Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/A9zYDm6opAp8-8C97xv7LWC0AFQ.roa
File: A9zYDm6opAp8-8C97xv7LWC0AFQ.roa (raw, json)
Hash identifier: IdI2CF0mEK2+hRV98P4pKsVshltXrrD6OsEb/lON2D8=
Subject key identifier: 03:DC:D8:0E:6E:A8:A4:0A:7C:FB:C0:BD:EF:1B:FB:2D:60:B4:00:54
Certificate issuer: /CN=1820f13139161384eaf13a1f7db60e2c68a43956
Certificate serial: 018CC492E5BEBAF05B9B9115A2BAD9E85492
Authority key identifier: 18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/A9zYDm6opAp8-8C97xv7LWC0AFQ.roa
Signing time: Mon 01 Jan 2024 10:30:10 +0000
ROA not before: Mon 01 Jan 2024 10:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42611
IP address blocks: 84.18.224.0/19 maxlen: 24
85.208.12.0/22 maxlen: 24
91.193.8.0/22 maxlen: 24
2a09:8040::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e5:be:ba:f0:5b:9b:91:15:a2:ba:d9:e8:54:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1820f13139161384eaf13a1f7db60e2c68a43956
Validity
Not Before: Jan 1 10:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03dcd80e6ea8a40a7cfbc0bdef1bfb2d60b40054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:25:94:43:13:37:6d:47:88:80:0b:9a:43:96:
ec:60:06:fe:48:46:45:eb:4d:66:78:81:ef:65:04:
63:6a:9c:33:f3:e9:c8:90:af:42:5d:b9:4a:04:d8:
b2:dc:de:3b:e0:66:d6:8c:5d:84:18:0f:68:1c:84:
bc:63:56:7a:3b:e6:a9:9b:c9:34:e5:d8:b0:c3:91:
de:a0:ac:06:b7:95:41:08:19:00:21:49:2c:4a:a5:
da:8f:ab:3f:9d:77:d4:32:7d:ff:d5:6d:98:0d:a5:
f4:97:b1:e9:24:dc:15:32:b4:9e:ea:7a:d6:ff:32:
5d:eb:ce:d2:12:97:ec:50:fa:1d:63:a6:07:74:c8:
ef:99:31:84:bb:82:fd:27:f0:7e:f8:a8:4b:24:38:
59:86:87:e9:3e:e8:ae:7d:7e:41:bc:c0:b8:c0:64:
8a:f0:3e:c0:8c:c4:ed:a2:f1:19:25:a2:ff:7a:58:
9a:40:fb:81:67:78:21:4a:30:a1:33:94:0b:37:8d:
e0:a0:e4:c5:5c:1f:60:b6:21:37:b4:67:14:45:7e:
11:c8:46:66:cd:48:b6:b2:57:b7:6b:a9:1c:61:92:
73:71:b2:97:1c:10:0b:25:26:8c:7b:0b:59:10:3d:
96:53:5c:14:a0:07:99:5c:00:08:e1:02:85:93:e1:
38:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DC:D8:0E:6E:A8:A4:0A:7C:FB:C0:BD:EF:1B:FB:2D:60:B4:00:54
X509v3 Authority Key Identifier:
keyid:18:20:F1:31:39:16:13:84:EA:F1:3A:1F:7D:B6:0E:2C:68:A4:39:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GCDxMTkWE4Tq8ToffbYOLGikOVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/A9zYDm6opAp8-8C97xv7LWC0AFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/60dc0f-0aed-4bee-90b7-367dc385261a/1/GCDxMTkWE4Tq8ToffbYOLGikOVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.18.224.0/19
85.208.12.0/22
