3b:cd:55:f0:42:36:08:92:1a:31:64:e2:
6d:1b:f5:67:e8:85:8d:0d:7b:9c:d0:8e:2c:2c:56:
75:fb:6d:40:70:47:36:69:2e:1d:da:65:f5:75:de:
d9:a1:c7:59:79:6c:eb:a3:12:67:e2:49:7f:7d:21:
fd:1a:2c:f1:4b:57:b6:f8:f6:c6:1b:41:87:6b:42:
50:e0:f1:ef:43:c7:0a:04:ea:63:7e:0e:1c:e1:57:
ca:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:92:38:3D:D4:DA:F4:B5:C1:E6:79:76:54:8F:60:6C:1A:5F:70:38
X509v3 Authority Key Identifier:
keyid:F6:AD:A2:0B:D9:8B:AB:DF:74:C3:D5:6C:D7:8A:DA:66:ED:87:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q2iC9mLq990w9Vs14raZu2HoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/AJI4PdTa9LXB5nl2VI9gbBpfcDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/4d54b6-e03c-4310-9b39-9db17a5de463/1/9q2iC9mLq990w9Vs14raZu2HoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.104.0/24
192.83.120.0/24
194.102.239.0/24
213.159.24.0/23
Signature Algorithm: sha256WithRSAEncryption
06:b9:b4:6a:3a:96:ad:e3:10:27:f3:49:89:a8:c5:7b:29:a8:
52:43:7f:65:62:4f:b1:a8:63:e0:33:1a:91:77:96:ea:78:43:
73:37:32:ab:b0:f8:ca:3a:1c:81:3d:74:12:50:1a:78:35:f3:
f3:4e:e0:ba:39:46:ec:0b:33:6f:65:46:70:0e:7c:59:63:7b:
86:04:4a:e1:43:07:03:73:f3:af:8b:70:1f:44:e4:05:47:cd:
b3:86:0a:06:24:89:9a:79:ef:9b:4c:fe:7a:ad:36:bd:bd:17:
3f:d1:e3:7d:63:c5:73:cb:d8:09:1c:7c:43:a0:c9:09:4f:a6:
13:7d:3a:03:1f:a0:33:46:b6:bb:3e:80:17:1c:84:d5:ae:6f:
4e:70:84:d3:d8:1e:f0:56:26:74:fb:ce:05:0d:0b:e9:fe:3a:
09:ec:c9:a6:a6:14:a7:b2:d2:66:be:e5:0d:aa:a1:78:3c:4a:
c0:1f:88:af:ed:b2:03:3a:e1:9d:58:10:29:fc:38:0f:8f:87:
20:d8:62:24:da:e5:da:e3:01:19:ed:23:02:af:ac:8e:0e:52:
d0:21:d4:e8:90:a7:4d:13:d1:ce:a1:c4:25:6d:17:54:aa:66:
ad:4a:1f:9c:68:f7:fd:28:27:c8:ac:43:ae:d5:2e:e6:c7:00:
23:be:f9:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr2c5Mh4Figu61VWxL7gj2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWRhMjBiZDk4YmFiZGY3NGMzZDU2Y2Q3OGFkYTY2ZWQ4
N2ExNDgwHhcNMjMxMDAzMTY1MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDkyMzgzZGQ0ZGFmNGI1YzFlNjc5NzY1NDhmNjA2YzFhNWY3MDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmu731J4vnBFJhoq9hC6WLRd9FZOD
SJricJL0KfzOU7ZuT2PQzNKS5uXtUodNYTm2sNexwpxd1MzNtJwcT2MeJ6wcRm2B
97bxqfLIJKOUacxs0xYB5lI0leGWxUkxTM+V/ukLN+OTBdaZ/azEa4tntbHKfGjE
yG4HoATMqW1QNG7P6AGczJqVxCH+ofPK8YIu2DVu6oElJzSlaIPgyypDZyGUS+/1
ToE7zVXwQjYIkhoxZOJtG/Vn6IWNDXuc0I4sLFZ1+21AcEc2aS4d2mX1dd7ZocdZ
eWzroxJn4kl/fSH9GizxS1e2+PbGG0GHa0JQ4PHvQ8cKBOpjfg4c4VfKBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFACSOD3U2vS1weZ5dlSPYGwaX3A4MB8GA1UdIwQY
MBaAFPatogvZi6vfdMPVbNeK2mbth6FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzkt
OWRiMTdhNWRlNDYzLzEvQUpJNFBkVGE5TFhCNW5sMlZJOWdiQnBmY0RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80ZDU0YjYtZTAzYy00MzEwLTliMzktOWRiMTdhNWRlNDYz
LzEvOXEyaUM5bUxxOTkwdzlWczE0cmFadTJIb1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXmVoAwQA
wFN4AwQAwmbvAwQB1Z8YMA0GCSqGSIb3DQEBCwUAA4IBAQAGubRqOpat4xAn80mJ
qMV7KahSQ39lYk+xqGPgMxqRd5bqeENzNzKrsPjKOhyBPXQSUBp4NfPzTuC6OUbs
CzNvZUZwDnxZY3uGBErhQwcDc/Ovi3AfROQFR82zhgoGJImaee+bTP56rTa9vRc/
0eN9Y8Vzy9gJHHxDoMkJT6YTfToDH6AzRra7PoAXHITVrm9OcITT2B7wViZ0+84F
DQvp/joJ7MmmphSnstJmvuUNqqF4PErAH4iv7bIDOuGdWBAp/DgPj4cg2GIk2uXa
4wEZ7SMCr6yODlLQIdTokKdNE9HOocQlbRdUqmatSh+caPf9KCfIrEOu1S7mxwAj
vvku
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:34 2024 by rpki-client on console-ams.rpki-client.org