Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/AAVSQuVTrGcUi4yf6m60D3KvlNg.roa
File: AAVSQuVTrGcUi4yf6m60D3KvlNg.roa (raw, json)
Hash identifier: DeF6IOqdrebRz7R26avBkM49oM/IAXHd92unhF7XEKw=
Subject key identifier: 00:05:52:42:E5:53:AC:67:14:8B:8C:9F:EA:6E:B4:0F:72:AF:94:D8
Certificate issuer: /CN=3108ad527c720eb79707b3fb7b172c88b733b133
Certificate serial: 01857315DE8CCCD46E7C435E14DFBE2AB101
Authority key identifier: 31:08:AD:52:7C:72:0E:B7:97:07:B3:FB:7B:17:2C:88:B7:33:B1:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQitUnxyDreXB7P7excsiLczsTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/AAVSQuVTrGcUi4yf6m60D3KvlNg.roa
Signing time: Mon 02 Jan 2023 15:24:51 +0000
ROA not before: Mon 02 Jan 2023 15:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138915
IP address blocks: 194.110.138.0/24 maxlen: 24
194.110.134.0/24 maxlen: 24
194.110.135.0/24 maxlen: 24
194.110.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:de:8c:cc:d4:6e:7c:43:5e:14:df:be:2a:b1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3108ad527c720eb79707b3fb7b172c88b733b133
Validity
Not Before: Jan 2 15:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00055242e553ac67148b8c9fea6eb40f72af94d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cd:58:63:88:f0:8a:c0:18:b4:0f:6b:fa:34:
e6:a2:c1:a2:9e:05:97:49:cb:95:d8:ce:2c:b8:2e:
93:ca:5f:66:f4:89:7a:88:91:9c:cc:ef:73:00:62:
b3:5b:85:71:41:34:5a:e6:37:0c:07:94:82:f1:85:
3a:69:f3:a5:41:ab:8c:d0:f7:e6:4f:a9:ee:14:2f:
cf:f5:d8:e3:9a:be:9b:da:4b:0b:e2:e1:fb:96:c7:
ab:35:40:fe:37:2c:9f:5a:1b:b6:d7:90:86:e2:4f:
5a:ca:28:ee:1d:f9:24:f3:95:f6:ba:7c:25:1a:35:
30:43:4b:31:37:75:d9:13:4f:4c:d3:fd:12:d6:93:
84:a4:db:16:da:3e:7c:f1:28:a1:0b:5d:fd:15:bf:
61:1e:82:27:e9:6f:ec:54:cd:e0:f4:70:23:09:5a:
00:c0:19:67:94:97:e9:d5:60:92:5f:89:b2:5b:78:
68:10:42:00:36:30:54:ae:16:d4:f3:0e:1b:1d:86:
ad:88:66:d2:a2:7c:ef:2f:43:99:ef:f9:f3:cb:1f:
9f:08:64:02:bf:17:59:a4:91:02:09:11:2c:9c:6f:
01:6a:87:17:06:00:f3:a2:18:b1:4b:9a:6d:73:45:
7c:03:ec:f3:bb:5b:9c:25:ae:c9:1b:2c:38:b0:1d:
8e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:05:52:42:E5:53:AC:67:14:8B:8C:9F:EA:6E:B4:0F:72:AF:94:D8
X509v3 Authority Key Identifier:
keyid:31:08:AD:52:7C:72:0E:B7:97:07:B3:FB:7B:17:2C:88:B7:33:B1:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQitUnxyDreXB7P7excsiLczsTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/AAVSQuVTrGcUi4yf6m60D3KvlNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/332c23-d793-4553-84ea-afa99b3fffe3/1/MQitUnxyDreXB7P7excsiLczsTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.134.0/23
