Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa
File: aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa (raw, json)
Hash identifier: Tqpct/N5Vq+j9Vm/vjVqMSuJQeEHErEMpVBfRtgQ/TQ=
Subject key identifier: 69:AC:27:26:93:7E:06:BE:91:DC:B6:D5:98:9E:4D:69:9D:70:3F:99
Certificate issuer: /CN=af935603e52e831537716d458b360192f99a3689
Certificate serial: 01857170A6E24722D8D6337350C38A252D05
Authority key identifier: AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa
Signing time: Mon 02 Jan 2023 07:44:46 +0000
ROA not before: Mon 02 Jan 2023 07:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202152
IP address blocks: 185.49.132.0/22 maxlen: 22
185.49.132.0/23 maxlen: 23
185.49.134.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:a6:e2:47:22:d8:d6:33:73:50:c3:8a:25:2d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af935603e52e831537716d458b360192f99a3689
Validity
Not Before: Jan 2 07:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69ac2726937e06be91dcb6d5989e4d699d703f99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:33:f2:e2:8c:04:0d:ff:50:52:7e:ff:0b:6d:
5a:b4:c7:fd:3d:d6:3d:50:03:4a:32:33:b4:67:91:
8e:79:fc:e7:df:a5:ac:ab:ef:89:d0:a5:71:b3:48:
6e:d4:a4:41:fb:28:1a:0d:05:3c:d2:ba:5a:1c:5c:
20:4b:e0:f9:d1:65:40:c9:f0:7f:26:1f:80:b1:4f:
2c:66:12:f6:49:30:c7:07:6f:08:82:8b:3b:bc:86:
9c:44:e5:cd:cd:38:f1:3e:24:ac:6e:7b:e3:15:80:
d7:57:00:45:bf:1c:25:ef:39:3e:eb:aa:6c:b5:0b:
f8:74:2c:9c:19:43:04:60:c6:eb:15:f4:d5:4f:ba:
a6:f2:e4:bc:43:79:2a:22:5a:98:6c:4a:e7:0f:5a:
3e:78:dc:ac:e0:7e:d4:5e:19:ea:eb:7c:3d:d8:a2:
b3:c6:7d:61:c9:1c:fa:fa:05:eb:7f:a7:11:32:03:
8a:c8:18:ef:99:d2:91:30:b1:fd:93:94:91:19:a7:
f5:ce:99:78:78:e4:36:a6:0e:84:0c:06:9d:ac:31:
c3:1f:30:bc:dd:12:12:9b:e4:84:76:b2:90:64:30:
9a:30:5e:55:31:1d:47:ee:c3:d1:1c:e1:23:8d:b0:
fe:f0:8b:51:fb:8a:7e:11:37:b7:3c:85:25:29:cf:
1a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AC:27:26:93:7E:06:BE:91:DC:B6:D5:98:9E:4D:69:9D:70:3F:99
X509v3 Authority Key Identifier:
keyid:AF:93:56:03:E5:2E:83:15:37:71:6D:45:8B:36:01:92:F9:9A:36:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5NWA-UugxU3cW1FizYBkvmaNok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/aawnJpN-Br6R3LbVmJ5NaZ1wP5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/3001ad-de90-4360-811f-0a0d05ed0c6b/1/r5NWA-UugxU3cW1FizYBkvmaNok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.132.0/22
