Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/ajdNlMXvXMU5vNV22t1ksOxBFDc.roa
File: ajdNlMXvXMU5vNV22t1ksOxBFDc.roa (raw, json)
Hash identifier: rJ8Ye1tOx/nergR8ckMxRMHbZfB3Cs+z8B+mCnLngCc=
Subject key identifier: 6A:37:4D:94:C5:EF:5C:C5:39:BC:D5:76:DA:DD:64:B0:EC:41:14:37
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 01856C9CC43142AEA361B3A6447CD89EBEA7
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/ajdNlMXvXMU5vNV22t1ksOxBFDc.roa
Signing time: Sun 01 Jan 2023 09:14:51 +0000
ROA not before: Sun 01 Jan 2023 09:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57172
IP address blocks: 213.152.160.0/19 maxlen: 19
109.202.96.0/21 maxlen: 21
109.232.224.0/21 maxlen: 21
188.95.48.0/21 maxlen: 21
37.123.208.0/23 maxlen: 23
188.95.54.0/24 maxlen: 24
188.95.55.0/24 maxlen: 24
2a00:1678::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 02 Dec 2023 11:35:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:c4:31:42:ae:a3:61:b3:a6:44:7c:d8:9e:be:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Jan 1 09:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a374d94c5ef5cc539bcd576dadd64b0ec411437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d1:44:ac:26:05:5a:ea:d3:c1:88:3d:a2:1b:
01:07:00:e3:27:3f:e0:ab:9e:40:3c:0f:77:c9:3a:
06:9f:74:f1:11:1b:34:a1:75:3a:21:1e:22:27:17:
ea:60:2c:12:28:65:2d:41:cd:d2:8c:02:e2:38:86:
36:e8:dc:8d:9c:96:43:9d:1c:dc:14:34:17:79:05:
f2:b1:01:cc:4a:45:b1:d6:8f:fe:f2:d7:20:5c:42:
e2:bb:a0:b5:3e:7c:ed:c8:ea:0a:7d:9d:02:96:5f:
5b:59:cd:be:d4:6a:80:c5:2d:42:0f:c8:8e:93:f3:
41:ba:6c:af:2a:8c:c3:bb:3c:fc:b9:39:a9:76:84:
8e:35:87:33:cf:99:68:f4:d0:7d:86:8f:67:e3:bd:
4b:28:55:31:88:25:11:9c:67:1c:da:6d:eb:e1:a5:
cc:56:79:4b:a9:4f:c9:d1:a2:d8:46:63:45:f0:da:
af:93:c5:f6:4b:c1:2d:7f:5d:36:2d:06:eb:c7:a9:
de:a7:de:68:09:5a:ec:84:96:32:fa:49:32:4b:16:
88:96:21:d0:f1:8f:0b:d6:60:6f:1c:29:92:ac:70:
06:74:88:2b:75:2b:2c:67:2f:72:7f:6f:f5:2b:d2:
97:d2:17:45:08:b4:37:97:0e:72:a2:e4:36:bc:ec:
4b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:37:4D:94:C5:EF:5C:C5:39:BC:D5:76:DA:DD:64:B0:EC:41:14:37
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/ajdNlMXvXMU5vNV22t1ksOxBFDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.123.208.0/23
109.202.96.0/21
109.232.224.0/21
188.95.48.0/21
213.152.160.0/19
IPv6:
2a00:1678::/32
Signature Algorithm: sha256WithRSAEncryption
73:81:5e:a0:bd:19:82:d6:d9:df:19:9a:d5:8d:78:fc:06:cd:
64:fb:10:8e:72:19:f9:ea:90:aa:0d:44:57:d9:ee:49:3d:bd:
8c:3a:15:09:5c:11:8d:70:34:4c:3a:f7:0e:1b:d7:96:90:24:
4e:aa:39:5f:56:0f:ee:5e:0e:09:7d:d7:1c:8b:f4:05:ff:e8:
8f:8b:bc:2c:c5:da:80:66:e6:22:60:7a:8b:fc:e5:6f:24:bc:
7d:b7:f4:6b:6a:ce:46:60:25:44:bf:d2:78:a1:3f:4b:e6:94:
71:51:5e:30:d1:fa:b5:09:8d:eb:1f:6f:24:38:0a:a9:0f:44:
7a:18:69:09:bf:2d:05:59:01:c2:2c:5d:8a:ef:7b:6a:d1:5d:
57:8f:d2:fd:c5:d8:3c:06:99:60:dd:e9:e8:8d:c2:91:c4:e5:
90:73:f9:e6:8f:8d:47:0b:d5:f9:a3:f7:8f:75:d4:b8:3a:8e:
9b:1e:4d:02:5c:ca:6c:ee:dc:cd:70:8f:45:f4:8f:d8:43:40:
98:69:0e:31:44:d9:a7:ce:fa:ed:8e:5f:38:79:13:18:17:63:
9c:8e:c9:14:11:7d:6e:be:be:df:c2:2c:cf:34:b4:fd:67:7e:
e5:43:07:49:cc:4e:0d:8e:78:dc:70:0a:35:58:bb:91:ee:6a:
c2:5c:44:07
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsnMQxQq6jYbOmRHzYnr6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjMwMTAxMDkxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM3NGQ5NGM1ZWY1Y2M1MzliY2Q1NzZkYWRkNjRiMGVjNDExNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodFErCYFWurTwYg9ohsBBwDjJz/g
q55APA93yToGn3TxERs0oXU6IR4iJxfqYCwSKGUtQc3SjALiOIY26NyNnJZDnRzc
FDQXeQXysQHMSkWx1o/+8tcgXELiu6C1PnztyOoKfZ0Cll9bWc2+1GqAxS1CD8iO
k/NBumyvKozDuzz8uTmpdoSONYczz5lo9NB9ho9n471LKFUxiCURnGcc2m3r4aXM
VnlLqU/J0aLYRmNF8Nqvk8X2S8Etf102LQbrx6nep95oCVrshJYy+kkySxaIliHQ
8Y8L1mBvHCmSrHAGdIgrdSssZy9yf2/1K9KX0hdFCLQ3lw5youQ2vOxL5wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGo3TZTF71zFObzVdtrdZLDsQRQ3MB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvYWpkTmxNWHZYTVU1dk5WMjJ0MWtzT3hCRkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQBJXvQAwQD
bcpgAwQDbejgAwQDvF8wAwQF1ZigMA0EAgACMAcDBQAqABZ4MA0GCSqGSIb3DQEB
CwUAA4IBAQBzgV6gvRmC1tnfGZrVjXj8Bs1k+xCOchn56pCqDURX2e5JPb2MOhUJ
XBGNcDRMOvcOG9eWkCROqjlfVg/uXg4Jfdcci/QF/+iPi7wsxdqAZuYiYHqL/OVv
JLx9t/Rras5GYCVEv9J4oT9L5pRxUV4w0fq1CY3rH28kOAqpD0R6GGkJvy0FWQHC
LF2K73tq0V1Xj9L9xdg8Bplg3enojcKRxOWQc/nmj41HC9X5o/ePddS4Oo6bHk0C
XMps7tzNcI9F9I/YQ0CYaQ4xRNmnzvrtjl84eRMYF2OcjskUEX1uvr7fwizPNLT9
Z37lQwdJzE4NjnjccAo1WLuR7mrCXEQH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:46 2024 by rpki-client on console-ams.rpki-client.org