Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/355be3-c11c-41c8-a89a-d1429837dabf/1/AWpS44K5laIKqlEg7STHLt-d55Q.roa
File: AWpS44K5laIKqlEg7STHLt-d55Q.roa (raw, json)
Hash identifier: aJYDBMylZE0ivGG/3KnPuvM3ShaYLMh7JV9mZVsV4Yc=
Subject key identifier: 01:6A:52:E3:82:B9:95:A2:0A:AA:51:20:ED:24:C7:2E:DF:9D:E7:94
Certificate issuer: /CN=4200eb2f8fd0138c4377f540006cfc8b765c4a76
Certificate serial: 018CC26CF5B3849FA5AA36638B1E826DD6D5
Authority key identifier: 42:00:EB:2F:8F:D0:13:8C:43:77:F5:40:00:6C:FC:8B:76:5C:4A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgDrL4_QE4xDd_VAAGz8i3ZcSnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/355be3-c11c-41c8-a89a-d1429837dabf/1/AWpS44K5laIKqlEg7STHLt-d55Q.roa
Signing time: Mon 01 Jan 2024 00:29:29 +0000
ROA not before: Mon 01 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60257
IP address blocks: 185.43.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f5:b3:84:9f:a5:aa:36:63:8b:1e:82:6d:d6:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200eb2f8fd0138c4377f540006cfc8b765c4a76
Validity
Not Before: Jan 1 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=016a52e382b995a20aaa5120ed24c72edf9de794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7f:a6:ac:a4:33:5b:4e:21:54:66:a6:04:43:
81:7f:3e:c8:86:11:94:36:4d:42:84:8c:e7:be:68:
2a:f4:d2:62:aa:d6:ff:10:7f:22:84:f4:8d:33:5f:
fe:ce:94:59:3f:eb:fb:7a:a2:c8:a8:1e:ac:61:13:
ed:d7:6b:25:e3:c6:3d:60:0d:03:a1:f1:37:32:0e:
18:a2:e5:24:51:f7:c6:82:c0:e7:12:28:05:25:5d:
ba:cc:e2:48:f9:87:e4:03:11:fc:11:df:6e:04:8f:
aa:db:aa:ac:91:a7:a3:89:c0:8d:b3:2d:fd:a3:82:
5c:18:a3:63:2c:77:2f:31:ba:8c:07:6e:5c:e4:5d:
c6:45:b7:51:bb:0e:a0:7f:26:d0:f1:b4:b4:9e:48:
7e:bb:68:a5:66:dc:1e:b7:5b:e2:ae:5c:06:01:e4:
ed:0c:c3:b9:f7:4a:91:dc:fe:18:56:f4:7c:76:f3:
5d:12:de:a1:b0:66:a0:82:3c:d0:57:8c:8c:83:12:
44:cd:4a:d7:81:bc:d6:c3:5e:3d:e0:49:d1:d3:5a:
33:69:c1:a1:a2:d0:04:ac:7d:f6:b6:65:50:09:6a:
e0:24:46:20:a3:67:5b:33:b5:99:95:08:75:e2:60:
25:b2:3e:39:12:9a:00:b4:48:d5:81:c3:f2:64:b5:
b4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6A:52:E3:82:B9:95:A2:0A:AA:51:20:ED:24:C7:2E:DF:9D:E7:94
X509v3 Authority Key Identifier:
keyid:42:00:EB:2F:8F:D0:13:8C:43:77:F5:40:00:6C:FC:8B:76:5C:4A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgDrL4_QE4xDd_VAAGz8i3ZcSnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/355be3-c11c-41c8-a89a-d1429837dabf/1/AWpS44K5laIKqlEg7STHLt-d55Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/355be3-c11c-41c8-a89a-d1429837dabf/1/QgDrL4_QE4xDd_VAAGz8i3ZcSnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.32.0/22
