Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/aQlhl-BPJJXNe_WKsuuSgTv6ZOc.roa
File: aQlhl-BPJJXNe_WKsuuSgTv6ZOc.roa (raw, json)
Hash identifier: I45zcSHQjznzF5jC4ASEvcAhvF0+660/VC7MR79wI78=
Subject key identifier: 69:09:61:97:E0:4F:24:95:CD:7B:F5:8A:B2:EB:92:81:3B:FA:64:E7
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 01856C9CEBE4F7E74A60D5DD3F9F11B9BC27
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/aQlhl-BPJJXNe_WKsuuSgTv6ZOc.roa
Signing time: Sun 01 Jan 2023 09:15:01 +0000
ROA not before: Sun 01 Jan 2023 09:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201500
IP address blocks: 185.137.69.0/24 maxlen: 24
185.174.213.0/24 maxlen: 24
185.174.214.0/24 maxlen: 24
185.174.214.0/23 maxlen: 23
185.174.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:eb:e4:f7:e7:4a:60:d5:dd:3f:9f:11:b9:bc:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 1 09:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69096197e04f2495cd7bf58ab2eb92813bfa64e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4d:0b:1e:21:49:a4:1c:8b:96:12:f5:ba:83:
a1:4e:5c:b6:ed:4f:15:3c:62:aa:53:e3:e5:53:44:
88:42:92:4b:de:30:d6:8d:b8:a9:45:00:d1:d1:87:
af:b1:45:5d:e8:53:85:74:5a:b5:22:4a:74:43:ca:
c1:ba:14:3e:ad:15:7d:a1:4b:03:60:e9:6d:d5:82:
57:f8:bb:99:5b:1f:57:fa:d7:f6:87:07:a9:6e:09:
c0:18:bd:84:aa:a5:41:b5:c6:59:5b:73:db:fd:3a:
30:0a:f2:96:59:7e:fa:92:c8:fd:86:20:f0:0c:db:
f9:f8:e0:95:74:41:42:0a:31:f0:d5:4c:51:44:c2:
70:3c:8b:79:66:19:20:6d:74:ef:73:18:c9:ec:56:
6f:1d:1f:42:a3:16:fe:93:f8:78:90:6c:df:ed:4b:
2e:b9:b0:05:0d:c6:2f:ed:9f:7e:8e:24:87:1e:fc:
c4:e4:b9:c1:8c:eb:35:77:3e:70:8f:ea:0d:79:ad:
ec:41:1e:fc:4e:a2:c5:4c:cc:70:17:22:4b:91:85:
88:ed:33:6d:3d:37:b5:fa:1b:da:68:96:3c:eb:2f:
b7:ed:f1:10:4d:a7:66:68:67:47:01:56:78:bf:5e:
88:44:b5:95:8f:3c:b9:4d:49:d2:1f:97:02:de:38:
0d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:09:61:97:E0:4F:24:95:CD:7B:F5:8A:B2:EB:92:81:3B:FA:64:E7
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/aQlhl-BPJJXNe_WKsuuSgTv6ZOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.69.0/24
185.174.213.0-185.174.215.255
Signature Algorithm: sha256WithRSAEncryption
ad:ab:57:86:59:f7:f0:44:70:5f:13:47:7a:31:81:cd:cf:8d:
f0:4b:d0:1c:57:bf:56:4f:60:84:51:b0:c0:36:86:51:35:2c:
e3:d9:27:b0:b2:ec:7d:78:7d:39:b3:27:fe:86:cd:a8:92:5a:
b8:c0:6f:3d:a0:0e:79:91:e8:bd:dc:93:59:95:ab:f5:b5:82:
4f:83:04:87:4c:63:35:8a:24:46:06:45:46:ea:03:c0:b2:eb:
38:a5:13:2b:c5:5f:34:53:7a:c1:56:fe:10:f4:7e:14:a9:b4:
19:a9:57:af:11:e4:32:b9:97:b7:fd:1e:a6:da:ea:5c:95:a0:
ab:8d:ae:a1:7d:64:82:df:1e:b3:16:94:6f:5c:79:a2:87:c2:
6d:95:8f:3b:a4:c4:6f:18:3f:3c:45:69:38:f4:fc:9c:e0:99:
53:b2:70:d3:7d:95:39:34:2a:5d:61:1f:79:2b:13:68:c3:9f:
55:4a:b1:e9:22:35:ad:1d:c6:ce:1d:e5:96:4d:a1:2d:b2:89:
2e:4b:15:99:93:67:89:99:01:26:27:92:01:8d:b1:a8:4d:27:
e1:b5:97:61:19:03:b2:dd:55:8b:89:9a:7d:2c:e9:88:32:21:
2e:66:36:5f:af:50:30:9e:31:0e:af:b6:bc:c1:95:e2:cf:5f:
61:a1:99:d2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVsnOvk9+dKYNXdP58RubwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjMwMTAxMDkxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA5NjE5N2UwNGYyNDk1Y2Q3YmY1OGFiMmViOTI4MTNiZmE2NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE0LHiFJpByLlhL1uoOhTly27U8V
PGKqU+PlU0SIQpJL3jDWjbipRQDR0YevsUVd6FOFdFq1Ikp0Q8rBuhQ+rRV9oUsD
YOlt1YJX+LuZWx9X+tf2hwepbgnAGL2EqqVBtcZZW3Pb/TowCvKWWX76ksj9hiDw
DNv5+OCVdEFCCjHw1UxRRMJwPIt5ZhkgbXTvcxjJ7FZvHR9Coxb+k/h4kGzf7Usu
ubAFDcYv7Z9+jiSHHvzE5LnBjOs1dz5wj+oNea3sQR78TqLFTMxwFyJLkYWI7TNt
PTe1+hvaaJY86y+37fEQTadmaGdHAVZ4v16IRLWVjzy5TUnSH5cC3jgN7QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGkJYZfgTySVzXv1irLrkoE7+mTnMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvYVFsaGwtQlBKSlhOZV9XS3N1dVNnVHY2Wk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAuYlFMAwD
BAC5rtUDBAO5rtAwDQYJKoZIhvcNAQELBQADggEBAK2rV4ZZ9/BEcF8TR3oxgc3P
jfBL0BxXv1ZPYIRRsMA2hlE1LOPZJ7Cy7H14fTmzJ/6GzaiSWrjAbz2gDnmR6L3c
k1mVq/W1gk+DBIdMYzWKJEYGRUbqA8Cy6zilEyvFXzRTesFW/hD0fhSptBmpV68R
5DK5l7f9Hqba6lyVoKuNrqF9ZILfHrMWlG9ceaKHwm2VjzukxG8YPzxFaTj0/Jzg
mVOycNN9lTk0Kl1hH3krE2jDn1VKsekiNa0dxs4d5ZZNoS2yiS5LFZmTZ4mZASYn
kgGNsahNJ+G1l2EZA7LdVYuJmn0s6YgyIS5mNl+vUDCeMQ6vtrzBleLPX2GhmdI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:29 2024 by rpki-client on console-ams.rpki-client.org