Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/4Re71IjnItbfXtmk7k9hjCVAnqc.roa
File: 4Re71IjnItbfXtmk7k9hjCVAnqc.roa (raw, json)
Hash identifier: aWNrrNCnqhmZuNJdbtkmXWcYAk7Jq5/1GJlWgnSoYNE=
Subject key identifier: E1:17:BB:D4:88:E7:22:D6:DF:5E:D9:A4:EE:4F:61:8C:25:40:9E:A7
Certificate issuer: /CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Certificate serial: 01857082911183962288A54A9CA21441A434
Authority key identifier: AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/4Re71IjnItbfXtmk7k9hjCVAnqc.roa
Signing time: Mon 02 Jan 2023 03:24:43 +0000
ROA not before: Mon 02 Jan 2023 03:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15412
IP address blocks: 85.95.24.0/22 maxlen: 24
80.77.0.0/20 maxlen: 24
62.216.128.0/19 maxlen: 24
2001:1a00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 24 Aug 2023 05:38:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:91:11:83:96:22:88:a5:4a:9c:a2:14:41:a4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3
Validity
Not Before: Jan 2 03:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e117bbd488e722d6df5ed9a4ee4f618c25409ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b5:93:03:21:f1:97:c1:51:f6:5c:df:e5:a3:
67:1e:31:75:10:83:ae:67:23:99:91:0e:f1:73:d9:
45:cc:ad:b8:7f:6d:c6:fa:47:ca:3f:ea:d8:0d:a8:
cf:50:4d:e3:e1:d2:a5:a0:ca:0c:17:4c:00:1a:e5:
a9:f6:1c:a9:22:11:88:78:c2:83:6e:3e:ad:a1:e5:
39:7d:cd:b3:f6:78:92:31:3b:71:10:be:1d:05:b2:
d0:08:8d:5c:3f:29:d9:b1:1e:36:50:6b:76:38:9d:
31:1a:d1:d3:38:03:f1:f8:7e:0b:cc:28:40:cd:64:
ed:c9:36:ec:c7:00:9c:aa:65:89:d1:2b:b6:6a:62:
8d:a7:43:cb:b7:6e:37:e5:55:48:12:91:9e:79:bf:
14:67:16:86:a5:71:92:49:3e:73:fa:3e:25:f4:34:
f7:ea:72:3e:8f:1a:9d:36:c3:17:11:02:1d:9a:c3:
f1:f6:eb:df:25:94:be:dd:a6:31:6e:02:70:ee:33:
25:87:3d:6d:5d:bf:3f:cf:5f:d9:82:74:60:d8:1e:
7d:60:5b:24:d3:2f:73:19:e3:d7:70:a8:66:f7:9f:
7d:72:40:b0:10:b2:07:73:09:a8:bc:15:9f:e1:35:
54:69:7a:4f:9e:08:30:1e:03:2e:3a:96:eb:cb:75:
08:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:17:BB:D4:88:E7:22:D6:DF:5E:D9:A4:EE:4F:61:8C:25:40:9E:A7
X509v3 Authority Key Identifier:
keyid:AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/4Re71IjnItbfXtmk7k9hjCVAnqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.128.0/19
80.77.0.0/20
85.95.24.0/22
IPv6:
2001:1a00::/32
Signature Algorithm: sha256WithRSAEncryption
46:58:1b:6b:9a:04:48:07:48:86:6e:04:97:e1:79:79:26:c1:
11:0a:19:e3:c2:f0:2d:7c:09:f1:33:da:4d:44:4f:44:6e:7f:
9d:99:13:07:1e:cc:50:93:ca:4e:6e:ad:85:70:52:fb:3c:a0:
ee:43:d4:4f:11:b3:ab:9a:01:72:f5:e6:b7:37:b5:a7:8c:40:
07:c3:3e:c4:99:eb:c7:db:46:af:7a:ff:9c:61:c0:6b:9d:ab:
d9:42:dd:07:41:0a:7a:e8:58:82:70:5a:ba:46:f2:47:b7:5f:
3b:21:ea:b0:ff:35:46:e6:6a:9b:75:01:96:f1:45:e9:7f:74:
f3:a3:f5:98:76:ee:36:e1:62:88:c4:b4:0f:53:a0:2e:1b:83:
12:ed:63:62:e3:7c:99:f8:6f:8d:9b:34:b6:f0:3c:bc:a1:01:
2b:79:91:10:87:9b:6c:4c:6d:6e:1a:06:44:9f:56:66:d3:7c:
83:df:56:63:10:96:4c:45:45:5c:75:b4:d4:28:f3:e9:0c:a5:
ab:21:b5:42:2b:37:07:eb:52:a0:a0:e6:e1:63:d6:7b:90:4d:
93:eb:6d:60:c0:fe:99:9d:9a:4d:d6:d1:63:a0:02:8f:63:c9:
12:07:ac:f2:7e:06:3e:fa:d4:be:52:22:5b:8a:8d:a8:5e:b8:
b1:d8:c0:d9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwgpERg5YiiKVKnKIUQaQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhM2FlZDkxZjI5YjJjYzdkM2UwNWYyNDBkOTkxMzc1ODFk
OWI1YjMwHhcNMjMwMTAyMDMyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTE3YmJkNDg4ZTcyMmQ2ZGY1ZWQ5YTRlZTRmNjE4YzI1NDA5ZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7WTAyHxl8FR9lzf5aNnHjF1EIOu
ZyOZkQ7xc9lFzK24f23G+kfKP+rYDajPUE3j4dKloMoMF0wAGuWp9hypIhGIeMKD
bj6toeU5fc2z9niSMTtxEL4dBbLQCI1cPynZsR42UGt2OJ0xGtHTOAPx+H4LzChA
zWTtyTbsxwCcqmWJ0Su2amKNp0PLt2435VVIEpGeeb8UZxaGpXGSST5z+j4l9DT3
6nI+jxqdNsMXEQIdmsPx9uvfJZS+3aYxbgJw7jMlhz1tXb8/z1/ZgnRg2B59YFsk
0y9zGePXcKhm9599ckCwELIHcwmovBWf4TVUaXpPnggwHgMuOpbry3UIWQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOEXu9SI5yLW317ZpO5PYYwlQJ6nMB8GA1UdIwQY
MBaAFKo67ZHymyzH0+BfJA2ZE3WB2bWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYt
MDRlMWViMmE5MzI4LzEvNFJlNzFJam5JdGJmWHRtazdrOWhqQ1ZBbnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYtMDRlMWViMmE5MzI4
LzEvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPtiAAwQE
UE0AAwQCVV8YMA0EAgACMAcDBQAgARoAMA0GCSqGSIb3DQEBCwUAA4IBAQBGWBtr
mgRIB0iGbgSX4Xl5JsERChnjwvAtfAnxM9pNRE9Ebn+dmRMHHsxQk8pObq2FcFL7
PKDuQ9RPEbOrmgFy9ea3N7WnjEAHwz7EmevH20avev+cYcBrnavZQt0HQQp66FiC
cFq6RvJHt187Ieqw/zVG5mqbdQGW8UXpf3Tzo/WYdu424WKIxLQPU6AuG4MS7WNi
43yZ+G+NmzS28Dy8oQEreZEQh5tsTG1uGgZEn1Zm03yD31ZjEJZMRUVcdbTUKPPp
DKWrIbVCKzcH61KgoObhY9Z7kE2T621gwP6ZnZpN1tFjoAKPY8kSB6zyfgY++tS+
UiJbio2oXrix2MDZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:56 2024 by rpki-client on console-ams.rpki-client.org