Signature Algorithm: sha256WithRSAEncryption
27:e8:af:a4:c4:55:5e:bd:83:f7:2f:cd:cc:41:90:25:86:dc:
0f:11:83:66:91:b2:26:c2:42:a2:48:d2:34:ae:45:29:f4:22:
2b:bc:8e:81:cc:33:6d:e5:b6:be:ee:db:ab:90:38:06:f3:5b:
eb:73:a7:2e:92:53:54:d0:ac:14:3b:d5:f3:f6:82:ef:19:0f:
b6:a1:6c:50:24:4c:e0:24:ad:77:78:3d:28:6c:60:e9:66:04:
57:f4:61:f7:61:1f:e4:8a:dd:99:59:0d:b1:68:eb:2b:f0:dc:
77:ff:22:2c:be:fd:e4:01:22:56:ff:a7:e5:a5:c7:f0:56:38:
36:cf:cc:be:b8:6d:e7:5d:90:66:f6:25:98:03:ac:31:4c:47:
32:41:a0:16:35:c6:18:46:40:b4:49:4c:e3:e1:cf:22:15:92:
43:b6:0f:14:b5:5c:70:26:ca:3b:cc:4a:b8:1e:95:eb:e5:61:
22:58:d4:7e:8c:61:ad:ae:1a:b6:1d:2f:af:4b:3f:4c:b6:1a:
68:7a:c2:36:17:bd:2e:e0:0a:a4:71:27:ba:b8:04:00:0a:13:
89:74:b2:87:64:5d:5d:02:77:9d:17:f1:74:ef:e1:a4:30:74:
a3:3f:3c:a8:b0:61:47:0d:39:d0:2a:b8:5b:28:6f:d8:e5:9a:
66:79:30:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbPWzhJ+lqjZjix6CbdbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDBlYjJmOGZkMDEzOGM0Mzc3ZjU0MDAwNmNmYzhiNzY1
YzRhNzYwHhcNMjQwMTAxMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZhNTJlMzgyYjk5NWEyMGFhYTUxMjBlZDI0YzcyZWRmOWRlNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX+mrKQzW04hVGamBEOBfz7IhhGU
Nk1ChIznvmgq9NJiqtb/EH8ihPSNM1/+zpRZP+v7eqLIqB6sYRPt12sl48Y9YA0D
ofE3Mg4YouUkUffGgsDnEigFJV26zOJI+YfkAxH8Ed9uBI+q26qskaejicCNsy39
o4JcGKNjLHcvMbqMB25c5F3GRbdRuw6gfybQ8bS0nkh+u2ilZtwet1virlwGAeTt
DMO590qR3P4YVvR8dvNdEt6hsGaggjzQV4yMgxJEzUrXgbzWw1494EnR01ozacGh
otAErH32tmVQCWrgJEYgo2dbM7WZlQh14mAlsj45EpoAtEjVgcPyZLW0fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFqUuOCuZWiCqpRIO0kxy7fneeUMB8GA1UdIwQY
MBaAFEIA6y+P0BOMQ3f1QABs/It2XEp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdEckw0X1FFNHhEZF9WQUFHejhpM1pjU25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zNTViZTMtYzExYy00MWM4LWE4OWEt
ZDE0Mjk4MzdkYWJmLzEvQVdwUzQ0SzVsYUlLcWxFZzdTVEhMdC1kNTVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zNTViZTMtYzExYy00MWM4LWE4OWEtZDE0Mjk4MzdkYWJm
LzEvUWdEckw0X1FFNHhEZF9WQUFHejhpM1pjU25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSsgMA0G
CSqGSIb3DQEBCwUAA4IBAQAn6K+kxFVevYP3L83MQZAlhtwPEYNmkbImwkKiSNI0
rkUp9CIrvI6BzDNt5ba+7turkDgG81vrc6cuklNU0KwUO9Xz9oLvGQ+2oWxQJEzg
JK13eD0obGDpZgRX9GH3YR/kit2ZWQ2xaOsr8Nx3/yIsvv3kASJW/6flpcfwVjg2
z8y+uG3nXZBm9iWYA6wxTEcyQaAWNcYYRkC0SUzj4c8iFZJDtg8UtVxwJso7zEq4
HpXr5WEiWNR+jGGtrhq2HS+vSz9MthpoesI2F70u4AqkcSe6uAQAChOJdLKHZF1d
AnedF/F07+GkMHSjPzyosGFHDTnQKrhbKG/Y5ZpmeTDO
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:38 2025 by rpki-client