Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/aZeHXEnpjhFqkufBTf0d-0lZV7E.roa
File: aZeHXEnpjhFqkufBTf0d-0lZV7E.roa (raw, json)
Hash identifier: Y817/KBNlTaNzS5uu5eeKh0woVSeHfrTAJvestd5VHY=
Subject key identifier: 69:97:87:5C:49:E9:8E:11:6A:92:E7:C1:4D:FD:1D:FB:49:59:57:B1
Certificate issuer: /CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Certificate serial: 018CC801DC6C896831038BF8C22AF9DE0BB5
Authority key identifier: FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/aZeHXEnpjhFqkufBTf0d-0lZV7E.roa
Signing time: Tue 02 Jan 2024 02:30:14 +0000
ROA not before: Tue 02 Jan 2024 02:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 92.53.160.0/22 maxlen: 24
92.53.164.0/22 maxlen: 24
92.53.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 00:09:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:dc:6c:89:68:31:03:8b:f8:c2:2a:f9:de:0b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe779e56238b6f2ea068ede4e20aef00c904132b
Validity
Not Before: Jan 2 02:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6997875c49e98e116a92e7c14dfd1dfb495957b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3b:de:a0:1c:28:48:94:d1:7d:03:e2:ff:09:
1f:28:bc:ef:6c:cd:d4:c6:88:20:c6:43:64:23:77:
82:de:b8:f0:73:f1:96:22:ca:75:18:47:37:18:e3:
0b:1b:bc:00:48:8f:aa:38:b7:b2:9c:82:37:68:95:
2e:8b:90:67:1c:5e:d3:02:60:ef:96:23:af:1f:e3:
e3:b1:b8:76:d2:5a:16:de:a3:d8:ef:60:e0:e1:ae:
0f:19:c2:6a:3f:26:fd:fc:86:98:aa:a7:75:d2:11:
b6:e0:7f:fc:b8:9b:ee:28:b8:20:35:c0:aa:1b:43:
15:76:1b:3b:c5:93:2d:fb:91:87:7e:7f:8d:58:4d:
35:ea:46:a5:ea:bc:9c:ea:77:08:1e:de:23:bd:bd:
85:cc:2c:70:7a:63:02:ef:46:d3:18:6a:c5:e6:5b:
de:c5:77:f6:1a:ab:46:98:c4:f3:cc:02:9c:b3:34:
bb:d0:12:ba:13:ac:4b:2c:fd:5c:6b:5c:c3:aa:e9:
76:74:03:15:ea:4a:99:df:80:a9:31:86:fe:9d:eb:
d1:e8:65:22:0e:25:1e:05:5c:58:aa:6c:92:84:a0:
0a:39:f1:e9:bc:af:9c:fe:3d:ce:2f:ff:72:ce:f1:
14:5f:a0:1b:97:5e:cb:86:8e:57:8b:33:9d:c7:97:
05:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:97:87:5C:49:E9:8E:11:6A:92:E7:C1:4D:FD:1D:FB:49:59:57:B1
X509v3 Authority Key Identifier:
keyid:FE:77:9E:56:23:8B:6F:2E:A0:68:ED:E4:E2:0A:EF:00:C9:04:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_neeViOLby6gaO3k4grvAMkEEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/aZeHXEnpjhFqkufBTf0d-0lZV7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4de598-6b03-4bef-ab14-33894913dcb7/1/_neeViOLby6gaO3k4grvAMkEEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.160.0/21
