Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/AeCB_nyAdW94brYnX1IBRpvO5i0.roa
File: AeCB_nyAdW94brYnX1IBRpvO5i0.roa (raw, json)
Hash identifier: TJoVVCpCFhNDmkNFX2EDdkNjqHVbZ9PF2aQ+o5qaLJU=
Subject key identifier: 01:E0:81:FE:7C:80:75:6F:78:6E:B6:27:5F:52:01:46:9B:CE:E6:2D
Certificate issuer: /CN=bc663667973238b184d9eefd36bbf3810ba4b6d9
Certificate serial: 0185736841A8745D7061ABBC654F6DC01FD3
Authority key identifier: BC:66:36:67:97:32:38:B1:84:D9:EE:FD:36:BB:F3:81:0B:A4:B6:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGY2Z5cyOLGE2e79NrvzgQukttk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/AeCB_nyAdW94brYnX1IBRpvO5i0.roa
Signing time: Mon 02 Jan 2023 16:54:50 +0000
ROA not before: Mon 02 Jan 2023 16:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198608
IP address blocks: 5.57.48.0/21 maxlen: 21
185.168.244.0/22 maxlen: 22
2a01:4c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:41:a8:74:5d:70:61:ab:bc:65:4f:6d:c0:1f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc663667973238b184d9eefd36bbf3810ba4b6d9
Validity
Not Before: Jan 2 16:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01e081fe7c80756f786eb6275f5201469bcee62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0a:46:53:f2:ed:39:4c:f2:dc:70:13:62:27:
05:53:9d:1b:f4:72:62:27:51:39:f0:3c:fb:91:11:
ee:e9:36:28:d5:0b:29:c5:9d:76:24:3c:cd:bb:4b:
1c:88:b5:24:d4:34:1a:bf:50:49:a2:91:83:cf:bc:
ad:50:36:5b:f1:32:60:56:d7:89:ea:bc:bb:04:94:
71:05:ad:f2:34:e5:d9:a8:95:fb:ed:ad:a5:cd:9d:
46:37:f2:9b:39:47:48:31:08:fc:6a:02:d2:be:68:
5b:43:3b:e3:8f:ae:52:f8:79:28:f1:50:b9:f8:2e:
18:ae:ff:b3:f3:15:77:42:10:78:48:2c:a8:d9:31:
86:fd:86:76:f1:f4:ca:d3:9a:11:f0:41:ba:ec:ae:
99:11:48:da:21:c0:7e:a1:87:97:68:b7:0f:da:b7:
6c:ec:d7:8d:e4:23:fb:9c:80:af:1c:14:3b:64:bd:
f8:4c:ee:e5:99:9a:bc:a5:48:04:aa:de:61:b9:14:
03:87:f7:99:68:a8:52:8c:66:e5:98:8d:3b:c6:71:
0c:58:7f:ba:77:46:c8:d8:9a:4a:03:3b:cd:22:c5:
3c:00:76:c0:e6:cc:53:95:e9:0c:b1:3a:18:5f:6b:
d2:9d:66:5f:8c:c3:06:85:24:1d:6e:4f:e0:fb:aa:
cb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E0:81:FE:7C:80:75:6F:78:6E:B6:27:5F:52:01:46:9B:CE:E6:2D
X509v3 Authority Key Identifier:
keyid:BC:66:36:67:97:32:38:B1:84:D9:EE:FD:36:BB:F3:81:0B:A4:B6:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGY2Z5cyOLGE2e79NrvzgQukttk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/AeCB_nyAdW94brYnX1IBRpvO5i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/0b951a-8e6c-4445-9c2d-9f00c72620f6/1/vGY2Z5cyOLGE2e79NrvzgQukttk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.48.0/21
185.168.244.0/22
IPv6:
