Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/aqvQIkdPzCACTwt-D0NTqhI5gME.roa
File: aqvQIkdPzCACTwt-D0NTqhI5gME.roa (raw, json)
Hash identifier: 1tM8ZY/vZEvy68Ud2FIIFf65+1/7jRjaB9VNW0qlT4c=
Subject key identifier: 6A:AB:D0:22:47:4F:CC:20:02:4F:0B:7E:0F:43:53:AA:12:39:80:C1
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018CC801D3E99D99D50A91FB2B4A7552C6B1
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/aqvQIkdPzCACTwt-D0NTqhI5gME.roa
Signing time: Tue 02 Jan 2024 02:30:12 +0000
ROA not before: Tue 02 Jan 2024 02:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.255.54.0/24 maxlen: 24
62.133.34.0/24 maxlen: 24
77.75.225.0/24 maxlen: 24
2a0b:4080::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 20 Jan 2024 08:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:d3:e9:9d:99:d5:0a:91:fb:2b:4a:75:52:c6:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 2 02:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6aabd022474fcc20024f0b7e0f4353aa123980c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9b:3f:df:db:f1:5d:41:b8:b8:10:e6:dd:1d:
69:28:f0:28:fb:6d:69:ab:8e:03:3d:22:69:3e:d2:
01:04:80:6b:31:00:6e:ec:b0:26:40:02:7b:99:b9:
3c:7b:88:07:f0:a7:53:be:f2:6d:f4:3e:b4:4d:97:
03:d5:88:6c:82:6c:b4:e4:47:20:43:ce:2e:d6:2a:
d4:3a:fa:0b:7f:d9:14:dc:c7:77:a5:c5:db:8f:2c:
08:68:8d:88:7f:5d:52:61:5c:63:34:3c:f6:60:52:
4b:55:bf:d1:31:05:66:68:e5:c2:f6:44:3e:72:22:
29:b2:8f:4b:86:35:15:1f:84:ba:6e:94:d9:19:a0:
c1:d1:52:64:49:72:16:c7:2c:17:7e:57:39:1c:f9:
fb:0d:87:02:80:5c:d5:5c:66:31:18:8a:a8:f2:33:
99:4a:8d:6b:79:59:39:36:fb:21:06:96:1d:7f:1c:
74:31:a2:90:75:ef:f0:eb:45:4b:1c:0b:9e:f6:ce:
c7:81:a6:9a:48:2a:7c:3f:cd:7c:c1:f0:ae:4c:98:
9b:ba:7d:7d:ae:7e:8b:e1:e6:99:e5:20:9f:e0:9d:
2b:67:61:40:2f:d2:64:bd:d3:0e:aa:db:00:39:27:
4a:d6:0c:6e:c0:12:f1:16:90:14:3b:66:a7:1b:66:
01:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AB:D0:22:47:4F:CC:20:02:4F:0B:7E:0F:43:53:AA:12:39:80:C1
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/aqvQIkdPzCACTwt-D0NTqhI5gME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.133.34.0/24
77.75.225.0/24
185.255.54.0/24
IPv6:
2a0b:4080::/32
Signature Algorithm: sha256WithRSAEncryption
16:9e:f6:4a:0f:a9:82:73:f3:5e:0b:bb:5c:3b:da:a6:8a:d6:
43:90:e5:9c:19:2d:53:bd:22:81:55:7c:f6:db:ef:b6:11:6c:
d3:72:29:7b:d5:ec:f5:e3:69:ee:be:a2:d7:7e:14:1e:65:49:
81:f6:e6:67:16:ac:3f:01:0e:3b:70:b3:a5:7f:52:22:fb:53:
d5:9f:e2:80:23:69:c8:57:2a:27:25:46:48:cc:98:15:28:25:
3c:7d:48:9d:bf:c0:34:21:42:66:1a:8b:c9:8e:09:50:6c:75:
d3:e9:1e:8e:15:f6:e9:97:3b:9a:f6:b1:3a:1a:cd:4b:21:aa:
62:84:eb:82:b0:23:ba:a6:87:c4:b2:33:44:de:56:f1:86:b5:
dc:43:d0:1a:aa:ed:be:2e:55:83:19:6c:5d:3c:d2:d7:2d:e6:
d5:a8:b0:ae:55:db:23:c6:96:ad:22:33:9a:9c:67:1c:90:57:
c5:52:f2:fc:b6:e0:c6:fa:03:ac:86:d1:b3:49:ef:82:10:cd:
0b:1b:0a:fe:96:83:8c:9b:96:35:94:c6:b8:f5:bc:c6:22:fd:
22:2e:5a:4f:d2:75:f7:ae:03:bd:de:23:7e:d9:a4:cb:c4:ad:
d8:f1:4e:10:1d:cf:06:80:67:fc:a9:8a:ac:61:f2:2c:24:9b:
c1:9f:6e:43
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAdPpnZnVCpH7K0p1UsaxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwMTAyMDIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWFiZDAyMjQ3NGZjYzIwMDI0ZjBiN2UwZjQzNTNhYTEyMzk4MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJs/39vxXUG4uBDm3R1pKPAo+21p
q44DPSJpPtIBBIBrMQBu7LAmQAJ7mbk8e4gH8KdTvvJt9D60TZcD1Yhsgmy05Ecg
Q84u1irUOvoLf9kU3Md3pcXbjywIaI2If11SYVxjNDz2YFJLVb/RMQVmaOXC9kQ+
ciIpso9LhjUVH4S6bpTZGaDB0VJkSXIWxywXflc5HPn7DYcCgFzVXGYxGIqo8jOZ
So1reVk5NvshBpYdfxx0MaKQde/w60VLHAue9s7HgaaaSCp8P818wfCuTJibun19
rn6L4eaZ5SCf4J0rZ2FAL9JkvdMOqtsAOSdK1gxuwBLxFpAUO2anG2YBYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGqr0CJHT8wgAk8Lfg9DU6oSOYDBMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvYXF2UUlrZFB6Q0FDVHd0LUQwTlRxaEk1Z01FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAPoUiAwQA
TUvhAwQAuf82MA0EAgACMAcDBQAqC0CAMA0GCSqGSIb3DQEBCwUAA4IBAQAWnvZK
D6mCc/NeC7tcO9qmitZDkOWcGS1TvSKBVXz22++2EWzTcil71ez142nuvqLXfhQe
ZUmB9uZnFqw/AQ47cLOlf1Ii+1PVn+KAI2nIVyonJUZIzJgVKCU8fUidv8A0IUJm
GovJjglQbHXT6R6OFfbplzua9rE6Gs1LIapihOuCsCO6pofEsjNE3lbxhrXcQ9Aa
qu2+LlWDGWxdPNLXLebVqLCuVdsjxpatIjOanGcckFfFUvL8tuDG+gOshtGzSe+C
EM0LGwr+loOMm5Y1lMa49bzGIv0iLlpP0nX3rgO93iN+2aTLxK3Y8U4QHc8GgGf8
qYqsYfIsJJvBn25D
-----END CERTIFICATE-----
Generated at Sat Jan 20 09:21:42 2024 by rpki-client on console-ams.rpki-client.org