Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AlnFP2-OnHXs0Eb_bJ5hC7nG3cc.roa
File: AlnFP2-OnHXs0Eb_bJ5hC7nG3cc.roa (raw, json)
Hash identifier: gL4zvkYZgwzOL8ct0SaRMVtqZNZqoG8oS9EgIzgORXE=
Subject key identifier: 02:59:C5:3F:6F:8E:9C:75:EC:D0:46:FF:6C:9E:61:0B:B9:C6:DD:C7
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801E0E9821C9986F9A7193A62EC794B
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AlnFP2-OnHXs0Eb_bJ5hC7nG3cc.roa
Signing time: Tue 02 Jan 2024 02:30:15 +0000
ROA not before: Tue 02 Jan 2024 02:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209484
IP address blocks: 176.113.70.0/24 maxlen: 24
176.113.68.0/24 maxlen: 24
176.113.71.0/24 maxlen: 24
176.113.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Jun 2024 14:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:e0:e9:82:1c:99:86:f9:a7:19:3a:62:ec:79:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0259c53f6f8e9c75ecd046ff6c9e610bb9c6ddc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:61:ea:a4:6a:93:95:6c:e7:80:33:36:17:73:
2b:eb:2a:39:83:2a:5e:ba:59:f2:61:c7:e8:0b:8f:
aa:4d:3c:69:da:ed:e2:b9:a7:cf:7d:5e:12:c4:8d:
62:d3:93:64:cc:97:b9:ac:b8:10:70:57:fe:a2:ed:
14:af:8b:8a:6e:9c:82:01:ea:30:c6:f4:4b:ad:8d:
e8:1f:b0:aa:3d:61:41:61:6f:48:8a:41:b8:5f:cb:
8b:47:26:65:e5:12:3a:66:f3:04:72:5e:39:68:7a:
94:05:98:86:2e:bc:0e:f3:22:ea:6f:f6:57:fb:bd:
f9:fa:ae:aa:fb:7e:d5:e4:18:8a:8e:e2:01:99:a6:
5a:99:93:4b:fb:44:12:f5:73:d2:ab:eb:08:99:01:
87:ef:9c:59:21:35:49:c1:14:5b:57:9f:8b:ba:3d:
fe:14:56:e9:7d:b8:9d:38:9b:94:04:7f:e7:a7:b2:
1c:aa:28:2e:30:66:99:c8:e6:49:60:8a:79:85:74:
2f:6e:d3:06:f7:6c:26:02:e3:6b:8f:02:64:84:01:
54:cb:78:3a:f2:b3:33:f8:e7:6b:64:e8:2e:86:23:
64:0f:95:79:4e:b4:d2:6a:0c:99:94:d7:1c:c0:60:
9b:54:3e:26:c6:29:cf:39:ab:ef:d9:f7:22:a4:57:
a0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:59:C5:3F:6F:8E:9C:75:EC:D0:46:FF:6C:9E:61:0B:B9:C6:DD:C7
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/AlnFP2-OnHXs0Eb_bJ5hC7nG3cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.113.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:a5:de:43:22:70:1d:f3:f6:4a:09:f5:2f:64:1b:4c:2d:39:
45:16:6c:90:c3:bc:ff:41:96:cc:ed:99:c4:37:e4:51:e6:14:
1e:4d:f1:a5:e5:f3:47:3a:07:81:5e:2d:02:36:2d:b9:25:38:
c7:4a:c2:55:29:6f:71:fa:c3:94:f0:48:5d:08:77:e2:9a:51:
79:4c:5b:5b:af:19:38:df:60:d6:c2:17:ae:18:b9:80:8c:02:
79:0e:56:fa:73:df:3a:07:c5:5d:f4:7c:86:17:57:57:bc:7a:
19:3a:a8:39:f0:9a:f1:bd:52:9f:76:70:0a:53:09:dc:de:6f:
51:30:cd:cf:08:4d:c5:4d:a1:38:73:68:01:96:7f:cd:7c:73:
c4:3a:00:03:69:de:5f:e2:a0:dc:6b:c9:c7:28:8d:a4:76:66:
63:e7:18:fa:c3:91:3f:0c:74:14:6e:0c:ad:f8:a6:dc:10:6c:
08:de:35:8c:2f:cb:dc:aa:52:b6:96:51:cc:f0:3e:dc:7f:08:
ce:02:26:4b:66:fd:e5:db:52:cf:6b:75:8a:97:dd:11:46:d1:
8c:d0:5c:81:d3:1d:47:9f:d8:88:88:3d:42:7e:78:3b:55:72:
cb:df:84:7a:ca:ad:49:3d:94:68:50:be:91:28:35:e4:f7:e5:
1c:b1:84:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAeDpghyZhvmnGTpi7HlLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjU5YzUzZjZmOGU5Yzc1ZWNkMDQ2ZmY2YzllNjEwYmI5YzZkZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomHqpGqTlWzngDM2F3Mr6yo5gype
ulnyYcfoC4+qTTxp2u3iuafPfV4SxI1i05NkzJe5rLgQcFf+ou0Ur4uKbpyCAeow
xvRLrY3oH7CqPWFBYW9IikG4X8uLRyZl5RI6ZvMEcl45aHqUBZiGLrwO8yLqb/ZX
+735+q6q+37V5BiKjuIBmaZamZNL+0QS9XPSq+sImQGH75xZITVJwRRbV5+Luj3+
FFbpfbidOJuUBH/np7IcqiguMGaZyOZJYIp5hXQvbtMG92wmAuNrjwJkhAFUy3g6
8rMz+OdrZOguhiNkD5V5TrTSagyZlNccwGCbVD4mxinPOavv2fcipFeg6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJZxT9vjpx17NBG/2yeYQu5xt3HMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvQWxuRlAyLU9uSFhzMEViX2JKNWhDN25HM2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHFEMA0G
CSqGSIb3DQEBCwUAA4IBAQArpd5DInAd8/ZKCfUvZBtMLTlFFmyQw7z/QZbM7ZnE
N+RR5hQeTfGl5fNHOgeBXi0CNi25JTjHSsJVKW9x+sOU8EhdCHfimlF5TFtbrxk4
32DWwheuGLmAjAJ5Dlb6c986B8Vd9HyGF1dXvHoZOqg58JrxvVKfdnAKUwnc3m9R
MM3PCE3FTaE4c2gBln/NfHPEOgADad5f4qDca8nHKI2kdmZj5xj6w5E/DHQUbgyt
+KbcEGwI3jWML8vcqlK2llHM8D7cfwjOAiZLZv3l21LPa3WKl90RRtGM0FyB0x1H
n9iIiD1Cfng7VXLL34R6yq1JPZRoUL6RKDXk9+UcsYQD
-----END CERTIFICATE-----
Generated at Wed Jun 26 19:05:29 2024 by rpki-client on console-fra.rpki-client.org