Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/aamT5bfeEOOopBr-x5lWCDPUutg.roa
File: aamT5bfeEOOopBr-x5lWCDPUutg.roa (raw, json)
Hash identifier: 68lyRZNQ1jNYZ8XhzX07GIFLCJ29Yv+GIhRQ1DHPD8U=
Subject key identifier: 69:A9:93:E5:B7:DE:10:E3:A8:A4:1A:FE:C7:99:56:08:33:D4:BA:D8
Certificate issuer: /CN=9258825767fbc083732a96e1812ccc5bfe150185
Certificate serial: 0185710C0EF2D5663205DC408D3A3C8991AE
Authority key identifier: 92:58:82:57:67:FB:C0:83:73:2A:96:E1:81:2C:CC:5B:FE:15:01:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kliCV2f7wINzKpbhgSzMW_4VAYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/aamT5bfeEOOopBr-x5lWCDPUutg.roa
Signing time: Mon 02 Jan 2023 05:54:53 +0000
ROA not before: Mon 02 Jan 2023 05:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48803
IP address blocks: 185.67.56.0/22 maxlen: 22
217.73.96.0/20 maxlen: 20
2a00:c740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:0e:f2:d5:66:32:05:dc:40:8d:3a:3c:89:91:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9258825767fbc083732a96e1812ccc5bfe150185
Validity
Not Before: Jan 2 05:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69a993e5b7de10e3a8a41afec799560833d4bad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:74:80:6a:1b:ab:60:24:fd:c0:f2:b9:67:4b:
79:34:27:1e:48:93:b6:51:1f:da:63:3a:60:c3:db:
70:61:35:4e:34:7a:5d:e9:e2:14:33:17:39:1d:17:
55:b7:55:37:95:04:d1:be:fa:0e:38:a3:b9:e3:ca:
35:02:4a:a6:fa:33:83:8c:3e:90:c7:87:c5:c0:6e:
7b:72:63:df:55:88:d9:d1:3c:40:a7:38:38:54:49:
b6:14:64:57:ca:d7:81:04:d2:31:9c:23:38:56:df:
fd:5d:99:a4:fd:91:e6:88:6a:c5:9a:74:22:ba:fb:
8a:b1:53:c7:13:1a:36:16:6f:f9:0b:4d:39:86:24:
17:5e:4c:5e:41:f7:f1:30:79:71:7b:40:2f:60:a5:
e8:ec:99:2c:ae:ea:04:82:5a:99:24:46:c7:7c:6d:
51:f9:e0:8c:35:95:7c:43:d7:56:14:85:75:a8:fa:
60:75:a2:d4:0a:d5:39:05:7e:39:be:9b:5c:4e:3c:
81:4e:4b:22:c9:53:0f:f4:f9:46:1d:bb:de:81:6f:
d2:28:a3:4f:51:22:e7:20:e0:67:a5:76:da:20:95:
4a:c3:6a:f4:89:0d:45:89:9b:c7:ab:4d:21:c7:51:
27:66:9e:01:da:23:0d:c8:13:2a:40:1c:cf:f6:50:
2c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A9:93:E5:B7:DE:10:E3:A8:A4:1A:FE:C7:99:56:08:33:D4:BA:D8
X509v3 Authority Key Identifier:
keyid:92:58:82:57:67:FB:C0:83:73:2A:96:E1:81:2C:CC:5B:FE:15:01:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kliCV2f7wINzKpbhgSzMW_4VAYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/aamT5bfeEOOopBr-x5lWCDPUutg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/7b6677-d2c4-4191-9fee-bd19b0836151/1/kliCV2f7wINzKpbhgSzMW_4VAYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.56.0/22
217.73.96.0/20
IPv6:
