Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/1IoIJjYwHg7dCJsxrLJIlGTXKnw.roa
File: 1IoIJjYwHg7dCJsxrLJIlGTXKnw.roa (raw, json)
Hash identifier: FKNgLy4Hm9iLNgchWAjf02kSSABDu2PMVVyaMsBR3hs=
Subject key identifier: D4:8A:08:26:36:30:1E:0E:DD:08:9B:31:AC:B2:48:94:64:D7:2A:7C
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 01856F26E783E8A69BF376E1BC9A293D3DD0
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/1IoIJjYwHg7dCJsxrLJIlGTXKnw.roa
Signing time: Sun 01 Jan 2023 21:04:58 +0000
ROA not before: Sun 01 Jan 2023 21:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203833
IP address blocks: 159.100.24.0/22 maxlen: 24
79.133.32.0/23 maxlen: 23
79.133.43.0/24 maxlen: 24
2a01:7e1::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:e7:83:e8:a6:9b:f3:76:e1:bc:9a:29:3d:3d:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Jan 1 21:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d48a082636301e0edd089b31acb2489464d72a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:df:34:a8:78:c5:50:63:7b:61:ee:db:03:c7:
5e:2c:e0:5f:66:69:ea:ce:72:41:27:32:03:51:8b:
a0:8e:30:b8:53:19:74:80:ba:2e:5d:bf:de:e3:56:
59:df:f2:7d:32:4b:97:a2:32:98:22:ce:3b:c3:e1:
74:1f:12:c8:ed:2a:a1:b1:e3:4f:f2:74:a1:6e:96:
f8:16:30:3a:bd:78:cb:b1:05:87:8d:ea:bc:34:e2:
74:ad:e3:38:a0:21:b3:6f:f1:e1:db:f5:f9:a5:a1:
c3:bd:fd:ba:3f:35:a7:b9:ba:70:0c:62:c4:10:34:
bc:f0:75:a4:ec:55:5f:f9:77:96:3e:9e:2b:be:80:
36:9e:8c:ee:8b:da:bf:d4:84:2b:45:0e:af:a6:14:
cd:8c:c6:95:e1:47:74:29:40:04:0c:28:41:b2:a6:
be:42:d7:2a:c9:b9:72:52:65:23:2d:24:1c:82:98:
5e:61:a6:ad:6d:36:82:5f:a5:e9:0f:dc:b0:86:da:
7a:69:eb:7c:1e:24:4a:af:34:da:1c:a4:c7:bb:3d:
0d:ea:63:4b:aa:c6:ce:30:ac:51:74:29:1d:a1:c0:
82:01:e6:86:41:a5:25:65:fe:e0:4f:f5:f6:8f:f5:
ad:c9:b2:28:87:4d:b1:12:aa:25:56:82:38:a8:b0:
67:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:8A:08:26:36:30:1E:0E:DD:08:9B:31:AC:B2:48:94:64:D7:2A:7C
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/1IoIJjYwHg7dCJsxrLJIlGTXKnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.32.0/23
79.133.43.0/24
159.100.24.0/22
IPv6:
2a01:7e1::/32
Signature Algorithm: sha256WithRSAEncryption
51:2a:09:6a:d4:23:26:bf:77:44:74:0f:61:13:56:f4:31:df:
7f:82:29:b3:aa:fb:6d:9d:0b:2f:4e:19:9a:6e:87:57:d4:2e:
0c:dc:f0:80:7f:c8:a2:76:49:e4:69:f1:e9:a0:b8:a2:59:f0:
3e:1e:de:5a:3f:20:5c:97:fb:c6:cb:72:45:d1:c4:bb:25:3d:
9b:64:4a:52:21:ea:e9:f4:e6:b5:e1:d0:92:8b:93:21:7d:70:
e7:02:8b:3a:35:35:6b:cf:40:64:ad:0a:c5:56:e6:e5:39:74:
88:fe:16:b0:84:a0:82:a8:64:a6:a0:e8:f2:c5:c8:b4:09:a7:
b0:7b:37:b8:14:f5:c8:58:a3:e4:bd:86:33:a4:9d:24:c2:85:
26:ed:fa:00:32:f8:c6:43:b5:e1:3a:b2:33:10:82:35:dc:ea:
c8:fd:64:f7:64:ff:49:91:a2:32:17:f1:7b:46:52:55:c1:ec:
f6:96:9a:c7:b7:90:e2:b1:9b:88:22:79:b2:56:03:67:de:e8:
e1:5a:bd:2b:31:08:8f:99:c8:db:c8:14:65:eb:2f:21:00:bd:
0c:02:af:28:ce:de:f2:46:c9:f9:f9:22:de:7f:96:91:4e:22:
9c:09:07:01:d1:c3:0e:b5:f2:96:af:23:0a:1e:85:50:20:91:
0b:9d:5e:56
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvJueD6Kab83bhvJopPT3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjMwMTAxMjEwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDhhMDgyNjM2MzAxZTBlZGQwODliMzFhY2IyNDg5NDY0ZDcyYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt80qHjFUGN7Ye7bA8deLOBfZmnq
znJBJzIDUYugjjC4Uxl0gLouXb/e41ZZ3/J9MkuXojKYIs47w+F0HxLI7SqhseNP
8nShbpb4FjA6vXjLsQWHjeq8NOJ0reM4oCGzb/Hh2/X5paHDvf26PzWnubpwDGLE
EDS88HWk7FVf+XeWPp4rvoA2nozui9q/1IQrRQ6vphTNjMaV4Ud0KUAEDChBsqa+
QtcqyblyUmUjLSQcgpheYaatbTaCX6XpD9ywhtp6aet8HiRKrzTaHKTHuz0N6mNL
qsbOMKxRdCkdocCCAeaGQaUlZf7gT/X2j/WtybIoh02xEqolVoI4qLBngwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNSKCCY2MB4O3QibMayySJRk1yp8MB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvMUlvSUpqWXdIZzdkQ0pzeHJMSklsR1RYS253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBT4UgAwQA
T4UrAwQCn2QYMA0EAgACMAcDBQAqAQfhMA0GCSqGSIb3DQEBCwUAA4IBAQBRKglq
1CMmv3dEdA9hE1b0Md9/gimzqvttnQsvThmabodX1C4M3PCAf8iidknkafHpoLii
WfA+Ht5aPyBcl/vGy3JF0cS7JT2bZEpSIerp9Oa14dCSi5MhfXDnAos6NTVrz0Bk
rQrFVublOXSI/hawhKCCqGSmoOjyxci0Caeweze4FPXIWKPkvYYzpJ0kwoUm7foA
MvjGQ7XhOrIzEII13OrI/WT3ZP9JkaIyF/F7RlJVwez2lprHt5DisZuIInmyVgNn
3ujhWr0rMQiPmcjbyBRl6y8hAL0MAq8ozt7yRsn5+SLef5aRTiKcCQcB0cMOtfKW
ryMKHoVQIJELnV5W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:36 2024 by rpki-client on console-fra.rpki-client.org