Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/AImApafIFn01obvU-zSrmjfHymU.roa
File: AImApafIFn01obvU-zSrmjfHymU.roa (raw, json)
Hash identifier: /0j+ipt7BWJ3l7SjCMrEXbY/HdV2Ba+n1Vuo1P50RGE=
Subject key identifier: 00:89:80:A5:A7:C8:16:7D:35:A1:BB:D4:FB:34:AB:9A:37:C7:CA:65
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018CC793F0CB5D6F51FA99069AD6928657B4
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/AImApafIFn01obvU-zSrmjfHymU.roa
Signing time: Tue 02 Jan 2024 00:30:10 +0000
ROA not before: Tue 02 Jan 2024 00:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31549
IP address blocks: 85.133.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 10:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:f0:cb:5d:6f:51:fa:99:06:9a:d6:92:86:57:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 2 00:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=008980a5a7c8167d35a1bbd4fb34ab9a37c7ca65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:21:c6:fa:24:c9:df:6f:58:29:40:62:e5:15:
70:7f:0f:84:4b:28:78:19:0a:60:4f:29:16:dd:f7:
17:23:9a:b7:e1:f5:05:36:5d:84:da:b9:08:34:06:
27:aa:65:aa:e6:62:f1:b0:f6:4c:a2:96:9e:11:ad:
a3:56:ca:c5:26:c2:30:07:ad:12:28:8f:08:f3:bb:
0b:4d:22:17:2a:d9:a5:6c:28:a8:41:f0:76:5b:4e:
9f:9d:5f:1c:d2:bb:84:7f:3f:7f:21:e5:44:31:bd:
11:3a:11:24:eb:47:4a:01:ef:5b:96:e4:47:24:00:
26:34:fa:cf:b2:28:d8:9c:30:6e:d6:ac:b6:88:e3:
c4:ba:bd:a8:fb:60:55:9d:a0:e5:dc:76:1a:c2:50:
4f:98:8a:c6:91:f5:af:3d:c2:ce:ff:94:92:95:a4:
0f:a2:cb:68:4e:16:94:fa:b5:51:bb:02:1e:5f:09:
9a:7c:17:55:56:bd:48:01:86:1a:b8:1c:5c:61:e7:
9d:14:f7:6b:75:d9:7e:d0:d6:cb:4f:3e:64:95:2f:
73:ae:27:c9:25:9d:c6:91:0f:68:72:9f:1e:bf:09:
b5:5f:17:8e:47:c6:6a:94:74:c1:43:c1:44:fb:1b:
45:14:81:69:60:4f:02:74:bc:b7:83:66:10:ca:e1:
41:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:89:80:A5:A7:C8:16:7D:35:A1:BB:D4:FB:34:AB:9A:37:C7:CA:65
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/AImApafIFn01obvU-zSrmjfHymU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.151.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:94:be:a3:f6:20:20:34:53:ed:b0:25:eb:33:a0:6f:7e:e0:
04:39:e4:66:1a:4e:45:d3:b6:55:c5:48:40:3f:b3:d8:1b:df:
ac:51:3c:73:ac:da:e3:56:fb:8c:91:15:b5:78:bc:5d:a1:4e:
3d:dc:23:f6:a4:6e:de:4f:7f:bd:49:5f:1a:14:5a:4b:ca:8c:
4d:b4:01:d9:3f:49:e9:a4:e0:20:b2:3d:e7:5c:6d:4b:5e:f3:
2b:76:65:8b:e9:fb:12:5d:e7:eb:ef:63:6d:03:a0:6a:a7:96:
ed:04:ba:9c:da:57:ac:38:65:60:5a:e2:26:34:1d:38:6a:19:
a9:ad:26:64:4d:cb:9d:09:49:0f:5d:93:46:94:21:55:87:b7:
70:1c:21:70:04:b2:fe:5f:18:32:4d:da:1e:87:a3:02:48:c4:
1e:4c:4b:16:71:9a:68:4b:09:68:ff:bd:69:44:83:58:ff:c3:
54:1d:21:05:81:ef:cf:d0:0b:b2:b9:98:c5:d0:71:36:ff:62:
da:6e:8f:47:d0:da:cf:e6:96:5d:1e:8e:45:58:4b:6e:fa:3b:
21:14:9f:15:d4:fc:f2:5d:e8:64:a0:ef:0b:b3:1c:5a:71:5a:
97:d8:19:71:bd:17:3d:42:94:22:d8:f0:64:d4:c8:2c:c2:b1:
3f:0d:49:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk/DLXW9R+pkGmtaShle0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjQwMTAyMDAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDg5ODBhNWE3YzgxNjdkMzVhMWJiZDRmYjM0YWI5YTM3YzdjYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyHG+iTJ329YKUBi5RVwfw+ESyh4
GQpgTykW3fcXI5q34fUFNl2E2rkINAYnqmWq5mLxsPZMopaeEa2jVsrFJsIwB60S
KI8I87sLTSIXKtmlbCioQfB2W06fnV8c0ruEfz9/IeVEMb0ROhEk60dKAe9bluRH
JAAmNPrPsijYnDBu1qy2iOPEur2o+2BVnaDl3HYawlBPmIrGkfWvPcLO/5SSlaQP
ostoThaU+rVRuwIeXwmafBdVVr1IAYYauBxcYeedFPdrddl+0NbLTz5klS9zrifJ
JZ3GkQ9ocp8evwm1XxeOR8ZqlHTBQ8FE+xtFFIFpYE8CdLy3g2YQyuFBywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACJgKWnyBZ9NaG71Ps0q5o3x8plMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQUltQXBhZklGbjAxb2J2VS16U3JtamZIeW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWXMA0G
CSqGSIb3DQEBCwUAA4IBAQBvlL6j9iAgNFPtsCXrM6BvfuAEOeRmGk5F07ZVxUhA
P7PYG9+sUTxzrNrjVvuMkRW1eLxdoU493CP2pG7eT3+9SV8aFFpLyoxNtAHZP0np
pOAgsj3nXG1LXvMrdmWL6fsSXefr72NtA6Bqp5btBLqc2lesOGVgWuImNB04ahmp
rSZkTcudCUkPXZNGlCFVh7dwHCFwBLL+XxgyTdoeh6MCSMQeTEsWcZpoSwlo/71p
RINY/8NUHSEFge/P0AuyuZjF0HE2/2Labo9H0NrP5pZdHo5FWEtu+jshFJ8V1Pzy
XehkoO8LsxxacVqX2BlxvRc9QpQi2PBk1MgswrE/DUmc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org