Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/awc_b5FX_qs5Df6_y6FJIJml93c.roa
File: awc_b5FX_qs5Df6_y6FJIJml93c.roa (raw, json)
Hash identifier: du2XNACQWbhEuNxACKucAibLb9IKN7hDPanQEy468vk=
Subject key identifier: 6B:07:3F:6F:91:57:FE:AB:39:0D:FE:BF:CB:A1:49:20:99:A5:F7:77
Certificate issuer: /CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Certificate serial: 018CC5DD3BA40E9733C1D7AE3FA6BA84C3C9
Authority key identifier: ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/awc_b5FX_qs5Df6_y6FJIJml93c.roa
Signing time: Mon 01 Jan 2024 16:30:59 +0000
ROA not before: Mon 01 Jan 2024 16:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20704
IP address blocks: 81.92.240.0/22 maxlen: 24
217.196.64.0/19 maxlen: 20
2001:1408::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:3b:a4:0e:97:33:c1:d7:ae:3f:a6:ba:84:c3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc22138c0af81c5cbf43a4f8ddd7c8de13c7230
Validity
Not Before: Jan 1 16:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b073f6f9157feab390dfebfcba1492099a5f777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:96:e5:a6:86:1e:97:bb:67:7c:47:f1:dd:4d:
3e:74:5a:9d:ef:3e:a4:80:9b:a0:62:22:72:d5:a6:
38:f5:ab:8c:ac:e4:50:10:56:cb:bb:6c:83:63:23:
9f:43:e2:9e:24:de:61:d9:16:c4:bf:bb:74:62:17:
cf:e4:63:73:f3:b0:ac:1c:78:1d:6d:f3:5f:00:38:
cd:ce:9f:55:9b:60:48:76:b3:10:f4:6b:b4:1c:ea:
e5:e6:23:71:a4:34:ec:93:33:20:a0:00:ad:f7:9a:
af:97:a4:5f:66:c9:f7:c3:8b:1f:65:d6:43:90:f5:
73:85:44:72:6f:78:cf:67:27:a8:40:50:93:0f:d2:
20:6d:63:4d:15:fd:4d:42:a4:20:40:42:41:d1:e1:
ff:db:23:2d:61:a2:5e:3f:c4:71:82:4d:86:2a:ee:
32:95:30:fc:f7:d1:74:55:78:bd:8a:fb:ce:d9:b0:
6a:15:bc:93:64:89:36:92:81:cd:e4:03:1c:ca:69:
5c:8c:9c:b3:67:5e:9c:ab:15:e4:1f:a5:27:46:13:
5e:90:7b:9d:8c:3e:79:2f:7b:01:9c:ec:58:99:33:
d6:ae:f8:77:f8:4d:ba:bf:d4:23:21:71:fc:8f:06:
53:0a:57:bc:3e:ff:66:0f:48:7a:ee:97:fe:64:6c:
ae:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:07:3F:6F:91:57:FE:AB:39:0D:FE:BF:CB:A1:49:20:99:A5:F7:77
X509v3 Authority Key Identifier:
keyid:ED:C2:21:38:C0:AF:81:C5:CB:F4:3A:4F:8D:DD:7C:8D:E1:3C:72:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cIhOMCvgcXL9DpPjd18jeE8cjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/awc_b5FX_qs5Df6_y6FJIJml93c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/649aeb-78dd-422f-89c6-5538dc0bb099/1/7cIhOMCvgcXL9DpPjd18jeE8cjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.240.0/22
217.196.64.0/19
IPv6:
2001:1408::/32
Signature Algorithm: sha256WithRSAEncryption
