Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/aijaaqJDlZvCYFgAFHnngqHYJuk.roa
File: aijaaqJDlZvCYFgAFHnngqHYJuk.roa (raw, json)
Hash identifier: Kz4hLT0KY1gJ789cvdGfkjpN6gW5730AIa+42TDh+W0=
Subject key identifier: 6A:28:DA:6A:A2:43:95:9B:C2:60:58:00:14:79:E7:82:A1:D8:26:E9
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 0188805063670DAC226AF0F725C943E266C5
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/aijaaqJDlZvCYFgAFHnngqHYJuk.roa
Signing time: Sat 03 Jun 2023 08:12:11 +0000
ROA not before: Sat 03 Jun 2023 08:12:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35179
IP address blocks: 185.49.29.0/24 maxlen: 24
185.49.30.0/23 maxlen: 23
83.168.72.0/21 maxlen: 24
83.168.108.0/23 maxlen: 23
79.110.192.0/20 maxlen: 24
193.239.56.0/22 maxlen: 24
2a01:96e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:80:50:63:67:0d:ac:22:6a:f0:f7:25:c9:43:e2:66:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Jun 3 08:12:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a28da6aa243959bc26058001479e782a1d826e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:9b:70:c1:6d:1c:74:df:fd:ce:3d:00:77:ec:
d8:70:9e:94:1f:85:91:0c:64:ae:fb:fb:6c:e5:62:
e1:d1:8f:e3:c5:86:20:b2:8a:4f:06:25:f4:84:fe:
a8:97:66:6e:36:f5:8b:14:cb:c3:c0:14:a9:8e:c2:
73:3d:d2:08:86:ac:e2:bf:43:76:2b:93:83:a9:1d:
9a:0c:0a:10:96:65:35:4e:d7:75:a8:47:61:19:53:
72:30:3d:9c:c4:9f:1c:1d:92:e4:7e:38:17:20:57:
b4:4e:14:50:0c:62:e6:25:25:1e:ee:e3:fa:9b:84:
df:ae:8e:a4:cd:ed:a6:84:0b:51:1f:25:e8:cf:4a:
5c:f7:d4:fa:17:13:b3:35:22:5e:3c:61:d5:01:6a:
0f:d9:e4:04:ca:bc:2c:56:18:1a:3b:a5:3e:bc:fa:
04:a6:2f:2e:fe:dc:2f:74:31:3a:4c:00:a7:b7:3d:
1d:54:f4:b2:fd:b6:2e:51:74:26:08:b9:03:16:ad:
6d:ab:ff:50:71:d3:ba:a1:11:af:43:c2:7a:f2:b0:
bd:43:9c:d8:16:63:a2:50:ab:14:6c:a0:4f:ce:22:
f3:3c:b5:42:60:52:db:91:2e:cc:e9:f7:dd:ac:64:
34:6e:0f:fe:86:e0:ca:77:36:2f:91:c4:09:b4:b8:
8a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:28:DA:6A:A2:43:95:9B:C2:60:58:00:14:79:E7:82:A1:D8:26:E9
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/aijaaqJDlZvCYFgAFHnngqHYJuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.192.0/20
83.168.72.0/21
83.168.108.0/23
185.49.29.0-185.49.31.255
193.239.56.0/22
IPv6:
2a01:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
a6:7e:7f:ab:5b:4e:51:07:ee:71:02:b0:8a:28:f0:10:95:55:
26:12:c2:70:89:de:4c:4e:7c:c4:4f:3b:d0:08:a6:2a:1c:12:
e7:ff:5f:5d:87:83:f1:8e:ca:af:dd:c3:fb:ab:cd:e1:c3:70:
3a:41:65:c9:47:da:43:98:c9:6f:25:56:30:c9:26:c2:78:66:
d7:a7:ca:1c:1f:4f:9a:e1:90:be:a1:9c:b4:58:8b:cd:40:fa:
cc:3a:fe:c0:64:74:c0:ea:d1:44:5e:cc:d3:51:af:24:f0:f6:
d5:32:8b:e8:0d:28:0b:f3:97:84:8b:21:f3:ee:7d:03:d2:44:
bc:ee:5c:02:ba:dd:1e:ae:73:52:ea:7b:03:9b:67:27:f8:9f:
fa:be:e3:55:4a:9a:db:d9:01:d7:ca:c5:b0:07:b8:d3:86:63:
1f:bc:cb:10:c4:c9:92:d7:68:7f:d4:f0:0d:60:37:8f:f8:b3:
2b:d6:2d:ed:0f:85:ad:fd:ac:32:3c:63:2d:9c:31:f6:94:2e:
38:53:a7:26:a5:44:e6:9f:3e:0b:97:1c:cb:e4:32:c7:44:c2:
3b:69:1d:6a:4b:c3:b0:19:31:18:cf:31:5a:61:06:33:70:07:
1c:d6:ab:a1:d6:2a:fc:5c:a7:67:92:c5:d4:91:88:6e:17:a7:
08:b8:e6:ea
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYiAUGNnDawiavD3JclD4mbFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjMwNjAzMDgxMjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTI4ZGE2YWEyNDM5NTliYzI2MDU4MDAxNDc5ZTc4MmExZDgyNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ptwwW0cdN/9zj0Ad+zYcJ6UH4WR
DGSu+/ts5WLh0Y/jxYYgsopPBiX0hP6ol2ZuNvWLFMvDwBSpjsJzPdIIhqziv0N2
K5ODqR2aDAoQlmU1Ttd1qEdhGVNyMD2cxJ8cHZLkfjgXIFe0ThRQDGLmJSUe7uP6
m4Tfro6kze2mhAtRHyXoz0pc99T6FxOzNSJePGHVAWoP2eQEyrwsVhgaO6U+vPoE
pi8u/twvdDE6TACntz0dVPSy/bYuUXQmCLkDFq1tq/9QcdO6oRGvQ8J68rC9Q5zY
FmOiUKsUbKBPziLzPLVCYFLbkS7M6ffdrGQ0bg/+huDKdzYvkcQJtLiKuwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFGoo2mqiQ5WbwmBYABR554Kh2CbpMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvYWlqYWFxSkRsWnZDWUZnQUZIbm5ncUhZSnVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQET27AAwQD
U6hIAwQBU6hsMAwDBAC5MR0DBAW5MQADBALB7zgwDQQCAAIwBwMFACoBluAwDQYJ
KoZIhvcNAQELBQADggEBAKZ+f6tbTlEH7nECsIoo8BCVVSYSwnCJ3kxOfMRPO9AI
piocEuf/X12Hg/GOyq/dw/urzeHDcDpBZclH2kOYyW8lVjDJJsJ4ZtenyhwfT5rh
kL6hnLRYi81A+sw6/sBkdMDq0URezNNRryTw9tUyi+gNKAvzl4SLIfPufQPSRLzu
XAK63R6uc1LqewObZyf4n/q+41VKmtvZAdfKxbAHuNOGYx+8yxDEyZLXaH/U8A1g
N4/4syvWLe0Pha39rDI8Yy2cMfaULjhTpyalROafPguXHMvkMsdEwjtpHWpLw7AZ
MRjPMVphBjNwBxzWq6HWKvxcp2eSxdSRiG4Xpwi45uo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:38 2024 by rpki-client on console-fra.rpki-client.org