92.53.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:4e:7f:21:4d:b9:7b:4d:71:a0:db:d0:51:0e:b1:7c:25:ac:
ef:95:77:28:d2:4a:ab:70:6e:11:34:28:73:1e:1b:16:ed:f2:
00:1b:81:8e:1f:56:66:01:15:80:5a:c5:80:d1:27:3c:88:db:
c7:49:4e:12:9a:e7:24:a5:57:31:43:35:7b:35:42:f9:e6:fe:
0f:19:7e:f8:04:86:4a:19:2c:4d:fa:92:a4:8a:63:5d:7e:ef:
ad:7f:9a:f1:0e:c4:7c:37:6b:bf:e3:35:ed:cf:62:a2:54:8b:
f9:f2:03:0f:90:82:db:8c:8c:e2:2d:eb:02:64:c2:69:f2:73:
5d:f8:50:05:95:e8:20:c5:e6:4e:01:56:3e:63:b1:1e:70:4e:
29:74:92:3e:b4:4d:dc:a2:1c:0d:c1:f2:07:20:66:43:f1:59:
e4:0d:e9:fe:37:67:59:1c:0b:f4:d6:dc:ad:8f:cf:85:9d:5d:
02:6c:d7:33:b0:b4:c3:bc:46:1e:1a:e4:50:8b:c8:ab:41:7e:
d9:98:e8:b4:15:59:53:c7:2e:61:c5:74:b4:90:c7:ae:1e:09:
35:14:9d:e3:66:1f:a6:74:d9:83:7f:9c:b7:e0:bc:94:42:63:
51:0e:16:5f:c8:f0:ae:7c:45:5d:52:43:95:9f:e0:c9:cb:6f:
84:0c:18:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAdxsiWgxA4v4wir53gu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNzc5ZTU2MjM4YjZmMmVhMDY4ZWRlNGUyMGFlZjAwYzkw
NDEzMmIwHhcNMjQwMTAyMDIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTk3ODc1YzQ5ZTk4ZTExNmE5MmU3YzE0ZGZkMWRmYjQ5NTk1N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDveoBwoSJTRfQPi/wkfKLzvbM3U
xoggxkNkI3eC3rjwc/GWIsp1GEc3GOMLG7wASI+qOLeynII3aJUui5BnHF7TAmDv
liOvH+Pjsbh20loW3qPY72Dg4a4PGcJqPyb9/IaYqqd10hG24H/8uJvuKLggNcCq
G0MVdhs7xZMt+5GHfn+NWE016kal6ryc6ncIHt4jvb2FzCxwemMC70bTGGrF5lve
xXf2GqtGmMTzzAKcszS70BK6E6xLLP1ca1zDqul2dAMV6kqZ34CpMYb+nevR6GUi
DiUeBVxYqmyShKAKOfHpvK+c/j3OL/9yzvEUX6Abl17Lho5XizOdx5cFwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGmXh1xJ6Y4RapLnwU39HftJWVexMB8GA1UdIwQY
MBaAFP53nlYji28uoGjt5OIK7wDJBBMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQt
MzM4OTQ5MTNkY2I3LzEvYVplSFhFbnBqaEZxa3VmQlRmMGQtMGxaVjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZGU1OTgtNmIwMy00YmVmLWFiMTQtMzM4OTQ5MTNkY2I3
LzEvX25lZVZpT0xieTZnYU8zazRncnZBTWtFRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXDWgAwQC
XDWsMA0GCSqGSIb3DQEBCwUAA4IBAQCkTn8hTbl7TXGg29BRDrF8JazvlXco0kqr
cG4RNChzHhsW7fIAG4GOH1ZmARWAWsWA0Sc8iNvHSU4SmuckpVcxQzV7NUL55v4P
GX74BIZKGSxN+pKkimNdfu+tf5rxDsR8N2u/4zXtz2KiVIv58gMPkILbjIziLesC
ZMJp8nNd+FAFleggxeZOAVY+Y7EecE4pdJI+tE3cohwNwfIHIGZD8VnkDen+N2dZ
HAv01tytj8+FnV0CbNczsLTDvEYeGuRQi8irQX7ZmOi0FVlTxy5hxXS0kMeuHgk1
FJ3jZh+mdNmDf5y34LyUQmNRDhZfyPCufEVdUkOVn+DJy2+EDBiM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:05 2024 by rpki-client on console-ams.rpki-client.org