Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/AAVumEyDo4vSmxGEsGZbuSi_0ag.roa
File: AAVumEyDo4vSmxGEsGZbuSi_0ag.roa (raw, json)
Hash identifier: n9fAedZpkAhFHxrX5cEdZUwK1t0cG+4HsNJUVGnBPMw=
Subject key identifier: 00:05:6E:98:4C:83:A3:8B:D2:9B:11:84:B0:66:5B:B9:28:BF:D1:A8
Certificate issuer: /CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Certificate serial: 019424B38F2A904A94655BC841459C816F77
Authority key identifier: 29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/AAVumEyDo4vSmxGEsGZbuSi_0ag.roa
Signing time: Thu 02 Jan 2025 01:48:54 +0000
ROA not before: Thu 02 Jan 2025 01:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209114
IP address blocks: 193.33.120.0/24 maxlen: 24
194.31.130.0/24 maxlen: 24
2a12:6e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 20 Feb 2025 07:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:8f:2a:90:4a:94:65:5b:c8:41:45:9c:81:6f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f9670ee2a30eac8c0a39dc47ff7a8cd2473b00
Validity
Not Before: Jan 2 01:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00056e984c83a38bd29b1184b0665bb928bfd1a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8b:e3:4c:54:45:bc:ee:97:ef:8c:13:48:3f:
45:7c:43:ca:9c:3b:15:75:76:5a:4d:f7:cb:31:69:
cd:32:5b:b9:6e:77:39:d8:7d:0c:02:09:cb:bd:fa:
26:17:e8:8f:eb:2c:02:db:6e:c7:8f:9b:89:5b:87:
6a:da:6f:6e:02:64:f6:e5:01:09:e0:61:0b:56:79:
c5:a0:2b:82:f1:47:10:b8:f7:73:bc:b0:cd:6c:5e:
ac:15:1e:67:fd:c6:2c:6a:c1:ac:26:15:c1:54:3e:
d9:f0:69:ea:d6:7f:78:d6:8d:7c:d6:62:fa:83:2e:
a1:c0:ca:56:d7:ec:24:f1:03:54:86:8b:9f:f3:87:
27:fd:60:d6:f9:71:fa:1a:fd:e3:c9:94:1e:7b:78:
b3:41:c1:d9:38:64:ad:22:41:96:ee:91:d2:2c:34:
23:14:0b:6e:9f:f8:05:3b:fc:32:18:90:20:e3:1c:
80:2b:91:99:d2:c4:5f:88:29:f7:08:cf:f3:5f:f4:
6e:52:41:39:94:51:8c:78:43:32:85:a0:51:43:bc:
da:c6:0e:e2:6a:6d:fc:41:7c:66:1d:8a:2e:71:6f:
cd:c9:df:86:97:6e:e6:a8:47:3d:16:3a:3e:e1:6f:
65:54:ac:be:16:64:65:d3:d2:fd:bc:11:5f:c0:f5:
66:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:05:6E:98:4C:83:A3:8B:D2:9B:11:84:B0:66:5B:B9:28:BF:D1:A8
X509v3 Authority Key Identifier:
keyid:29:F9:67:0E:E2:A3:0E:AC:8C:0A:39:DC:47:FF:7A:8C:D2:47:3B:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KflnDuKjDqyMCjncR_96jNJHOwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/AAVumEyDo4vSmxGEsGZbuSi_0ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ff76d-f116-4430-8407-6e29efdfd4e3/1/KflnDuKjDqyMCjncR_96jNJHOwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.120.0/24
