Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/7b9cf8-2542-41c2-88c0-1f325473ce68/1/AzGh00QWVyK2urubN-R9Y-ktCho.roa
File: AzGh00QWVyK2urubN-R9Y-ktCho.roa (raw, json)
Hash identifier: +9pn6uePmb4TrICkyAU/8INbEFPT3YxD541DdFBEoIg=
Subject key identifier: 03:31:A1:D3:44:16:57:22:B6:BA:BB:9B:37:E4:7D:63:E9:2D:0A:1A
Certificate issuer: /CN=8a83555caa22ce9b9b1683503a14e3cdd836e01b
Certificate serial: 0188F76562C54A1FB42CACC89CFE19F7A6D1
Authority key identifier: 8A:83:55:5C:AA:22:CE:9B:9B:16:83:50:3A:14:E3:CD:D8:36:E0:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ioNVXKoizpubFoNQOhTjzdg24Bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/7b9cf8-2542-41c2-88c0-1f325473ce68/1/AzGh00QWVyK2urubN-R9Y-ktCho.roa
Signing time: Mon 26 Jun 2023 11:09:56 +0000
ROA not before: Mon 26 Jun 2023 11:09:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51394
IP address blocks: 178.212.120.0/21 maxlen: 21
91.239.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:65:62:c5:4a:1f:b4:2c:ac:c8:9c:fe:19:f7:a6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a83555caa22ce9b9b1683503a14e3cdd836e01b
Validity
Not Before: Jun 26 11:09:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0331a1d344165722b6babb9b37e47d63e92d0a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:70:bc:2f:18:66:c5:9b:76:19:a5:79:7c:e0:
86:f6:60:6f:a1:0f:26:1e:68:19:f1:21:c5:40:94:
5d:1d:6c:50:16:1f:43:83:bd:0c:d0:f5:54:5f:af:
8d:8c:b1:31:ec:84:c3:81:b5:4e:e4:07:47:4a:56:
ca:54:65:d2:ab:25:ea:ac:7a:f9:08:54:b4:49:e0:
33:e3:74:9e:32:91:6b:fb:0a:55:c2:fc:d2:94:3f:
86:30:8e:07:ea:66:c7:30:1d:83:77:7c:5d:23:a0:
51:52:53:e4:cf:ed:bf:95:f4:92:fb:26:b4:cb:c4:
1f:11:b1:d9:94:45:bf:23:aa:ff:ce:b9:52:df:c4:
ad:63:cb:40:36:0a:04:8d:27:19:ea:f1:96:2f:ba:
4e:61:22:21:06:e9:07:f9:13:02:4b:95:a4:f7:ff:
15:5d:40:fa:96:03:ef:0d:a8:95:ee:19:6f:b1:56:
4e:db:e0:ce:71:23:9c:b5:1e:e1:9d:4f:0a:e6:42:
c6:25:a5:77:05:72:38:83:d7:d5:b3:85:c6:8e:86:
12:13:03:c9:e3:4e:78:43:1c:d5:67:41:13:08:a9:
cc:7e:f0:0d:0f:e0:cf:d5:cf:ac:8b:6a:61:b5:13:
3c:41:5e:27:3e:99:8b:97:a7:7c:b0:6e:4a:06:b4:
c5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:31:A1:D3:44:16:57:22:B6:BA:BB:9B:37:E4:7D:63:E9:2D:0A:1A
X509v3 Authority Key Identifier:
keyid:8A:83:55:5C:AA:22:CE:9B:9B:16:83:50:3A:14:E3:CD:D8:36:E0:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ioNVXKoizpubFoNQOhTjzdg24Bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7b9cf8-2542-41c2-88c0-1f325473ce68/1/AzGh00QWVyK2urubN-R9Y-ktCho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7b9cf8-2542-41c2-88c0-1f325473ce68/1/ioNVXKoizpubFoNQOhTjzdg24Bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.244.0/22
