Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/aUXa_MPCagT11l1TahanVvs5VVM.roa
File: aUXa_MPCagT11l1TahanVvs5VVM.roa (raw, json)
Hash identifier: BlZw/b6w0pFTjRVc3+nZF+wtAmh7GOP6DmSkYJRATG0=
Subject key identifier: 69:45:DA:FC:C3:C2:6A:04:F5:D6:5D:53:6A:16:A7:56:FB:39:55:53
Certificate issuer: /CN=19908b6369148f4f3c50f167103f7a0478c52942
Certificate serial: 018CC26D3C22B74967657EF6E2CC96EF8300
Authority key identifier: 19:90:8B:63:69:14:8F:4F:3C:50:F1:67:10:3F:7A:04:78:C5:29:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZCLY2kUj088UPFnED96BHjFKUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/aUXa_MPCagT11l1TahanVvs5VVM.roa
Signing time: Mon 01 Jan 2024 00:29:47 +0000
ROA not before: Mon 01 Jan 2024 00:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12403
IP address blocks: 193.200.183.0/24 maxlen: 24
176.114.32.0/20 maxlen: 20
176.114.32.0/22 maxlen: 22
176.114.36.0/22 maxlen: 22
176.114.44.0/22 maxlen: 22
176.114.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:3c:22:b7:49:67:65:7e:f6:e2:cc:96:ef:83:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19908b6369148f4f3c50f167103f7a0478c52942
Validity
Not Before: Jan 1 00:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6945dafcc3c26a04f5d65d536a16a756fb395553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:63:03:59:83:6e:9d:0a:11:14:94:50:24:94:
83:4a:b6:94:49:8c:5d:27:61:dd:80:79:63:e9:2b:
18:92:e1:21:68:cf:95:de:60:33:08:83:47:11:7c:
89:f6:cd:43:72:34:ff:88:ec:c6:48:e0:8c:5c:f3:
a0:a5:a4:1c:6a:6f:ec:13:57:31:ae:09:b4:90:bd:
26:8a:a8:60:51:e2:72:3b:a0:14:84:b6:c6:24:3e:
00:89:76:91:ff:30:7b:e4:1b:91:04:c4:f7:b0:aa:
5a:0d:7a:c1:5b:9d:90:0f:b3:95:a3:e7:ba:d9:33:
d4:3e:15:fb:26:d1:d6:be:06:d6:20:cc:ff:0e:92:
64:ff:97:eb:21:50:a5:ce:64:0b:c1:b3:1d:f0:4b:
ae:37:23:99:86:00:f5:14:84:c0:a4:5f:a7:96:ca:
7f:15:4e:2f:99:d4:8e:33:4a:c9:19:a0:b4:3f:22:
49:7c:0e:03:79:d7:6a:8d:f1:bf:f6:9a:8c:74:77:
69:cf:f2:62:e3:89:59:af:a1:14:99:3b:83:90:5e:
e3:f0:eb:ad:7d:05:8e:06:d3:48:e8:f3:8d:aa:36:
43:e2:43:04:47:17:28:b3:c1:48:96:b3:b0:52:2e:
9b:d9:3d:a4:fd:1a:c0:61:8a:76:1b:19:e3:47:f3:
03:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:45:DA:FC:C3:C2:6A:04:F5:D6:5D:53:6A:16:A7:56:FB:39:55:53
X509v3 Authority Key Identifier:
keyid:19:90:8B:63:69:14:8F:4F:3C:50:F1:67:10:3F:7A:04:78:C5:29:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZCLY2kUj088UPFnED96BHjFKUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/aUXa_MPCagT11l1TahanVvs5VVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/GZCLY2kUj088UPFnED96BHjFKUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.32.0/20
