Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/afnB1w8e5A88VargZI6ZidnD_Lo.roa
File: afnB1w8e5A88VargZI6ZidnD_Lo.roa (raw, json)
Hash identifier: AlqzAskQKxEdVPX68O6O8K8RSqAdzouOOg1pSuwOgq4=
Subject key identifier: 69:F9:C1:D7:0F:1E:E4:0F:3C:55:AA:E0:64:8E:99:89:D9:C3:FC:BA
Certificate issuer: /CN=2cb035707202d4013a4479be5112d7fa227b7275
Certificate serial: 01856B77A98B9069118B4DA5BD7BEE35BC0F
Authority key identifier: 2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/afnB1w8e5A88VargZI6ZidnD_Lo.roa
Signing time: Sun 01 Jan 2023 03:54:42 +0000
ROA not before: Sun 01 Jan 2023 03:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200020
IP address blocks: 194.62.131.0/24 maxlen: 24
194.62.129.0/24 maxlen: 24
2a0d:8c40::/29 maxlen: 29
2001:67c:608::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:77:a9:8b:90:69:11:8b:4d:a5:bd:7b:ee:35:bc:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cb035707202d4013a4479be5112d7fa227b7275
Validity
Not Before: Jan 1 03:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69f9c1d70f1ee40f3c55aae0648e9989d9c3fcba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e1:db:ad:72:fa:ad:6b:db:b5:96:44:47:8e:
d0:82:87:2a:41:d5:6e:d3:65:a9:e0:16:8e:a6:6a:
79:44:fc:63:b1:cc:f8:c2:53:38:a9:6e:0b:39:6b:
91:41:ad:ba:94:62:09:b3:83:35:1d:d0:d8:9b:9d:
2a:f5:6d:5a:92:bb:4b:52:f6:7b:92:3d:ad:b3:47:
4f:f7:8c:2f:37:26:b0:ac:c5:24:d6:36:28:96:15:
92:79:09:76:a3:92:f8:97:e3:cc:80:08:61:28:83:
43:fb:80:a5:a7:1f:29:be:55:6e:c9:42:23:f4:50:
e5:6f:0c:10:39:cd:00:fd:a0:77:3a:9e:f6:7a:fc:
2a:83:cf:62:5b:83:1b:16:37:10:d2:65:b8:8c:26:
f1:da:bb:93:13:89:6b:d7:ba:15:94:57:36:c3:ba:
2f:2f:8d:4b:26:42:67:6e:02:1c:b4:c6:fe:63:35:
eb:87:a3:df:3e:8a:b9:c5:3b:61:85:8a:fa:12:3f:
e6:7d:dd:78:a1:7a:9a:c3:e0:96:07:0c:ff:b1:28:
d5:16:32:e4:3b:15:ba:e8:7f:10:0d:d0:92:3a:03:
c8:d2:ec:7a:32:f2:c7:29:90:3e:fb:45:7c:65:56:
5a:09:7e:b8:f3:7e:f6:85:65:2d:94:50:84:63:dc:
ed:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F9:C1:D7:0F:1E:E4:0F:3C:55:AA:E0:64:8E:99:89:D9:C3:FC:BA
X509v3 Authority Key Identifier:
keyid:2C:B0:35:70:72:02:D4:01:3A:44:79:BE:51:12:D7:FA:22:7B:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LLA1cHIC1AE6RHm-URLX-iJ7cnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/afnB1w8e5A88VargZI6ZidnD_Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8c1323-afcc-4b44-9881-06308a44856d/1/LLA1cHIC1AE6RHm-URLX-iJ7cnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.129.0/24
194.62.131.0/24
IPv6:
2001:67c:608::/48