178.212.120.0/21
Signature Algorithm: sha256WithRSAEncryption
d3:c1:a9:17:df:a7:43:51:0e:cf:be:93:d0:e0:22:8f:95:d6:
da:32:c4:5d:e7:cd:13:22:89:23:63:04:ee:c8:a6:7d:8f:8b:
6a:c6:ae:63:ed:bf:c7:34:da:3a:d2:5f:b3:20:40:89:46:5b:
6a:98:86:34:24:b5:b0:e2:d1:0b:cd:55:c8:ea:c4:86:5e:ec:
52:2c:b4:e2:81:42:30:ea:5f:98:bd:ce:15:69:a2:f9:64:ff:
80:b7:23:72:2d:93:81:e4:06:10:c2:99:76:52:e5:b9:09:37:
93:0a:b2:55:17:5d:1d:19:4e:96:f3:28:45:dc:da:d7:37:64:
34:e1:0c:a4:d9:77:2f:d2:f0:a3:b1:24:b1:14:5d:80:de:2b:
ea:8f:af:29:64:f0:85:ca:da:8b:ec:55:6b:db:ae:02:08:e4:
04:b2:36:4b:56:1b:6a:d3:a2:89:25:c7:22:40:49:7e:86:c4:
26:40:d6:dd:d7:ed:ce:5a:cd:30:0a:40:27:a3:52:1f:e1:85:
f0:50:de:c6:dc:b2:94:dc:dd:48:b2:6a:60:c8:83:68:be:26:
6d:56:04:8e:48:a4:ef:e8:d3:d1:ad:6f:df:ff:e3:dc:02:9e:
e6:fe:a8:7f:8d:5d:68:be:02:e4:a7:ab:e0:f4:1e:41:ba:06:
c0:7a:df:e1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYj3ZWLFSh+0LKzInP4Z96bRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhODM1NTVjYWEyMmNlOWI5YjE2ODM1MDNhMTRlM2NkZDgz
NmUwMWIwHhcNMjMwNjI2MTEwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzMxYTFkMzQ0MTY1NzIyYjZiYWJiOWIzN2U0N2Q2M2U5MmQwYTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53C8LxhmxZt2GaV5fOCG9mBvoQ8m
HmgZ8SHFQJRdHWxQFh9Dg70M0PVUX6+NjLEx7ITDgbVO5AdHSlbKVGXSqyXqrHr5
CFS0SeAz43SeMpFr+wpVwvzSlD+GMI4H6mbHMB2Dd3xdI6BRUlPkz+2/lfSS+ya0
y8QfEbHZlEW/I6r/zrlS38StY8tANgoEjScZ6vGWL7pOYSIhBukH+RMCS5Wk9/8V
XUD6lgPvDaiV7hlvsVZO2+DOcSOctR7hnU8K5kLGJaV3BXI4g9fVs4XGjoYSEwPJ
4054QxzVZ0ETCKnMfvAND+DP1c+si2phtRM8QV4nPpmLl6d8sG5KBrTFqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAMxodNEFlcitrq7mzfkfWPpLQoaMB8GA1UdIwQY
MBaAFIqDVVyqIs6bmxaDUDoU483YNuAbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW9OVlhLb2l6cHViRm9OUU9oVGp6ZGcyNEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83YjljZjgtMjU0Mi00MWMyLTg4YzAt
MWYzMjU0NzNjZTY4LzEvQXpHaDAwUVdWeUsydXJ1Yk4tUjlZLWt0Q2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy83YjljZjgtMjU0Mi00MWMyLTg4YzAtMWYzMjU0NzNjZTY4
LzEvaW9OVlhLb2l6cHViRm9OUU9oVGp6ZGcyNEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+/0AwQD
stR4MA0GCSqGSIb3DQEBCwUAA4IBAQDTwakX36dDUQ7PvpPQ4CKPldbaMsRd580T
IokjYwTuyKZ9j4tqxq5j7b/HNNo60l+zIECJRltqmIY0JLWw4tELzVXI6sSGXuxS
LLTigUIw6l+Yvc4VaaL5ZP+AtyNyLZOB5AYQwpl2UuW5CTeTCrJVF10dGU6W8yhF
3NrXN2Q04Qyk2Xcv0vCjsSSxFF2A3ivqj68pZPCFytqL7FVr264CCOQEsjZLVhtq
06KJJcciQEl+hsQmQNbd1+3OWs0wCkAno1If4YXwUN7G3LKU3N1IsmpgyINoviZt
VgSOSKTv6NPRrW/f/+PcAp7m/qh/jV1ovgLkp6vg9B5BugbAet/h
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:18 2024 by rpki-client on console-fra.rpki-client.org