194.110.138.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:a0:13:5a:3b:47:a5:de:13:39:7c:f8:ce:1e:dc:40:68:3e:
cd:83:14:78:8f:26:e0:59:5e:0b:37:9d:d3:d5:d8:7b:4a:bc:
61:40:41:82:43:ab:ad:be:b0:08:8b:cd:f4:08:6d:6e:9f:8c:
96:54:93:8b:c3:21:54:e3:ae:fd:1d:05:8c:a5:73:99:9b:e3:
59:f2:e7:07:1c:70:3e:10:a1:df:d2:45:14:4b:e1:9e:cc:fe:
76:65:f9:ca:b4:ab:0e:32:40:5a:16:bb:bf:57:e6:20:cc:02:
bd:34:9b:02:b7:12:10:05:bc:59:64:c0:43:10:b0:57:b9:83:
20:35:8d:49:30:1f:56:32:ea:50:8a:1e:91:66:05:81:ac:45:
96:40:c4:b9:f4:85:16:bd:ed:33:fa:7e:b0:29:bc:2b:1c:f1:
5e:8a:b9:40:0f:b1:00:8d:66:0a:58:0d:b7:64:88:10:3f:1e:
41:96:be:c0:f7:3e:4d:d4:08:fe:89:8c:74:9d:8c:a9:f7:97:
44:85:1b:a4:d9:a5:33:17:53:f4:c8:6b:97:35:6b:fa:37:40:
11:5c:e0:d8:77:60:fd:10:57:b9:ca:81:f7:5d:b6:ba:6e:19:
81:e3:e4:3f:81:5f:03:1f:2f:1c:d1:f9:df:96:da:8b:5e:e7:
3d:b9:54:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzFd6MzNRufENeFN++KrEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMDhhZDUyN2M3MjBlYjc5NzA3YjNmYjdiMTcyYzg4Yjcz
M2IxMzMwHhcNMjMwMTAyMTUyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA1NTI0MmU1NTNhYzY3MTQ4YjhjOWZlYTZlYjQwZjcyYWY5NGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis1YY4jwisAYtA9r+jTmosGingWX
ScuV2M4suC6Tyl9m9Il6iJGczO9zAGKzW4VxQTRa5jcMB5SC8YU6afOlQauM0Pfm
T6nuFC/P9djjmr6b2ksL4uH7lserNUD+NyyfWhu215CG4k9ayijuHfkk85X2unwl
GjUwQ0sxN3XZE09M0/0S1pOEpNsW2j588SihC139Fb9hHoIn6W/sVM3g9HAjCVoA
wBlnlJfp1WCSX4myW3hoEEIANjBUrhbU8w4bHYatiGbSonzvL0OZ7/nzyx+fCGQC
vxdZpJECCREsnG8BaocXBgDzohixS5ptc0V8A+zzu1ucJa7JGyw4sB2OIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAAFUkLlU6xnFIuMn+putA9yr5TYMB8GA1UdIwQY
MBaAFDEIrVJ8cg63lwez+3sXLIi3M7EzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFpdFVueHlEcmVYQjdQN2V4Y3NpTGN6c1RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8zMzJjMjMtZDc5My00NTUzLTg0ZWEt
YWZhOTliM2ZmZmUzLzEvQUFWU1F1VlRyR2NVaTR5ZjZtNjBEM0t2bE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8zMzJjMjMtZDc5My00NTUzLTg0ZWEtYWZhOTliM2ZmZmUz
LzEvTVFpdFVueHlEcmVYQjdQN2V4Y3NpTGN6c1RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwm6GAwQB
wm6KMA0GCSqGSIb3DQEBCwUAA4IBAQC8oBNaO0el3hM5fPjOHtxAaD7NgxR4jybg
WV4LN53T1dh7SrxhQEGCQ6utvrAIi830CG1un4yWVJOLwyFU4679HQWMpXOZm+NZ
8ucHHHA+EKHf0kUUS+GezP52ZfnKtKsOMkBaFru/V+YgzAK9NJsCtxIQBbxZZMBD
ELBXuYMgNY1JMB9WMupQih6RZgWBrEWWQMS59IUWve0z+n6wKbwrHPFeirlAD7EA
jWYKWA23ZIgQPx5Blr7A9z5N1Aj+iYx0nYyp95dEhRuk2aUzF1P0yGuXNWv6N0AR
XODYd2D9EFe5yoH3Xba6bhmB4+Q/gV8DHy8c0fnfltqLXuc9uVQb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:00 2024 by rpki-client on console-fra.rpki-client.org