Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/AcKgJCZQNEmrEn_WdyjaCpLIcn8.roa
File: AcKgJCZQNEmrEn_WdyjaCpLIcn8.roa (raw, json)
Hash identifier: OK5iNUuQ4GXIZljjtC8GTi2PPz2PPH/wlh35v5aO3ss=
Subject key identifier: 01:C2:A0:24:26:50:34:49:AB:12:7F:D6:77:28:DA:0A:92:C8:72:7F
Certificate issuer: /CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Certificate serial: 018CC3B6A62E3BD13405AFE15C4D118AB695
Authority key identifier: AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/AcKgJCZQNEmrEn_WdyjaCpLIcn8.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42905
IP address blocks: 81.163.218.0/24 maxlen: 24
81.163.216.0/21 maxlen: 21
81.163.219.0/24 maxlen: 24
81.163.216.0/22 maxlen: 22
81.163.216.0/24 maxlen: 24
81.163.217.0/24 maxlen: 24
81.163.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 08:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a6:2e:3b:d1:34:05:af:e1:5c:4d:11:8a:b6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afb4e04a0ed344112c1853cab09f52e1cd9abaf2
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01c2a02426503449ab127fd67728da0a92c8727f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ff:4c:fd:b8:f9:5c:49:3c:63:f4:09:30:09:
e6:8b:43:71:0c:91:a3:cc:bc:bc:24:f1:00:9d:6e:
31:f8:7b:1f:98:00:df:1d:64:8b:22:5b:6c:07:5a:
e5:03:15:28:98:9f:05:dd:ed:52:16:f9:98:3f:14:
5b:52:46:11:79:46:0f:b0:61:83:2e:35:bc:15:d1:
52:f2:7e:f0:c0:29:20:53:3a:b3:d6:cc:ea:4b:25:
6f:c5:5e:d2:86:9d:2a:1d:90:97:34:36:d8:f4:a3:
df:01:6d:07:9a:0f:5e:6b:cc:0b:6f:84:87:df:ea:
c6:ca:dd:ff:48:ac:7e:7c:93:78:37:e9:be:59:e4:
a1:0b:16:03:69:8a:58:98:d0:dc:c1:7c:b9:77:3e:
7d:c8:59:d1:1b:1f:62:fd:11:d3:16:6e:5e:e1:d6:
82:14:9b:7b:59:2c:f9:c0:6d:d3:c2:02:09:dd:d5:
ed:9f:5b:b0:3e:bd:ff:1d:d7:33:3b:d3:01:ac:b2:
f1:ab:46:21:9e:ad:24:db:38:a9:34:a9:aa:88:d1:
9d:7c:1f:68:36:58:02:f0:f8:81:85:88:41:e2:9e:
e8:e0:05:05:3b:18:78:c7:b1:61:c2:c0:f7:57:49:
b7:68:6a:cb:39:26:95:6d:1e:40:b0:1d:16:61:ea:
8f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:C2:A0:24:26:50:34:49:AB:12:7F:D6:77:28:DA:0A:92:C8:72:7F
X509v3 Authority Key Identifier:
keyid:AF:B4:E0:4A:0E:D3:44:11:2C:18:53:CA:B0:9F:52:E1:CD:9A:BA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r7TgSg7TRBEsGFPKsJ9S4c2auvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/AcKgJCZQNEmrEn_WdyjaCpLIcn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/19f2e6-1bf3-4f7a-8817-8095f3297179/1/r7TgSg7TRBEsGFPKsJ9S4c2auvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.163.216.0/21
