Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/AAk-WVo7Dw6ZB6WnE3Dz-ynWbM0.roa
File: AAk-WVo7Dw6ZB6WnE3Dz-ynWbM0.roa (raw, json)
Hash identifier: chRjdWas6OwenvqYivLUz0A7UI0CNF+5ImRGY4Z4Lpk=
Subject key identifier: 00:09:3E:59:5A:3B:0F:0E:99:07:A5:A7:13:70:F3:FB:29:D6:6C:CD
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 018E74CA663B9C17FCD95034EADC2DC2498B
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/AAk-WVo7Dw6ZB6WnE3Dz-ynWbM0.roa
Signing time: Mon 25 Mar 2024 08:46:45 +0000
ROA not before: Mon 25 Mar 2024 08:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 145.219.22.0/24 maxlen: 24
145.219.24.0/22 maxlen: 22
145.219.28.0/22 maxlen: 22
2a04:b0c0:10:1001::/64 maxlen: 64
2a04:b0c0:10:1002::/64 maxlen: 64
2a04:b0c0:10:1003::/64 maxlen: 64
Validation: Failed, certificate revoked on Wed 27 Mar 2024 09:24:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:ca:66:3b:9c:17:fc:d9:50:34:ea:dc:2d:c2:49:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 25 08:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00093e595a3b0f0e9907a5a71370f3fb29d66ccd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1d:58:27:c2:a0:75:8d:64:9d:36:e9:18:b5:
8d:e5:6e:b2:cf:97:54:10:58:49:f2:24:24:73:0e:
71:26:9d:d4:39:66:55:43:74:99:19:01:9d:30:cf:
3a:7b:40:2e:d0:b1:41:ac:92:27:f1:ae:c3:81:04:
60:de:34:d1:86:86:c5:f5:83:fb:e8:e2:10:92:ec:
11:1a:d7:e5:b5:4b:49:0b:5e:bf:89:a1:fa:30:a1:
71:eb:ab:94:bb:7e:9b:81:5f:4f:46:aa:c1:de:a4:
bb:eb:6c:24:cd:cb:3f:73:a6:d9:1c:79:42:e9:0c:
47:fe:ea:a4:b5:97:c3:74:85:63:02:9a:45:24:27:
27:cd:b6:80:8b:09:55:78:54:0e:40:d3:35:6d:16:
81:7a:b3:43:bc:af:3a:bd:07:b1:87:f0:c0:06:6c:
2a:33:1f:34:82:3f:ff:63:97:98:bb:d2:3f:5e:5f:
e0:c2:fc:38:79:5b:db:a0:33:73:94:80:06:d2:c3:
96:36:6d:68:2d:6f:c5:52:de:d4:3b:02:fc:76:79:
cc:ec:81:49:99:81:e1:3b:06:ce:7f:78:13:06:b4:
31:5b:1c:22:61:c8:86:32:1f:3b:db:9e:5e:cb:48:
84:3a:c6:cc:86:93:a0:b4:62:fc:60:5d:a5:95:1c:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:09:3E:59:5A:3B:0F:0E:99:07:A5:A7:13:70:F3:FB:29:D6:6C:CD
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/AAk-WVo7Dw6ZB6WnE3Dz-ynWbM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.22.0/24
145.219.24.0/21
IPv6:
2a04:b0c0:10:1001::-2a04:b0c0:10:1003:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:ed:36:d8:0b:32:99:47:b8:0e:91:77:07:80:58:6b:8f:3d:
a9:ce:90:92:cc:5d:1b:c0:61:3a:57:2d:c2:b8:9a:8e:f2:6f:
40:21:b5:49:c2:9c:57:76:4c:80:6e:83:54:bf:0e:be:b4:b7:
bd:11:b2:d0:4a:df:b0:e4:6d:a2:d8:7f:d7:c2:db:2a:ce:61:
9e:87:5a:40:00:d7:fb:37:45:9c:4e:7a:91:2d:ef:8b:72:ef:
38:70:19:ab:07:ab:dc:d3:7a:d2:92:15:7e:c2:4e:0e:02:4e:
13:b2:9e:e7:c9:78:82:83:5e:61:8d:d7:27:ed:98:92:38:fe:
5a:df:09:d4:a2:19:4e:a7:bc:a5:1c:ba:22:4c:cc:8d:8b:b8:
3a:9f:22:c4:86:98:6a:9c:76:5d:13:53:58:91:7a:9c:1e:09:
36:4c:87:41:7a:0b:2c:f1:96:ed:c8:75:01:d8:61:11:d6:b7:
ee:df:06:e7:8b:e7:71:88:cb:d8:86:32:fd:a3:40:8e:ea:28:
96:37:eb:df:f6:33:fb:91:b7:9e:96:9f:f7:46:e0:b5:57:99:
48:b5:a4:28:a5:20:30:a1:6d:a6:52:ed:8e:76:0e:55:84:01:
ac:04:98:5f:71:7f:bc:71:91:b4:26:0f:0a:40:a1:2c:2c:55:
ec:6c:cf:b4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY50ymY7nBf82VA06twtwkmLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjQwMzI1MDg0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA5M2U1OTVhM2IwZjBlOTkwN2E1YTcxMzcwZjNmYjI5ZDY2Y2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh1YJ8KgdY1knTbpGLWN5W6yz5dU
EFhJ8iQkcw5xJp3UOWZVQ3SZGQGdMM86e0Au0LFBrJIn8a7DgQRg3jTRhobF9YP7
6OIQkuwRGtfltUtJC16/iaH6MKFx66uUu36bgV9PRqrB3qS762wkzcs/c6bZHHlC
6QxH/uqktZfDdIVjAppFJCcnzbaAiwlVeFQOQNM1bRaBerNDvK86vQexh/DABmwq
Mx80gj//Y5eYu9I/Xl/gwvw4eVvboDNzlIAG0sOWNm1oLW/FUt7UOwL8dnnM7IFJ
mYHhOwbOf3gTBrQxWxwiYciGMh87255ey0iEOsbMhpOgtGL8YF2llRx5QQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAAJPllaOw8OmQelpxNw8/sp1mzNMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvQUFrLVdWbzdEdzZaQjZXbkUzRHoteW5XYk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDASBAIAATAMAwQAkdsWAwQD
kdsYMB4EAgACMBgwFgMJACoEsMAAEBABAwkCKgSwwAAQEAAwDQYJKoZIhvcNAQEL
BQADggEBAH3tNtgLMplHuA6RdweAWGuPPanOkJLMXRvAYTpXLcK4mo7yb0AhtUnC
nFd2TIBug1S/Dr60t70RstBK37DkbaLYf9fC2yrOYZ6HWkAA1/s3RZxOepEt74ty
7zhwGasHq9zTetKSFX7CTg4CThOynufJeIKDXmGN1yftmJI4/lrfCdSiGU6nvKUc
uiJMzI2LuDqfIsSGmGqcdl0TU1iRepweCTZMh0F6Cyzxlu3IdQHYYRHWt+7fBueL
53GIy9iGMv2jQI7qKJY369/2M/uRt56Wn/dG4LVXmUi1pCilIDChbaZS7Y52DlWE
AawEmF9xf7xxkbQmDwpAoSwsVexsz7Q=
-----END CERTIFICATE-----
Generated at Wed Mar 27 12:42:48 2024 by rpki-client on console-fra.rpki-client.org