Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/Aaf4z54sBTS81rYOR-2mHfLbZ3w.roa
File: Aaf4z54sBTS81rYOR-2mHfLbZ3w.roa (raw, json)
Hash identifier: M45bP4/S5wynPOk+tZLBNfHJdriwJkB8MKKXly+Hn/o=
Subject key identifier: 01:A7:F8:CF:9E:2C:05:34:BC:D6:B6:0E:47:ED:A6:1D:F2:DB:67:7C
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 019291561936C09B8A5A95E01FC084896E22
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/Aaf4z54sBTS81rYOR-2mHfLbZ3w.roa
Signing time: Tue 15 Oct 2024 17:59:51 +0000
ROA not before: Tue 15 Oct 2024 17:59:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 146.247.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:56:19:36:c0:9b:8a:5a:95:e0:1f:c0:84:89:6e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Oct 15 17:59:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01a7f8cf9e2c0534bcd6b60e47eda61df2db677c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:6e:58:a1:d3:23:15:66:19:78:17:3f:f0:
d3:2a:86:e8:02:2c:9c:cf:eb:69:65:a4:82:85:c2:
c6:4b:59:2e:c6:56:d2:08:54:ab:0b:2d:d6:4c:33:
aa:4c:58:3b:ae:64:a8:50:4e:19:90:c3:5e:2e:28:
d1:fc:ce:20:9b:21:4d:61:15:5f:f7:92:47:df:05:
ba:d4:88:19:ec:57:34:7f:d4:c5:69:d0:19:e1:88:
33:77:25:cc:61:82:c5:99:c3:a4:4f:00:ea:f9:83:
33:66:d9:71:5e:a5:c9:b0:7c:68:e5:e6:e8:56:8c:
d8:6f:ce:3d:f5:89:d8:87:89:38:87:a8:f8:19:6b:
0e:90:f1:75:01:a4:ef:1b:4e:33:93:ba:94:0a:61:
a0:ee:52:6c:cc:52:1c:9f:27:ee:e8:ba:51:1b:e1:
48:79:6f:c0:e8:8c:88:3d:f4:e0:51:a2:64:39:3d:
36:a2:45:e1:88:1e:c2:d5:b5:a0:01:b5:a6:c0:6c:
64:59:91:9e:75:83:23:a5:2a:cb:fc:9c:db:21:2a:
96:b7:02:a1:e3:83:45:8d:b0:58:e3:fe:ae:69:b3:
95:15:22:13:cc:96:59:f8:d8:06:b1:03:bc:ba:88:
ab:33:91:f5:c2:19:44:28:53:57:f8:aa:96:8c:5b:
f2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A7:F8:CF:9E:2C:05:34:BC:D6:B6:0E:47:ED:A6:1D:F2:DB:67:7C
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/Aaf4z54sBTS81rYOR-2mHfLbZ3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.127.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:52:36:8a:45:69:30:5c:c0:df:67:97:d3:2a:50:44:0c:f6:
2f:a5:1b:d4:81:15:85:65:f0:0b:9d:f9:ff:f6:86:f4:7e:16:
60:a1:5e:00:ad:fb:7a:41:ed:43:60:1e:8d:42:8f:c7:31:b0:
47:95:f3:31:1e:8c:4f:cf:53:43:0d:16:25:71:3a:05:2e:f1:
40:62:db:0d:ec:d1:0b:d2:ca:6d:ec:cb:25:68:6c:7c:81:f8:
d4:64:42:96:c1:b9:55:40:b5:a2:87:f4:b4:8b:19:2f:39:f4:
13:5d:a1:49:c9:45:30:66:be:8a:71:af:6a:98:d6:35:5e:8b:
c5:03:e2:51:50:27:92:c0:f3:58:43:5e:0f:20:93:bb:ea:59:
f2:de:41:3d:58:c2:bc:94:fc:2b:ea:4b:d5:69:91:bc:39:6b:
26:57:cf:c0:93:c3:8d:41:a7:52:03:dc:73:a9:21:58:1e:67:
e9:c1:cf:8c:cf:29:c5:6e:79:94:ed:1a:be:27:68:4b:59:56:
8c:3c:c5:3e:36:c1:5f:99:a1:dc:f0:84:8e:7f:70:20:bd:9d:
6f:33:35:68:0f:ef:c1:04:1a:c9:8d:fe:65:2b:73:b7:03:57:
22:a1:32:a5:00:be:af:1c:76:bc:d5:ef:d2:ca:e6:88:8c:95:
5d:37:2e:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKRVhk2wJuKWpXgH8CEiW4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjQxMDE1MTc1OTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE3ZjhjZjllMmMwNTM0YmNkNmI2MGU0N2VkYTYxZGYyZGI2NzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpVuWKHTIxVmGXgXP/DTKoboAiyc
z+tpZaSChcLGS1kuxlbSCFSrCy3WTDOqTFg7rmSoUE4ZkMNeLijR/M4gmyFNYRVf
95JH3wW61IgZ7Fc0f9TFadAZ4YgzdyXMYYLFmcOkTwDq+YMzZtlxXqXJsHxo5ebo
VozYb8499YnYh4k4h6j4GWsOkPF1AaTvG04zk7qUCmGg7lJszFIcnyfu6LpRG+FI
eW/A6IyIPfTgUaJkOT02okXhiB7C1bWgAbWmwGxkWZGedYMjpSrL/JzbISqWtwKh
44NFjbBY4/6uabOVFSITzJZZ+NgGsQO8uoirM5H1whlEKFNX+KqWjFvyuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGn+M+eLAU0vNa2Dkftph3y22d8MB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvQWFmNHo1NHNCVFM4MXJZT1ItMm1IZkxiWjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkvd/MA0G
CSqGSIb3DQEBCwUAA4IBAQCiUjaKRWkwXMDfZ5fTKlBEDPYvpRvUgRWFZfALnfn/
9ob0fhZgoV4Arft6Qe1DYB6NQo/HMbBHlfMxHoxPz1NDDRYlcToFLvFAYtsN7NEL
0spt7MslaGx8gfjUZEKWwblVQLWih/S0ixkvOfQTXaFJyUUwZr6Kca9qmNY1XovF
A+JRUCeSwPNYQ14PIJO76lny3kE9WMK8lPwr6kvVaZG8OWsmV8/Ak8ONQadSA9xz
qSFYHmfpwc+MzynFbnmU7Rq+J2hLWVaMPMU+NsFfmaHc8ISOf3AgvZ1vMzVoD+/B
BBrJjf5lK3O3A1cioTKlAL6vHHa81e/SyuaIjJVdNy5H
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:27 2025 by rpki-client