Signature Algorithm: sha256WithRSAEncryption
0a:d6:4c:eb:38:a0:96:15:2b:a0:d5:33:84:46:86:73:61:db:
e6:ad:69:89:f9:04:e9:0b:cf:96:d0:c3:71:16:32:36:1e:95:
8c:ef:21:a9:c1:14:95:27:d8:63:64:8e:dc:43:b7:c0:4f:32:
7a:44:10:96:22:a7:d7:ca:1c:de:a3:ba:8a:b5:e7:93:d9:00:
5b:ae:67:2d:bd:df:70:3d:b0:ed:7e:41:98:a1:ff:5f:95:ee:
b5:31:c0:41:51:81:5f:e6:b1:fa:b6:6a:f8:8e:b4:bc:f0:0c:
71:cb:5d:b4:03:d2:32:13:e6:3e:3d:6c:9c:b9:08:73:5a:9e:
86:da:18:8c:f7:85:9b:7f:bd:e9:bc:32:42:a3:18:e8:9d:d9:
0b:ce:b9:64:d4:77:db:cf:57:ad:b3:31:56:e3:58:0f:37:f5:
28:f8:47:9c:04:f7:b4:7b:0a:43:bf:17:04:16:30:b0:c4:70:
5b:35:e1:c5:3f:0f:00:b0:27:6b:09:ae:d7:72:ec:3f:42:69:
c9:db:cb:30:39:33:e9:5a:fa:25:bf:20:c7:26:ab:e3:19:14:
5c:a9:cf:a0:23:1d:44:fe:d6:0d:35:f8:54:83:54:84:91:ff:
d8:df:3c:dc:4a:10:3c:31:c8:25:eb:80:29:5d:6e:6d:25:bb:
db:c3:45:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtqYuO9E0Ba/hXE0RiraVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYjRlMDRhMGVkMzQ0MTEyYzE4NTNjYWIwOWY1MmUxY2Q5
YWJhZjIwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWMyYTAyNDI2NTAzNDQ5YWIxMjdmZDY3NzI4ZGEwYTkyYzg3MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlv9M/bj5XEk8Y/QJMAnmi0NxDJGj
zLy8JPEAnW4x+HsfmADfHWSLIltsB1rlAxUomJ8F3e1SFvmYPxRbUkYReUYPsGGD
LjW8FdFS8n7wwCkgUzqz1szqSyVvxV7Shp0qHZCXNDbY9KPfAW0Hmg9ea8wLb4SH
3+rGyt3/SKx+fJN4N+m+WeShCxYDaYpYmNDcwXy5dz59yFnRGx9i/RHTFm5e4daC
FJt7WSz5wG3TwgIJ3dXtn1uwPr3/HdczO9MBrLLxq0Yhnq0k2zipNKmqiNGdfB9o
NlgC8PiBhYhB4p7o4AUFOxh4x7FhwsD3V0m3aGrLOSaVbR5AsB0WYeqP0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAHCoCQmUDRJqxJ/1nco2gqSyHJ/MB8GA1UdIwQY
MBaAFK+04EoO00QRLBhTyrCfUuHNmrryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTct
ODA5NWYzMjk3MTc5LzEvQWNLZ0pDWlFORW1yRW5fV2R5amFDcExJY244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xOWYyZTYtMWJmMy00ZjdhLTg4MTctODA5NWYzMjk3MTc5
LzEvcjdUZ1NnN1RSQkVzR0ZQS3NKOVM0YzJhdXZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUaPYMA0G
CSqGSIb3DQEBCwUAA4IBAQAK1kzrOKCWFSug1TOERoZzYdvmrWmJ+QTpC8+W0MNx
FjI2HpWM7yGpwRSVJ9hjZI7cQ7fATzJ6RBCWIqfXyhzeo7qKteeT2QBbrmctvd9w
PbDtfkGYof9fle61McBBUYFf5rH6tmr4jrS88Axxy120A9IyE+Y+PWycuQhzWp6G
2hiM94Wbf73pvDJCoxjondkLzrlk1Hfbz1etszFW41gPN/Uo+EecBPe0ewpDvxcE
FjCwxHBbNeHFPw8AsCdrCa7Xcuw/QmnJ28swOTPpWvolvyDHJqvjGRRcqc+gIx1E
/tYNNfhUg1SEkf/Y3zzcShA8Mcgl64ApXW5tJbvbw0Ub
-----END CERTIFICATE-----
Generated at Tue Apr 15 12:55:08 2025 by rpki-client