Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/AStxTEIxlA5RMd-5WsmXj0PaHn4.roa
File: AStxTEIxlA5RMd-5WsmXj0PaHn4.roa (raw, json)
Hash identifier: +tAV7BIc6NXlBYFsGDZNgm2A2fg89xwaKzks/+J9i4Y=
Subject key identifier: 01:2B:71:4C:42:31:94:0E:51:31:DF:B9:5A:C9:97:8F:43:DA:1E:7E
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 018FA5E69349C16146475B58599823B78E9E
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/AStxTEIxlA5RMd-5WsmXj0PaHn4.roa
Signing time: Thu 23 May 2024 14:41:42 +0000
ROA not before: Thu 23 May 2024 14:41:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215783
IP address blocks: 185.141.152.0/22 maxlen: 22
2a07:2440::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Jun 2024 06:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:e6:93:49:c1:61:46:47:5b:58:59:98:23:b7:8e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: May 23 14:41:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=012b714c4231940e5131dfb95ac9978f43da1e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:db:6a:10:c3:3f:ff:cf:f7:f3:a8:89:56:
38:64:21:9f:6e:5e:b5:9d:4d:8b:7b:85:bb:ae:45:
53:86:9f:c0:de:14:2d:97:67:4e:de:ab:ab:3e:85:
73:50:b9:4a:7f:02:66:27:4e:ee:20:95:5c:da:08:
3a:de:1c:b0:c7:dc:c9:06:8a:b7:cf:35:49:1e:5d:
07:da:2f:3c:38:86:08:a6:be:d9:62:e9:b9:4a:d4:
54:6e:d0:35:a6:31:14:28:d7:67:7c:d5:9e:b4:64:
78:4a:a9:f7:86:75:12:50:38:c9:a0:52:d8:48:b1:
24:13:ad:56:09:22:4d:e1:73:89:7d:ad:b3:ce:77:
47:87:7a:8f:9c:78:84:16:74:e4:cb:8a:b8:8d:63:
78:64:a9:db:e2:8d:21:0c:b6:81:e0:9c:81:cc:e6:
18:28:17:95:a9:82:dc:6e:bb:7c:a2:de:fd:59:42:
aa:7a:50:84:f5:8f:6f:ba:04:2a:8f:86:91:f8:95:
d8:fb:08:ae:69:82:4f:88:1e:52:84:96:1a:ee:22:
4e:95:3a:e6:20:72:38:ed:4f:7d:9a:fa:19:97:65:
d2:72:d3:52:8b:90:fb:9d:5a:0f:96:11:7f:7a:87:
bd:ee:5c:07:18:66:31:60:af:1e:07:0e:63:39:7c:
b3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2B:71:4C:42:31:94:0E:51:31:DF:B9:5A:C9:97:8F:43:DA:1E:7E
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/AStxTEIxlA5RMd-5WsmXj0PaHn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.152.0/22
IPv6:
2a07:2440::/29
Signature Algorithm: sha256WithRSAEncryption
49:22:7d:45:69:24:5e:f4:60:98:ac:39:5e:b6:c2:d2:c0:ba:
7d:f4:20:0d:43:8d:7b:50:8b:b6:d3:50:41:59:c1:2c:e6:f9:
42:d4:0e:5b:83:8f:d7:9f:f7:f7:3e:dd:04:42:dd:cc:1a:74:
f6:85:55:2f:ec:30:f5:14:f3:bf:8c:9a:fc:d9:4c:60:15:8d:
9d:c2:af:30:8a:9e:90:d2:dc:6f:08:6a:56:b2:d2:49:5c:8f:
67:43:dc:28:7f:58:b5:e6:4c:40:c8:33:fa:80:a6:f1:5a:dc:
dd:12:15:f1:48:fb:22:6a:9b:c0:1d:61:fe:9c:8e:96:6d:c5:
76:2e:5d:b8:75:dd:07:48:b1:12:1c:6e:bd:b0:14:97:c0:70:
e7:53:17:17:c6:b1:9f:07:ff:72:45:e9:dc:a5:18:ef:b0:8a:
ba:fc:20:d2:a5:47:6e:cc:38:a3:7f:68:a4:00:c7:ba:bd:79:
25:d1:bc:4d:a6:f1:76:ec:9c:a0:b5:c0:bb:4d:27:c8:6f:c9:
7c:6b:80:35:f1:8c:32:d4:12:45:0b:30:a0:ac:ad:64:b6:80:
29:e4:db:0d:b3:4c:3d:b8:3c:0d:34:d5:e2:ea:2f:fe:41:d6:
8f:12:28:cd:3d:58:1e:ad:94:bf:46:eb:b0:8c:7b:1b:16:9b:
2e:b0:05:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+l5pNJwWFGR1tYWZgjt46eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjQwNTIzMTQ0MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTJiNzE0YzQyMzE5NDBlNTEzMWRmYjk1YWM5OTc4ZjQzZGExZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucnbahDDP//P9/OoiVY4ZCGfbl61
nU2Le4W7rkVThp/A3hQtl2dO3qurPoVzULlKfwJmJ07uIJVc2gg63hywx9zJBoq3
zzVJHl0H2i88OIYIpr7ZYum5StRUbtA1pjEUKNdnfNWetGR4Sqn3hnUSUDjJoFLY
SLEkE61WCSJN4XOJfa2zzndHh3qPnHiEFnTky4q4jWN4ZKnb4o0hDLaB4JyBzOYY
KBeVqYLcbrt8ot79WUKqelCE9Y9vugQqj4aR+JXY+wiuaYJPiB5ShJYa7iJOlTrm
IHI47U99mvoZl2XSctNSi5D7nVoPlhF/eoe97lwHGGYxYK8eBw5jOXyzjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAErcUxCMZQOUTHfuVrJl49D2h5+MB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvQVN0eFRFSXhsQTVSTWQtNVdzbVhqMFBhSG40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2YMA0E
AgACMAcDBQMqByRAMA0GCSqGSIb3DQEBCwUAA4IBAQBJIn1FaSRe9GCYrDletsLS
wLp99CANQ417UIu201BBWcEs5vlC1A5bg4/Xn/f3Pt0EQt3MGnT2hVUv7DD1FPO/
jJr82UxgFY2dwq8wip6Q0txvCGpWstJJXI9nQ9wof1i15kxAyDP6gKbxWtzdEhXx
SPsiapvAHWH+nI6WbcV2Ll24dd0HSLESHG69sBSXwHDnUxcXxrGfB/9yRencpRjv
sIq6/CDSpUduzDijf2ikAMe6vXkl0bxNpvF27JygtcC7TSfIb8l8a4A18Ywy1BJF
CzCgrK1ktoAp5NsNs0w9uDwNNNXi6i/+QdaPEijNPVgerZS/RuuwjHsbFpsusAWv
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:29:54 2025 by rpki-client