88:34:99:6e:59:5e:cb:28:20:f9:b8:64:69:fc:19:ae:1b:b7:
cb:0c:1c:9b:37:72:96:e8:bd:62:58:a8:89:36:f9:f5:2e:88:
81:a2:ad:28:e7:79:c7:be:db:8a:b7:3f:8c:e3:40:e9:29:e9:
77:34:d6:4d:19:b8:cb:c7:9f:b8:10:66:ce:e3:df:46:6a:9c:
39:9a:ba:41:66:35:4f:03:80:27:e8:6e:3b:fd:81:62:66:35:
cf:90:96:23:de:a6:86:77:b0:9a:32:34:9b:3e:d9:fd:96:e5:
bf:7b:c9:47:51:4e:73:65:da:89:81:72:79:a5:1c:d1:e5:6f:
ba:c0:0e:01:47:00:6b:02:43:ab:9e:61:b8:8e:fd:17:19:f2:
3d:82:6a:23:0c:d6:56:01:34:5a:e3:2f:18:e0:20:26:88:eb:
be:ec:c0:16:51:38:26:af:b0:28:90:08:be:c6:44:eb:93:13:
8d:b3:ea:44:1a:a6:c9:3c:9b:3a:c3:c9:5d:05:83:09:88:6d:
6c:03:7f:ce:2f:ba:67:67:a2:ff:97:e7:2a:ad:6c:52:2f:7b:
38:bd:fc:d3:a3:45:5d:45:cf:93:dc:fe:f0:6b:bf:27:5f:e2:
81:d6:77:7d:fd:3a:7d:ab:ad:c7:e8:95:56:be:f1:ec:1c:39:
e8:24:55:7b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3TukDpczwdeuP6a6hMPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzIyMTM4YzBhZjgxYzVjYmY0M2E0ZjhkZGQ3YzhkZTEz
YzcyMzAwHhcNMjQwMTAxMTYzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA3M2Y2ZjkxNTdmZWFiMzkwZGZlYmZjYmExNDkyMDk5YTVmNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJblpoYel7tnfEfx3U0+dFqd7z6k
gJugYiJy1aY49auMrORQEFbLu2yDYyOfQ+KeJN5h2RbEv7t0YhfP5GNz87CsHHgd
bfNfADjNzp9Vm2BIdrMQ9Gu0HOrl5iNxpDTskzMgoACt95qvl6RfZsn3w4sfZdZD
kPVzhURyb3jPZyeoQFCTD9IgbWNNFf1NQqQgQEJB0eH/2yMtYaJeP8Rxgk2GKu4y
lTD899F0VXi9ivvO2bBqFbyTZIk2koHN5AMcymlcjJyzZ16cqxXkH6UnRhNekHud
jD55L3sBnOxYmTPWrvh3+E26v9QjIXH8jwZTCle8Pv9mD0h67pf+ZGyu1QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGsHP2+RV/6rOQ3+v8uhSSCZpfd3MB8GA1UdIwQY
MBaAFO3CITjAr4HFy/Q6T43dfI3hPHIwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NJaE9NQ3ZnY1hMOURwUGpkMThqZUU4Y2pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82NDlhZWItNzhkZC00MjJmLTg5YzYt
NTUzOGRjMGJiMDk5LzEvYXdjX2I1RlhfcXM1RGY2X3k2RkpJSm1sOTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82NDlhZWItNzhkZC00MjJmLTg5YzYtNTUzOGRjMGJiMDk5
LzEvN2NJaE9NQ3ZnY1hMOURwUGpkMThqZUU4Y2pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCUVzwAwQF
2cRAMA0EAgACMAcDBQAgARQIMA0GCSqGSIb3DQEBCwUAA4IBAQCINJluWV7LKCD5
uGRp/BmuG7fLDBybN3KW6L1iWKiJNvn1LoiBoq0o53nHvtuKtz+M40DpKel3NNZN
GbjLx5+4EGbO499Gapw5mrpBZjVPA4An6G47/YFiZjXPkJYj3qaGd7CaMjSbPtn9
luW/e8lHUU5zZdqJgXJ5pRzR5W+6wA4BRwBrAkOrnmG4jv0XGfI9gmojDNZWATRa
4y8Y4CAmiOu+7MAWUTgmr7AokAi+xkTrkxONs+pEGqbJPJs6w8ldBYMJiG1sA3/O
L7pnZ6L/l+cqrWxSL3s4vfzTo0VdRc+T3P7wa78nX+KB1nd9/Tp9q63H6JVWvvHs
HDnoJFV7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:04 2025 by rpki-client