194.31.130.0/24
IPv6:
2a12:6e40::/29
Signature Algorithm: sha256WithRSAEncryption
82:02:c4:1e:68:2a:97:93:0f:77:fd:91:d7:b2:93:ce:02:1b:
32:40:78:51:ac:01:de:cc:f3:78:71:39:f9:78:30:b6:d7:b2:
4c:60:fc:23:16:c6:a1:e3:ba:23:32:73:ac:7d:3f:86:e1:1a:
0e:88:a1:4f:4c:10:88:a9:a8:4f:86:7c:71:de:8c:50:0d:96:
58:dc:68:e0:ee:ea:57:53:bf:17:ff:a6:48:58:d5:8f:60:ba:
79:6d:57:dd:5f:36:80:2f:4a:b5:52:94:d4:74:fe:a3:3d:75:
6c:53:37:00:6f:7d:fb:ec:03:52:eb:f6:b0:56:56:63:f9:cb:
58:3f:bd:ae:a3:a3:cd:b9:60:02:cf:c4:56:47:7c:1e:94:54:
20:3b:f6:97:66:9d:8f:f6:13:00:6d:6e:b0:7a:a7:99:ae:dd:
16:f7:51:ba:b5:21:97:84:d0:2f:c7:fb:bc:e6:a9:6e:65:a5:
32:bb:52:76:1e:a4:b2:a5:da:47:56:16:1e:77:3f:37:24:51:
39:3c:a3:02:0d:bf:6d:48:83:1c:3d:9e:01:20:ed:d2:a0:58:
4f:ac:52:b3:d0:32:f5:43:a2:8d:d3:12:30:50:f6:34:63:84:
61:95:73:c9:11:ff:1b:9f:50:52:d0:10:3b:fe:d5:ff:75:14:
e1:ea:18:f4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQks48qkEqUZVvIQUWcgW93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Zjk2NzBlZTJhMzBlYWM4YzBhMzlkYzQ3ZmY3YThjZDI0
NzNiMDAwHhcNMjUwMTAyMDE0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA1NmU5ODRjODNhMzhiZDI5YjExODRiMDY2NWJiOTI4YmZkMWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4vjTFRFvO6X74wTSD9FfEPKnDsV
dXZaTffLMWnNMlu5bnc52H0MAgnLvfomF+iP6ywC227Hj5uJW4dq2m9uAmT25QEJ
4GELVnnFoCuC8UcQuPdzvLDNbF6sFR5n/cYsasGsJhXBVD7Z8Gnq1n941o181mL6
gy6hwMpW1+wk8QNUhouf84cn/WDW+XH6Gv3jyZQee3izQcHZOGStIkGW7pHSLDQj
FAtun/gFO/wyGJAg4xyAK5GZ0sRfiCn3CM/zX/RuUkE5lFGMeEMyhaBRQ7zaxg7i
am38QXxmHYoucW/Nyd+Gl27mqEc9Fjo+4W9lVKy+FmRl09L9vBFfwPVmXQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAAFbphMg6OL0psRhLBmW7kov9GoMB8GA1UdIwQY
MBaAFCn5Zw7iow6sjAo53Ef/eozSRzsAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDct
NmUyOWVmZGZkNGUzLzEvQUFWdW1FeURvNHZTbXhHRXNHWmJ1U2lfMGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yZmY3NmQtZjExNi00NDMwLTg0MDctNmUyOWVmZGZkNGUz
LzEvS2ZsbkR1S2pEcXlNQ2puY1JfOTZqTkpIT3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwSF4AwQA
wh+CMA0EAgACMAcDBQMqEm5AMA0GCSqGSIb3DQEBCwUAA4IBAQCCAsQeaCqXkw93
/ZHXspPOAhsyQHhRrAHezPN4cTn5eDC217JMYPwjFsah47ojMnOsfT+G4RoOiKFP
TBCIqahPhnxx3oxQDZZY3Gjg7upXU78X/6ZIWNWPYLp5bVfdXzaAL0q1UpTUdP6j
PXVsUzcAb3377ANS6/awVlZj+ctYP72uo6PNuWACz8RWR3welFQgO/aXZp2P9hMA
bW6weqeZrt0W91G6tSGXhNAvx/u85qluZaUyu1J2HqSypdpHVhYedz83JFE5PKMC
Db9tSIMcPZ4BIO3SoFhPrFKz0DL1Q6KN0xIwUPY0Y4RhlXPJEf8bn1BS0BA7/tX/
dRTh6hj0
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:26:51 2025 by rpki-client