91.193.8.0/22
IPv6:
2a09:8040::/29
Signature Algorithm: sha256WithRSAEncryption
83:5b:28:0a:5e:2b:92:c8:f4:ba:fd:cb:1a:07:80:c4:4b:1a:
0c:ad:66:01:6b:3f:47:5d:f9:a9:8a:d2:da:d0:5c:35:7d:7c:
a5:d5:b1:34:d0:1b:96:df:92:92:ec:5c:e7:8d:60:31:9f:0c:
3e:0d:49:d2:ec:6d:87:fe:97:64:61:d3:06:25:9c:18:a6:8c:
6a:79:93:3c:20:42:04:31:70:04:8f:dd:b0:6f:1c:f4:a5:2d:
52:88:03:36:73:a0:17:5a:69:ac:7e:cd:b1:33:e0:96:2a:70:
2b:e9:0c:24:3f:1c:0b:c4:42:66:fc:aa:00:37:71:d6:e6:93:
0d:9b:c6:9e:6e:54:c5:4c:7f:e0:43:4e:b9:82:21:e1:e5:2c:
79:a0:90:45:48:85:a2:29:d4:02:c8:a1:ba:8a:fa:34:1b:8b:
65:b4:89:fa:68:87:d9:ed:5a:73:2d:75:d0:7b:89:e7:84:53:
63:e5:83:75:26:51:80:36:b4:e9:e4:46:15:b9:d0:2f:eb:3b:
3a:f8:2f:00:8a:0a:5d:15:f3:bd:bd:92:f5:37:e1:17:72:11:
d5:aa:d7:14:04:47:ca:00:04:df:50:31:39:c8:4a:bf:d6:87:
b7:53:bb:47:4f:47:61:e1:04:6e:a3:2a:9f:a8:1f:c1:88:6d:
d9:ca:30:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkuW+uvBbm5EVorrZ6FSSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MjBmMTMxMzkxNjEzODRlYWYxM2ExZjdkYjYwZTJjNjhh
NDM5NTYwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RjZDgwZTZlYThhNDBhN2NmYmMwYmRlZjFiZmIyZDYwYjQwMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCWUQxM3bUeIgAuaQ5bsYAb+SEZF
601meIHvZQRjapwz8+nIkK9CXblKBNiy3N474GbWjF2EGA9oHIS8Y1Z6O+apm8k0
5diww5HeoKwGt5VBCBkAIUksSqXaj6s/nXfUMn3/1W2YDaX0l7HpJNwVMrSe6nrW
/zJd687SEpfsUPodY6YHdMjvmTGEu4L9J/B++KhLJDhZhofpPuiufX5BvMC4wGSK
8D7AjMTtovEZJaL/eliaQPuBZ3ghSjChM5QLN43goOTFXB9gtiE3tGcURX4RyEZm
zUi2sle3a6kcYZJzcbKXHBALJSaMewtZED2WU1wUoAeZXAAI4QKFk+E4FQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAPc2A5uqKQKfPvAve8b+y1gtABUMB8GA1UdIwQY
MBaAFBgg8TE5FhOE6vE6H322DixopDlWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjct
MzY3ZGMzODUyNjFhLzEvQTl6WURtNm9wQXA4LThDOTd4djdMV0MwQUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi82MGRjMGYtMGFlZC00YmVlLTkwYjctMzY3ZGMzODUyNjFh
LzEvR0NEeE1Ua1dFNFRxOFRvZmZiWU9MR2lrT1ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVBLgAwQC
VdAMAwQCW8EIMA0EAgACMAcDBQMqCYBAMA0GCSqGSIb3DQEBCwUAA4IBAQCDWygK
XiuSyPS6/csaB4DESxoMrWYBaz9HXfmpitLa0Fw1fXyl1bE00BuW35KS7FznjWAx
nww+DUnS7G2H/pdkYdMGJZwYpoxqeZM8IEIEMXAEj92wbxz0pS1SiAM2c6AXWmms
fs2xM+CWKnAr6QwkPxwLxEJm/KoAN3HW5pMNm8aeblTFTH/gQ065giHh5Sx5oJBF
SIWiKdQCyKG6ivo0G4tltIn6aIfZ7VpzLXXQe4nnhFNj5YN1JlGANrTp5EYVudAv
6zs6+C8AigpdFfO9vZL1N+EXchHVqtcUBEfKAATfUDE5yEq/1oe3U7tHT0dh4QRu
oyqfqB/BiG3ZyjDq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:44 2025 by rpki-client