Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/0KAUWVTkA5Pg8hBulhXBCtA7oaw.roa
File: 0KAUWVTkA5Pg8hBulhXBCtA7oaw.roa (raw, json)
Hash identifier: ZxKxXJ3wls8ykfeQAsq908+fkkHmpEK9Vtf3QmPHy2M=
Subject key identifier: D0:A0:14:59:54:E4:03:93:E0:F2:10:6E:96:15:C1:0A:D0:3B:A1:AC
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 018CC3B6A694F1E09A09730FE2FB1785E0EF
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/0KAUWVTkA5Pg8hBulhXBCtA7oaw.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51273
IP address blocks: 81.163.212.0/24 maxlen: 24
81.163.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Aug 2024 16:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a6:94:f1:e0:9a:09:73:0f:e2:fb:17:85:e0:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0a0145954e40393e0f2106e9615c10ad03ba1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ac:95:47:29:74:dc:65:4b:e7:fd:24:a1:2e:
02:d5:29:47:b1:95:18:e0:d8:f2:2b:c5:78:13:8d:
f8:32:d5:a0:9d:34:af:3e:2f:2d:57:8d:3e:05:12:
24:30:d7:2d:e8:6a:41:ae:aa:40:d1:fb:4c:d2:f7:
68:bf:61:7a:34:c0:f6:08:97:5e:46:2c:74:07:32:
2b:4e:13:7b:60:15:8c:67:2d:b7:16:f1:64:ee:19:
b8:70:56:67:c2:de:c1:bd:60:54:f6:b6:61:42:2b:
70:d4:5f:dc:75:4e:e3:22:ee:a1:8b:61:66:a3:12:
67:8c:fa:fa:c4:e6:df:b7:52:d0:58:a7:86:6d:2e:
1e:e0:5a:ee:ec:50:38:a2:9c:85:d4:86:c7:53:06:
1f:a5:7a:f2:7a:ef:2e:ea:2e:f0:82:95:ca:c5:97:
58:64:2e:fe:6d:b2:99:b2:48:a6:d4:ed:c8:09:6b:
36:05:78:5e:f4:aa:31:a2:f6:db:93:2d:d4:99:98:
bf:64:ee:84:0b:66:41:02:6f:02:37:8b:5c:03:bb:
d0:75:f9:f5:1b:87:d5:95:73:14:23:14:9e:24:09:
e2:09:90:59:1c:4d:81:1a:9c:91:bf:93:75:19:c8:
fd:9e:db:f6:7f:a3:89:63:76:63:e7:9d:5d:e0:65:
5f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A0:14:59:54:E4:03:93:E0:F2:10:6E:96:15:C1:0A:D0:3B:A1:AC
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/0KAUWVTkA5Pg8hBulhXBCtA7oaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.211.0-81.163.212.255
Signature Algorithm: sha256WithRSAEncryption
9c:59:e3:60:1b:ab:d3:40:6f:83:ce:36:11:7d:0b:c4:40:88:
00:f5:2f:14:cc:20:f6:ff:c7:21:ad:e3:ba:ae:8a:5c:db:32:
de:98:fe:b9:25:78:7e:30:92:aa:9c:c0:f9:da:f9:13:d3:ef:
6c:ec:50:b7:a1:d9:6f:f5:6e:5d:37:cb:e3:22:ad:6e:59:2c:
90:b0:32:b4:8c:81:47:d3:12:a1:82:54:d8:75:49:a5:f8:6e:
8b:d7:0f:b8:91:2e:14:c0:9b:8d:7c:62:c5:48:eb:f6:86:94:
b1:34:23:a5:97:d9:3e:7e:f6:92:37:9a:ad:e0:8d:32:55:ca:
0d:3c:d2:9c:ef:96:58:d0:73:8f:7f:f2:2d:6a:1a:11:6c:34:
23:8e:47:cb:1f:27:f6:97:3e:cf:74:a8:35:10:19:ff:0b:4d:
8a:d6:06:a5:bd:1b:6f:91:d7:fb:fc:5f:70:5c:52:4c:2d:30:
c4:55:e2:88:d6:6c:6b:ab:ab:cc:30:b4:ed:b1:13:7e:ee:c4:
12:2b:dc:e4:89:5d:ba:09:a0:54:cb:07:12:62:2e:71:a9:89:
c5:7f:13:09:41:9b:bb:78:ae:93:9c:0c:e4:44:cd:15:3e:73:
b3:e4:b3:52:46:3f:7c:11:46:d3:81:62:8a:a0:d1:43:91:31:
0a:65:11:e3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtqaU8eCaCXMP4vsXheDvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGEwMTQ1OTU0ZTQwMzkzZTBmMjEwNmU5NjE1YzEwYWQwM2JhMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6yVRyl03GVL5/0koS4C1SlHsZUY
4NjyK8V4E434MtWgnTSvPi8tV40+BRIkMNct6GpBrqpA0ftM0vdov2F6NMD2CJde
Rix0BzIrThN7YBWMZy23FvFk7hm4cFZnwt7BvWBU9rZhQitw1F/cdU7jIu6hi2Fm
oxJnjPr6xObft1LQWKeGbS4e4Fru7FA4opyF1IbHUwYfpXryeu8u6i7wgpXKxZdY
ZC7+bbKZskim1O3ICWs2BXhe9Koxovbbky3UmZi/ZO6EC2ZBAm8CN4tcA7vQdfn1
G4fVlXMUIxSeJAniCZBZHE2BGpyRv5N1Gcj9ntv2f6OJY3Zj551d4GVfywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNCgFFlU5AOT4PIQbpYVwQrQO6GsMB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvMEtBVVdWVGtBNVBnOGhCdWxoWEJDdEE3b2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTctODA5NWYzMjk3MTc5
LzEvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABRo9MD
BABRo9QwDQYJKoZIhvcNAQELBQADggEBAJxZ42Abq9NAb4PONhF9C8RAiAD1LxTM
IPb/xyGt47quilzbMt6Y/rkleH4wkqqcwPna+RPT72zsULeh2W/1bl03y+MirW5Z
LJCwMrSMgUfTEqGCVNh1SaX4bovXD7iRLhTAm418YsVI6/aGlLE0I6WX2T5+9pI3
mq3gjTJVyg080pzvlljQc49/8i1qGhFsNCOOR8sfJ/aXPs90qDUQGf8LTYrWBqW9
G2+R1/v8X3BcUkwtMMRV4ojWbGurq8wwtO2xE37uxBIr3OSJXboJoFTLBxJiLnGp
icV/EwlBm7t4rpOcDOREzRU+c7Pks1JGP3wRRtOBYoqg0UORMQplEeM=
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:45:54 2025 by rpki-client