Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/AAU8Jn6aqtLPvqj80LsSnTR98LE.roa
File: AAU8Jn6aqtLPvqj80LsSnTR98LE.roa (raw, json)
Hash identifier: w9mVzXN+0ZN393kOgRVS1fF6qRZwjFwyzIp82z4G+z8=
Subject key identifier: 00:05:3C:26:7E:9A:AA:D2:CF:BE:A8:FC:D0:BB:12:9D:34:7D:F0:B1
Certificate issuer: /CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Certificate serial: 018CC8DEF8E94BB2F60678D218A11E542320
Authority key identifier: 6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/AAU8Jn6aqtLPvqj80LsSnTR98LE.roa
Signing time: Tue 02 Jan 2024 06:31:45 +0000
ROA not before: Tue 02 Jan 2024 06:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.60.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f8:e9:4b:b2:f6:06:78:d2:18:a1:1e:54:23:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Validity
Not Before: Jan 2 06:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00053c267e9aaad2cfbea8fcd0bb129d347df0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:88:26:ef:72:53:05:d7:bc:56:7c:02:66:cf:
e1:18:f9:9c:a5:9a:22:a6:9b:e5:5e:d8:9a:91:34:
37:36:ca:be:40:6c:44:50:05:85:1b:98:a7:cd:8a:
a3:df:ec:53:39:e8:3d:87:db:5d:7b:d3:ca:d8:44:
e8:59:f7:a8:cd:74:d0:44:e3:3f:79:9a:4f:4e:1d:
02:92:fe:4e:8e:42:e3:b0:c2:58:03:c7:ef:8f:a6:
1c:a5:a7:91:93:11:39:4c:11:82:38:b8:bd:e6:32:
91:3f:ca:b2:e5:cc:11:a7:36:79:9b:a0:97:03:59:
7e:95:51:88:36:97:c9:95:64:ad:97:d8:26:28:d5:
9a:2c:23:13:b0:82:6c:5e:28:a8:dc:c7:40:1d:0d:
d6:c7:c9:d6:61:81:d7:c1:fd:0c:ad:ed:fc:92:ac:
f0:0b:b1:cd:12:c3:3c:51:c4:72:f6:5b:a2:2f:9c:
b7:8f:c8:37:da:f9:f3:58:e3:d4:85:13:07:1f:67:
d7:d0:3d:65:11:3a:31:2c:db:4e:8a:2b:8a:be:f1:
12:34:1b:73:d9:95:d9:f9:ae:21:77:29:0a:30:2b:
bb:e4:c5:79:53:7e:64:00:1c:3d:37:d1:99:01:99:
51:4a:3e:ea:57:e9:1c:b9:19:5e:f7:83:fa:5a:ca:
ca:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:05:3C:26:7E:9A:AA:D2:CF:BE:A8:FC:D0:BB:12:9D:34:7D:F0:B1
X509v3 Authority Key Identifier:
keyid:6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/AAU8Jn6aqtLPvqj80LsSnTR98LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:a4:73:7f:a0:f0:73:2e:e7:8e:67:9a:14:f8:59:66:e9:e3:
af:ab:ad:cd:9b:3a:71:d9:2a:07:08:57:87:93:6d:a5:ee:69:
57:56:10:66:45:95:11:2a:55:e3:3f:8a:27:a9:0d:e3:ae:24:
2d:ac:c7:34:7b:4d:8f:21:88:60:50:fb:b8:ff:a2:82:95:f5:
4b:48:cf:db:86:9d:09:77:2e:16:3e:c8:8c:03:f1:ff:43:3d:
aa:a8:ab:11:7b:03:b6:33:cc:db:76:37:8a:41:af:a2:73:cc:
0a:f7:9d:dc:25:2f:90:20:33:4e:1a:7a:0f:3d:fb:13:7e:31:
d8:f0:25:51:a8:9e:3e:da:b3:7f:ae:e5:0f:3e:79:49:f8:c4:
16:d0:8d:c5:d6:80:7a:02:07:e6:68:41:e2:72:4a:33:86:4c:
67:51:78:0d:6c:36:9c:02:aa:08:0e:8a:74:d6:a5:5c:9a:ce:
0b:07:99:83:95:52:c2:7c:c5:67:25:80:52:df:0d:b5:8f:f5:
56:20:96:18:6f:7c:df:d6:a4:8f:f8:c7:fe:53:dd:9c:48:09:
73:22:72:05:ab:81:9a:b8:10:ad:3b:a5:f3:72:52:60:e1:96:
fd:ee:01:ec:20:46:f9:06:32:fa:97:da:45:8d:f6:e1:7f:3d:
8f:2d:c3:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3vjpS7L2BnjSGKEeVCMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMzY2ZmRmY2FhMjBlODBlOGJmYzMzMGE0ZDhiMWJlN2Rl
NmExZDAwHhcNMjQwMTAyMDYzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA1M2MyNjdlOWFhYWQyY2ZiZWE4ZmNkMGJiMTI5ZDM0N2RmMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Ygm73JTBde8VnwCZs/hGPmcpZoi
ppvlXtiakTQ3Nsq+QGxEUAWFG5inzYqj3+xTOeg9h9tde9PK2EToWfeozXTQROM/
eZpPTh0Ckv5OjkLjsMJYA8fvj6YcpaeRkxE5TBGCOLi95jKRP8qy5cwRpzZ5m6CX
A1l+lVGINpfJlWStl9gmKNWaLCMTsIJsXiio3MdAHQ3Wx8nWYYHXwf0Mre38kqzw
C7HNEsM8UcRy9luiL5y3j8g32vnzWOPUhRMHH2fX0D1lEToxLNtOiiuKvvESNBtz
2ZXZ+a4hdykKMCu75MV5U35kABw9N9GZAZlRSj7qV+kcuRle94P6WsrKLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAAFPCZ+mqrSz76o/NC7Ep00ffCxMB8GA1UdIwQY
MBaAFGo2b9/Kog6A6L/DMKTYsb595qHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgt
MDU1NTljMWY1OTE1LzEvQUFVOEpuNmFxdExQdnFqODBMc1NuVFI5OExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgtMDU1NTljMWY1OTE1
LzEvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjz8MA0G
CSqGSIb3DQEBCwUAA4IBAQCipHN/oPBzLueOZ5oU+Flm6eOvq63Nmzpx2SoHCFeH
k22l7mlXVhBmRZURKlXjP4onqQ3jriQtrMc0e02PIYhgUPu4/6KClfVLSM/bhp0J
dy4WPsiMA/H/Qz2qqKsRewO2M8zbdjeKQa+ic8wK953cJS+QIDNOGnoPPfsTfjHY
8CVRqJ4+2rN/ruUPPnlJ+MQW0I3F1oB6AgfmaEHickozhkxnUXgNbDacAqoIDop0
1qVcms4LB5mDlVLCfMVnJYBS3w21j/VWIJYYb3zf1qSP+Mf+U92cSAlzInIFq4Ga
uBCtO6XzclJg4Zb97gHsIEb5BjL6l9pFjfbhfz2PLcO8
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:56 2025 by rpki-client