2a00:c740::/32
Signature Algorithm: sha256WithRSAEncryption
1c:52:c4:b6:12:06:ec:64:06:df:25:ea:8d:07:6f:96:3b:32:
74:2b:28:2b:59:17:9e:7c:a2:e5:49:69:55:86:32:c5:4e:57:
8c:93:3d:a6:07:78:16:90:b4:73:cb:89:4e:3f:ab:26:c6:1e:
38:ad:0d:a3:87:02:55:2f:9b:fa:ad:4e:f4:29:0d:a1:78:66:
ba:6e:c1:d2:03:2d:11:33:8c:15:3e:e1:90:32:9c:9f:b1:29:
04:84:fa:a4:33:69:1c:4b:7b:0d:e7:b6:cf:3d:b4:07:f6:ad:
12:92:2f:79:4d:3d:2d:88:3a:64:36:48:6e:6c:13:44:0c:95:
85:3b:10:9c:39:58:8c:1f:9b:4f:87:55:d6:85:6c:aa:42:43:
a2:69:de:9a:6e:fa:7d:c7:0b:a6:23:a0:d2:20:8d:d2:be:5e:
3a:32:4c:76:8c:fa:8a:97:20:39:30:34:d8:6b:57:4e:71:47:
9e:d4:fc:ee:8b:08:f0:05:68:e2:db:0d:6f:80:03:cb:b8:99:
d3:95:df:d3:95:e1:a8:ad:02:be:28:87:74:29:d0:bb:7c:d6:
db:1a:86:4c:43:60:00:6c:5a:b6:8c:c2:ed:61:76:47:a8:5f:
fe:a6:a5:08:b9:3a:32:81:28:de:00:ca:21:33:78:00:93:a1:
81:50:c0:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxDA7y1WYyBdxAjTo8iZGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTg4MjU3NjdmYmMwODM3MzJhOTZlMTgxMmNjYzViZmUx
NTAxODUwHhcNMjMwMTAyMDU1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWE5OTNlNWI3ZGUxMGUzYThhNDFhZmVjNzk5NTYwODMzZDRiYWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXSAahurYCT9wPK5Z0t5NCceSJO2
UR/aYzpgw9twYTVONHpd6eIUMxc5HRdVt1U3lQTRvvoOOKO548o1Akqm+jODjD6Q
x4fFwG57cmPfVYjZ0TxApzg4VEm2FGRXyteBBNIxnCM4Vt/9XZmk/ZHmiGrFmnQi
uvuKsVPHExo2Fm/5C005hiQXXkxeQffxMHlxe0AvYKXo7JksruoEglqZJEbHfG1R
+eCMNZV8Q9dWFIV1qPpgdaLUCtU5BX45vptcTjyBTksiyVMP9PlGHbvegW/SKKNP
USLnIOBnpXbaIJVKw2r0iQ1FiZvHq00hx1EnZp4B2iMNyBMqQBzP9lAsZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGmpk+W33hDjqKQa/seZVggz1LrYMB8GA1UdIwQY
MBaAFJJYgldn+8CDcyqW4YEszFv+FQGFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xpQ1YyZjd3SU56S3BiaGdTek1XXzRWQVlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS83YjY2NzctZDJjNC00MTkxLTlmZWUt
YmQxOWIwODM2MTUxLzEvYWFtVDViZmVFT09vcEJyLXg1bFdDRFBVdXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS83YjY2NzctZDJjNC00MTkxLTlmZWUtYmQxOWIwODM2MTUx
LzEva2xpQ1YyZjd3SU56S3BiaGdTek1XXzRWQVlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUM4AwQE
2UlgMA0EAgACMAcDBQAqAMdAMA0GCSqGSIb3DQEBCwUAA4IBAQAcUsS2EgbsZAbf
JeqNB2+WOzJ0KygrWReefKLlSWlVhjLFTleMkz2mB3gWkLRzy4lOP6smxh44rQ2j
hwJVL5v6rU70KQ2heGa6bsHSAy0RM4wVPuGQMpyfsSkEhPqkM2kcS3sN57bPPbQH
9q0Ski95TT0tiDpkNkhubBNEDJWFOxCcOViMH5tPh1XWhWyqQkOiad6abvp9xwum
I6DSII3Svl46Mkx2jPqKlyA5MDTYa1dOcUee1PzuiwjwBWji2w1vgAPLuJnTld/T
leGorQK+KId0KdC7fNbbGoZMQ2AAbFq2jMLtYXZHqF/+pqUIuToygSjeAMohM3gA
k6GBUMBg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:22 2024 by rpki-client on console-ams.rpki-client.org