2a0d:8c40::/29
Signature Algorithm: sha256WithRSAEncryption
6e:ed:38:bc:d5:51:12:fa:b0:85:d3:d9:dc:2c:a8:9f:80:05:
ca:91:ce:6d:92:f0:25:b7:45:be:85:ab:2d:e9:1b:b5:68:e8:
b7:ea:b5:d6:1f:2e:16:c5:86:81:14:44:68:f9:d5:be:af:4b:
04:f4:80:75:8e:59:98:c1:21:0e:aa:32:73:84:6a:ed:eb:9c:
00:2f:a3:72:99:9c:1b:ee:01:6a:f0:23:06:72:1b:0f:46:d1:
54:40:4c:5f:64:d8:8f:35:74:47:58:99:44:96:f3:af:00:b8:
aa:88:10:dc:78:9e:63:b0:45:e0:5f:a1:94:43:10:26:5d:a9:
c7:97:62:04:b6:d0:ce:4d:7b:b7:f1:77:ff:6d:a3:ad:0d:c7:
01:96:ef:56:4a:45:1a:48:57:3d:b0:30:d3:65:7c:3c:3e:26:
4f:15:a6:55:b5:66:76:94:ad:b6:62:a2:e5:02:ac:8e:0b:49:
ea:b5:27:32:0a:99:1b:8f:50:18:12:91:c2:35:ea:7d:8f:2d:
23:a3:dc:ee:a0:9a:8f:8c:24:53:5e:d8:40:d5:b8:20:e4:de:
dd:99:2a:77:76:36:06:1a:e4:21:60:31:78:06:bc:e6:a5:0a:
87:94:2c:0f:36:a0:66:ce:4b:9b:d1:5e:02:af:55:ed:5c:03:
e0:7b:3d:e3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVrd6mLkGkRi02lvXvuNbwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjYjAzNTcwNzIwMmQ0MDEzYTQ0NzliZTUxMTJkN2ZhMjI3
YjcyNzUwHhcNMjMwMTAxMDM1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY5YzFkNzBmMWVlNDBmM2M1NWFhZTA2NDhlOTk4OWQ5YzNmY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteHbrXL6rWvbtZZER47QgocqQdVu
02Wp4BaOpmp5RPxjscz4wlM4qW4LOWuRQa26lGIJs4M1HdDYm50q9W1akrtLUvZ7
kj2ts0dP94wvNyawrMUk1jYolhWSeQl2o5L4l+PMgAhhKIND+4Clpx8pvlVuyUIj
9FDlbwwQOc0A/aB3Op72evwqg89iW4MbFjcQ0mW4jCbx2ruTE4lr17oVlFc2w7ov
L41LJkJnbgIctMb+YzXrh6PfPoq5xTthhYr6Ej/mfd14oXqaw+CWBwz/sSjVFjLk
OxW66H8QDdCSOgPI0ux6MvLHKZA++0V8ZVZaCX648372hWUtlFCEY9zt2QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGn5wdcPHuQPPFWq4GSOmYnZw/y6MB8GA1UdIwQY
MBaAFCywNXByAtQBOkR5vlES1/oie3J1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEt
MDYzMDhhNDQ4NTZkLzEvYWZuQjF3OGU1QTg4VmFyZ1pJNlppZG5EX0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YzEzMjMtYWZjYy00YjQ0LTk4ODEtMDYzMDhhNDQ4NTZk
LzEvTExBMWNISUMxQUU2UkhtLVVSTFgtaUo3Y25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwj6BAwQA
wj6DMBYEAgACMBADBwAgAQZ8BggDBQMqDYxAMA0GCSqGSIb3DQEBCwUAA4IBAQBu
7Ti81VES+rCF09ncLKifgAXKkc5tkvAlt0W+hast6Ru1aOi36rXWHy4WxYaBFERo
+dW+r0sE9IB1jlmYwSEOqjJzhGrt65wAL6NymZwb7gFq8CMGchsPRtFUQExfZNiP
NXRHWJlElvOvALiqiBDceJ5jsEXgX6GUQxAmXanHl2IEttDOTXu38Xf/baOtDccB
lu9WSkUaSFc9sDDTZXw8PiZPFaZVtWZ2lK22YqLlAqyOC0nqtScyCpkbj1AYEpHC
Nep9jy0jo9zuoJqPjCRTXthA1bgg5N7dmSp3djYGGuQhYDF4BrzmpQqHlCwPNqBm
zkub0V4Cr1XtXAPgez3j
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:11 2024 by rpki-client on console-ams.rpki-client.org