Signature Algorithm: sha256WithRSAEncryption
72:59:7a:d7:d0:fa:92:95:a0:2b:b8:9e:e0:f7:2e:68:ba:90:
78:ff:94:88:d9:d4:66:0a:a5:70:bc:a5:f1:a1:ea:7e:3b:ca:
60:68:12:4d:a0:48:bf:ab:5a:64:f9:7d:7e:b6:96:17:1d:8b:
c5:bd:21:2e:00:8b:3d:a2:0d:15:02:8b:aa:9b:95:cb:ae:00:
22:ed:3c:08:aa:2f:41:40:81:c6:42:b7:37:b5:38:67:bc:6a:
85:f2:9b:63:a9:41:72:15:aa:1d:30:8e:70:80:57:18:b3:3c:
74:42:42:57:57:1f:1e:f2:37:6e:a2:a0:2a:82:da:24:05:14:
02:5b:7f:64:9d:ed:90:a2:2c:10:71:9b:68:f1:5b:b9:1b:13:
6b:d4:86:86:c3:be:70:b1:00:f3:61:c5:82:e8:69:06:a7:63:
b6:1f:f5:fa:a4:2d:9b:f5:12:18:b4:c7:4e:61:2d:fc:61:4a:
da:5a:59:44:58:10:84:0e:c8:e7:e4:cb:60:ca:61:89:50:ee:
cc:7a:14:ef:3c:a8:c7:8c:3b:62:cd:29:8b:ac:a9:5a:a8:67:
79:22:cf:e3:15:b0:86:9b:c6:3c:72:23:0a:e4:d8:09:5b:f9:
7e:61:bf:23:50:28:cc:3e:8d:68:2f:7b:12:cb:78:63:dd:42:
36:28:af:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxcKbiRyLY1jNzUMOKJS0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM1NjAzZTUyZTgzMTUzNzcxNmQ0NThiMzYwMTkyZjk5
YTM2ODkwHhcNMjMwMTAyMDc0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFjMjcyNjkzN2UwNmJlOTFkY2I2ZDU5ODllNGQ2OTlkNzAzZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTPy4owEDf9QUn7/C21atMf9PdY9
UANKMjO0Z5GOefzn36Wsq++J0KVxs0hu1KRB+ygaDQU80rpaHFwgS+D50WVAyfB/
Jh+AsU8sZhL2STDHB28Igos7vIacROXNzTjxPiSsbnvjFYDXVwBFvxwl7zk+66ps
tQv4dCycGUMEYMbrFfTVT7qm8uS8Q3kqIlqYbErnD1o+eNys4H7UXhnq63w92KKz
xn1hyRz6+gXrf6cRMgOKyBjvmdKRMLH9k5SRGaf1zpl4eOQ2pg6EDAadrDHDHzC8
3RISm+SEdrKQZDCaMF5VMR1H7sPRHOEjjbD+8ItR+4p+ETe3PIUlKc8aRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmsJyaTfga+kdy21ZieTWmdcD+ZMB8GA1UdIwQY
MBaAFK+TVgPlLoMVN3FtRYs2AZL5mjaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYt
MGEwZDA1ZWQwYzZiLzEvYWF3bkpwTi1CcjZSM0xiVm1KNU5hWjF3UDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8zMDAxYWQtZGU5MC00MzYwLTgxMWYtMGEwZDA1ZWQwYzZi
LzEvcjVOV0EtVXVneFUzY1cxRml6WUJrdm1hTm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTGEMA0G
CSqGSIb3DQEBCwUAA4IBAQByWXrX0PqSlaAruJ7g9y5oupB4/5SI2dRmCqVwvKXx
oep+O8pgaBJNoEi/q1pk+X1+tpYXHYvFvSEuAIs9og0VAouqm5XLrgAi7TwIqi9B
QIHGQrc3tThnvGqF8ptjqUFyFaodMI5wgFcYszx0QkJXVx8e8jduoqAqgtokBRQC
W39kne2QoiwQcZto8Vu5GxNr1IaGw75wsQDzYcWC6GkGp2O2H/X6pC2b9RIYtMdO
YS38YUraWllEWBCEDsjn5MtgymGJUO7MehTvPKjHjDtizSmLrKlaqGd5Is/jFbCG
m8Y8ciMK5NgJW/l+Yb8jUCjMPo1oL3sSy3hj3UI2KK8W
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:55 2024 by rpki-client on console-ams.rpki-client.org