193.200.183.0/24
Signature Algorithm: sha256WithRSAEncryption
67:91:12:fd:ec:8b:2b:d4:ea:93:88:cc:0a:91:02:96:3d:ea:
c0:0f:8c:bf:95:8c:12:a6:e0:87:57:9f:a8:42:86:82:6d:5c:
b0:51:c1:a0:53:e5:cf:96:60:26:73:d8:df:74:b9:1a:84:38:
be:81:ec:45:e1:b9:36:01:3d:89:97:16:52:b8:3c:bf:33:c2:
c7:76:d7:f1:07:e8:f7:eb:9b:6b:d5:dd:fc:19:1f:ce:d7:e3:
16:cc:dc:a1:52:c5:7f:ea:f2:fb:f0:fd:fc:d6:2c:6f:1f:40:
28:74:54:6f:fb:cf:d4:50:78:99:3c:32:12:57:ed:7b:5a:e4:
b3:ce:50:bc:92:65:6d:cb:f2:c6:2e:c2:52:77:41:25:35:f1:
ab:33:f2:80:69:2c:c1:9d:47:26:0f:40:2d:80:81:b7:3c:b4:
4b:8e:06:14:01:02:30:e4:f7:ba:03:af:1c:38:1b:a7:95:15:
2a:95:1d:fc:29:30:a1:41:ed:50:7e:29:fb:50:52:af:b7:4c:
f7:45:6f:bf:8c:1d:78:c5:f1:83:95:dc:5a:ab:cc:c6:b3:38:
c6:fb:35:12:03:42:ba:d7:9a:84:a9:1e:39:77:b9:a2:0f:2e:
87:5d:03:0e:71:b3:9b:d4:a4:b5:da:bb:30:71:2f:a2:0c:57:
a4:bc:97:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbTwit0lnZX724syW74MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OTA4YjYzNjkxNDhmNGYzYzUwZjE2NzEwM2Y3YTA0Nzhj
NTI5NDIwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQ1ZGFmY2MzYzI2YTA0ZjVkNjVkNTM2YTE2YTc1NmZiMzk1NTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWMDWYNunQoRFJRQJJSDSraUSYxd
J2HdgHlj6SsYkuEhaM+V3mAzCINHEXyJ9s1DcjT/iOzGSOCMXPOgpaQcam/sE1cx
rgm0kL0miqhgUeJyO6AUhLbGJD4AiXaR/zB75BuRBMT3sKpaDXrBW52QD7OVo+e6
2TPUPhX7JtHWvgbWIMz/DpJk/5frIVClzmQLwbMd8EuuNyOZhgD1FITApF+nlsp/
FU4vmdSOM0rJGaC0PyJJfA4DeddqjfG/9pqMdHdpz/Ji44lZr6EUmTuDkF7j8Out
fQWOBtNI6PONqjZD4kMERxcos8FIlrOwUi6b2T2k/RrAYYp2GxnjR/MDuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGlF2vzDwmoE9dZdU2oWp1b7OVVTMB8GA1UdIwQY
MBaAFBmQi2NpFI9PPFDxZxA/egR4xSlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1pDTFkya1VqMDg4VVBGbkVEOTZCSGpGS1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNzAyOTUtNmMyZS00OGZiLThmYzkt
MTI2MGE2ZjNhMzkzLzEvYVVYYV9NUENhZ1QxMWwxVGFoYW5WdnM1VlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNzAyOTUtNmMyZS00OGZiLThmYzktMTI2MGE2ZjNhMzkz
LzEvR1pDTFkya1VqMDg4VVBGbkVEOTZCSGpGS1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsHIgAwQA
wci3MA0GCSqGSIb3DQEBCwUAA4IBAQBnkRL97Isr1OqTiMwKkQKWPerAD4y/lYwS
puCHV5+oQoaCbVywUcGgU+XPlmAmc9jfdLkahDi+gexF4bk2AT2JlxZSuDy/M8LH
dtfxB+j365tr1d38GR/O1+MWzNyhUsV/6vL78P381ixvH0AodFRv+8/UUHiZPDIS
V+17WuSzzlC8kmVty/LGLsJSd0ElNfGrM/KAaSzBnUcmD0AtgIG3PLRLjgYUAQIw
5Pe6A68cOBunlRUqlR38KTChQe1Qfin7UFKvt0z3RW+/jB14xfGDldxaq8zGszjG
+zUSA0K615qEqR45d7miDy6HXQMOcbOb1KS12rswcS+iDFekvJdd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:51 2025 by rpki-client