Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/AwzTVgOYtY7bAYW-fAiS5mOw9t0.roa
File: AwzTVgOYtY7bAYW-fAiS5mOw9t0.roa (raw, json)
Hash identifier: HTh12dBv5au4jyvdyZc5c+lPwV5cje/FA4c2sR/Exyc=
Subject key identifier: 03:0C:D3:56:03:98:B5:8E:DB:01:85:BE:7C:08:92:E6:63:B0:F6:DD
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 01856D0A91C0B603E8F64FB9F82CC123BF91
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/AwzTVgOYtY7bAYW-fAiS5mOw9t0.roa
Signing time: Sun 01 Jan 2023 11:14:47 +0000
ROA not before: Sun 01 Jan 2023 11:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20978
IP address blocks: 213.161.151.0/24 maxlen: 24
213.161.153.0/24 maxlen: 24
213.161.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:91:c0:b6:03:e8:f6:4f:b9:f8:2c:c1:23:bf:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 1 11:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=030cd3560398b58edb0185be7c0892e663b0f6dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f8:e3:87:a5:fb:7d:88:a7:23:bc:a7:4e:58:
db:00:c1:22:33:84:9d:7e:04:76:3a:32:05:d1:d6:
a8:fd:ae:6b:ec:bb:1c:c0:a5:dd:3e:65:46:4b:7d:
26:3e:21:35:72:d6:d8:ad:27:4a:a0:2f:43:15:1a:
28:73:bc:fa:c4:fb:d6:49:43:78:ac:87:0d:7f:b4:
d9:b9:fe:a7:29:62:67:3b:ee:09:19:75:99:61:fd:
e3:3c:25:04:05:92:6a:5d:8f:6e:44:d7:bb:ce:63:
65:3f:1b:00:02:8c:59:c7:05:b4:e2:2e:f0:86:51:
2a:a0:82:19:c7:33:ec:48:6a:5d:18:d3:ca:bd:3a:
2b:3b:99:e8:52:92:8b:f9:17:1b:7c:b4:97:18:67:
ea:0c:27:0a:3e:1d:c2:2c:c3:5a:1f:5e:2c:f5:ea:
03:40:c5:ad:8a:37:65:09:90:61:d7:87:64:9c:e1:
88:e2:c3:b5:57:bf:42:6f:21:35:61:ba:75:a5:68:
7b:93:ba:dd:e0:07:e0:b7:fe:54:26:b6:27:e4:ca:
54:0d:af:48:e8:2a:4c:2b:83:35:ce:a3:a1:99:68:
15:85:8a:b4:cc:dd:36:60:0d:ef:75:7c:81:d1:5b:
7f:59:7c:ff:04:79:07:94:e0:31:30:21:b1:bf:5e:
13:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0C:D3:56:03:98:B5:8E:DB:01:85:BE:7C:08:92:E6:63:B0:F6:DD
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/AwzTVgOYtY7bAYW-fAiS5mOw9t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.161.151.0/24
213.161.153.0/24
213.161.157.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ca:e9:a3:48:46:10:9f:45:b5:07:fd:44:fe:aa:04:a7:4d:
16:a4:dd:cf:99:4a:1a:78:d3:0e:1e:e8:b5:58:d0:ab:19:45:
a7:d2:9c:6b:4c:07:55:14:b6:39:11:96:7d:2b:a3:77:b8:d7:
91:80:d0:bf:4a:08:90:9b:00:cb:79:4f:f4:02:f5:ae:2e:4f:
31:3e:a0:21:3a:c8:79:de:b1:09:15:f7:f9:a3:c0:84:d2:be:
fa:bb:94:d9:a8:5e:d6:d3:2c:26:3f:43:de:27:e7:9e:27:84:
1b:cd:71:32:1f:02:73:28:7f:95:2c:ab:04:07:97:2c:72:e7:
fd:47:68:17:6e:c0:e4:f7:8b:cd:05:d0:18:10:7a:a4:15:3b:
b0:da:31:25:81:2c:80:51:e3:09:92:6a:38:c2:fb:b3:8b:3a:
11:3f:1f:48:16:19:27:1a:af:6d:7d:8c:d5:d7:ff:5a:44:d2:
00:47:c8:c8:58:5a:86:24:a8:39:b1:18:80:5a:7f:dd:8c:a1:
c3:07:25:0d:83:e0:66:4a:fa:af:a5:2a:4b:5c:ba:60:5c:9f:
f4:92:f5:78:38:09:3e:57:8a:e5:c6:80:f8:cf:ff:d9:24:df:
17:b7:5c:a4:80:0b:37:d9:7c:68:8f:e8:9b:66:13:37:85:07:
62:17:d5:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtCpHAtgPo9k+5+CzBI7+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTlmMmFkOTE1ODRiYWZmMDQ2NzQ0N2JhYzhmYjk3OGQx
ZjlkZDMwHhcNMjMwMTAxMTExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzBjZDM1NjAzOThiNThlZGIwMTg1YmU3YzA4OTJlNjYzYjBmNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfjjh6X7fYinI7ynTljbAMEiM4Sd
fgR2OjIF0dao/a5r7LscwKXdPmVGS30mPiE1ctbYrSdKoC9DFRooc7z6xPvWSUN4
rIcNf7TZuf6nKWJnO+4JGXWZYf3jPCUEBZJqXY9uRNe7zmNlPxsAAoxZxwW04i7w
hlEqoIIZxzPsSGpdGNPKvTorO5noUpKL+RcbfLSXGGfqDCcKPh3CLMNaH14s9eoD
QMWtijdlCZBh14dknOGI4sO1V79CbyE1Ybp1pWh7k7rd4Afgt/5UJrYn5MpUDa9I
6CpMK4M1zqOhmWgVhYq0zN02YA3vdXyB0Vt/WXz/BHkHlOAxMCGxv14TvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAMM01YDmLWO2wGFvnwIkuZjsPbdMB8GA1UdIwQY
MBaAFDkZ8q2RWEuv8EZ0R7rI+5eNH53TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUt
MzJhYTY3MzFjMjkxLzEvQXd6VFZnT1l0WTdiQVlXLWZBaVM1bU93OXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85MTE4ZTItYWU3NC00YzI0LWE3NzUtMzJhYTY3MzFjMjkx
LzEvT1JueXJaRllTNl93Um5SSHVzajdsNDBmbmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1aGXAwQA
1aGZAwQA1aGdMA0GCSqGSIb3DQEBCwUAA4IBAQBVyumjSEYQn0W1B/1E/qoEp00W
pN3PmUoaeNMOHui1WNCrGUWn0pxrTAdVFLY5EZZ9K6N3uNeRgNC/SgiQmwDLeU/0
AvWuLk8xPqAhOsh53rEJFff5o8CE0r76u5TZqF7W0ywmP0PeJ+eeJ4QbzXEyHwJz
KH+VLKsEB5cscuf9R2gXbsDk94vNBdAYEHqkFTuw2jElgSyAUeMJkmo4wvuzizoR
Px9IFhknGq9tfYzV1/9aRNIAR8jIWFqGJKg5sRiAWn/djKHDByUNg+BmSvqvpSpL
XLpgXJ/0kvV4OAk+V4rlxoD4z//ZJN8Xt1ykgAs32Xxoj+ibZhM3hQdiF9UF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:14 2024 by rpki-client on console-fra.rpki-client.org