2a01:4c40::/32
Signature Algorithm: sha256WithRSAEncryption
24:c7:e6:37:c4:ab:f6:c2:f2:31:c6:09:d4:c1:1d:49:27:6b:
91:39:9c:50:f0:2d:c7:96:69:25:7a:6f:ab:2f:ba:98:1a:18:
80:db:75:77:6a:75:cf:bf:a6:5f:35:7d:2c:bc:50:b3:d6:3f:
07:aa:71:a3:78:fa:e2:06:4e:a1:8f:a9:d6:34:23:04:e8:dd:
55:68:f7:0e:3c:e4:d1:99:ca:bc:f0:4f:7d:e3:9d:f9:0f:3c:
d8:24:07:16:6d:5e:5f:53:82:e1:9a:a5:d8:f1:4a:f9:f4:d4:
3c:3b:1a:ff:8a:f4:89:92:46:af:fd:0d:9c:fb:fe:b1:a7:40:
56:01:48:61:ad:7c:36:6f:8f:70:1b:36:85:e1:62:40:80:c7:
d8:76:c1:8f:da:48:ae:54:46:27:9a:30:41:82:03:69:95:c5:
cb:43:43:f8:bf:1d:43:fe:03:be:75:25:f8:49:6c:c8:68:26:
39:47:91:e5:5b:19:d3:3a:c4:0a:06:7d:7f:be:da:77:8d:eb:
d4:79:6f:1c:bb:34:a8:8c:1b:86:78:b0:0c:c7:24:0e:32:ec:
31:25:bc:43:8f:e3:1e:7c:0c:3c:53:a7:23:f2:da:bf:1b:c8:
d5:b0:fb:63:4a:f4:4e:e2:57:05:bd:ff:0e:ed:7a:a3:10:e0:
04:b3:f6:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzaEGodF1wYau8ZU9twB/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjYzNjY3OTczMjM4YjE4NGQ5ZWVmZDM2YmJmMzgxMGJh
NGI2ZDkwHhcNMjMwMTAyMTY1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWUwODFmZTdjODA3NTZmNzg2ZWI2Mjc1ZjUyMDE0NjliY2VlNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkApGU/LtOUzy3HATYicFU50b9HJi
J1E58Dz7kRHu6TYo1QspxZ12JDzNu0sciLUk1DQav1BJopGDz7ytUDZb8TJgVteJ
6ry7BJRxBa3yNOXZqJX77a2lzZ1GN/KbOUdIMQj8agLSvmhbQzvjj65S+Hko8VC5
+C4Yrv+z8xV3QhB4SCyo2TGG/YZ28fTK05oR8EG67K6ZEUjaIcB+oYeXaLcP2rds
7NeN5CP7nICvHBQ7ZL34TO7lmZq8pUgEqt5huRQDh/eZaKhSjGblmI07xnEMWH+6
d0bI2JpKAzvNIsU8AHbA5sxTlekMsToYX2vSnWZfjMMGhSQdbk/g+6rLuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAHggf58gHVveG62J19SAUabzuYtMB8GA1UdIwQY
MBaAFLxmNmeXMjixhNnu/Ta784ELpLbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdZMlo1Y3lPTEdFMmU3OU5ydnpnUXVrdHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8wYjk1MWEtOGU2Yy00NDQ1LTljMmQt
OWYwMGM3MjYyMGY2LzEvQWVDQl9ueUFkVzk0YnJZblgxSUJScHZPNWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8wYjk1MWEtOGU2Yy00NDQ1LTljMmQtOWYwMGM3MjYyMGY2
LzEvdkdZMlo1Y3lPTEdFMmU3OU5ydnpnUXVrdHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTkwAwQC
uaj0MA0EAgACMAcDBQAqAUxAMA0GCSqGSIb3DQEBCwUAA4IBAQAkx+Y3xKv2wvIx
xgnUwR1JJ2uROZxQ8C3Hlmklem+rL7qYGhiA23V3anXPv6ZfNX0svFCz1j8HqnGj
ePriBk6hj6nWNCME6N1VaPcOPOTRmcq88E994535DzzYJAcWbV5fU4LhmqXY8Ur5
9NQ8Oxr/ivSJkkav/Q2c+/6xp0BWAUhhrXw2b49wGzaF4WJAgMfYdsGP2kiuVEYn
mjBBggNplcXLQ0P4vx1D/gO+dSX4SWzIaCY5R5HlWxnTOsQKBn1/vtp3jevUeW8c
uzSojBuGeLAMxyQOMuwxJbxDj+MefAw8U6cj8tq/G8jVsPtjSvRO4lcFvf8O7Xqj
EOAEs/bB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:42 2024 by rpki-client on console-fra.rpki-client.org