Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/AQMKEV4wTSBmzM25042bJ2XiIOs.roa
File: AQMKEV4wTSBmzM25042bJ2XiIOs.roa (raw, json)
Hash identifier: 3HAAPtixI8VC2Uz1BVfP/oRuB9QnjlV21EVnejVDmQY=
Subject key identifier: 01:03:0A:11:5E:30:4D:20:66:CC:CD:B9:D3:8D:9B:27:65:E2:20:EB
Certificate issuer: /CN=eaeea20bbbdb9a5d1cdc7114e2af518e76b1426e
Certificate serial: 018CC56F02A66CF5712FEA403FC6DE724DAB
Authority key identifier: EA:EE:A2:0B:BB:DB:9A:5D:1C:DC:71:14:E2:AF:51:8E:76:B1:42:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6u6iC7vbml0c3HEU4q9RjnaxQm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/AQMKEV4wTSBmzM25042bJ2XiIOs.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2.57.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:02:a6:6c:f5:71:2f:ea:40:3f:c6:de:72:4d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaeea20bbbdb9a5d1cdc7114e2af518e76b1426e
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01030a115e304d2066cccdb9d38d9b2765e220eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bf:1d:08:fb:69:95:da:c9:a3:39:99:f6:44:
e8:f4:8b:7b:00:33:8d:94:53:a0:39:8e:ff:78:09:
ac:15:06:36:ee:ca:d0:83:4a:06:4c:d9:e6:ee:95:
74:5e:6f:fa:3c:a1:65:cb:e3:a5:94:d8:ed:6a:1e:
d4:b7:08:27:e8:c0:fa:9b:15:6e:c8:0f:57:16:97:
af:52:33:ea:89:59:e2:67:85:7a:5c:75:73:c3:89:
37:81:24:b6:db:2a:3b:a2:e8:95:8e:9d:41:09:9d:
a3:08:05:0d:0c:f1:2a:03:8d:94:35:58:4a:28:24:
f2:0a:ba:05:e1:d3:f2:b4:0d:b2:7f:d3:fe:49:7b:
c9:04:6d:2b:d6:a0:e0:14:92:32:33:f3:7f:21:3b:
7f:91:6d:5b:f6:5c:d9:27:bc:f4:e0:1d:f9:d9:93:
7e:e0:bd:d9:1d:ba:6e:fe:6c:e7:de:9c:dd:3e:05:
c6:31:35:94:f2:06:5c:7c:f6:6f:5c:9b:f8:1a:3e:
46:95:83:b1:6d:b8:43:76:c5:09:44:2b:85:78:73:
ef:4f:2c:96:8d:d1:aa:b1:cf:9e:a1:63:45:fb:eb:
37:48:84:c0:20:85:30:42:2b:0f:c9:25:16:98:98:
f4:b3:81:9d:d1:44:cc:3a:32:32:74:21:f6:df:9d:
72:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:03:0A:11:5E:30:4D:20:66:CC:CD:B9:D3:8D:9B:27:65:E2:20:EB
X509v3 Authority Key Identifier:
keyid:EA:EE:A2:0B:BB:DB:9A:5D:1C:DC:71:14:E2:AF:51:8E:76:B1:42:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6u6iC7vbml0c3HEU4q9RjnaxQm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/AQMKEV4wTSBmzM25042bJ2XiIOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/7df859-2851-43c3-a32b-ab04720930cf/1/6u6iC7vbml0c3HEU4q9RjnaxQm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.12.0/24
Signature Algorithm: sha256WithRSAEncryption
29:03:b1:9b:e7:32:c0:20:88:41:2c:45:db:94:07:84:ea:cd:
66:7f:67:b9:e6:6c:9f:5c:21:84:a2:d6:d4:47:fb:ae:16:32:
07:ba:7d:d0:c0:6d:0a:d4:fe:b9:68:d4:f5:fb:fe:48:72:1f:
9d:00:2f:5d:28:f7:1a:44:52:25:ed:eb:17:98:ef:88:ce:1d:
cd:2f:5c:e4:00:fe:0b:00:09:bc:cc:a6:ff:b2:73:05:79:0f:
32:4f:24:f8:df:e7:0f:db:d5:bd:75:42:8d:5e:a7:3f:90:07:
ff:29:b4:b8:26:e6:21:53:8e:7b:4d:46:e8:48:e4:33:33:91:
6f:1e:f4:f7:c8:b7:0c:aa:17:8e:e2:ac:99:4d:fa:a7:47:06:
64:20:39:69:84:17:46:4d:15:5f:43:4c:23:c3:53:51:a9:c5:
b6:3e:f0:0e:d5:4e:71:1f:e8:26:60:ce:31:ff:97:e7:b6:7b:
3d:af:9f:21:0d:c2:aa:33:1d:c3:5b:88:c5:f6:42:62:15:26:
a4:92:d4:f8:63:b0:1b:be:ef:63:be:5f:f4:35:73:2e:7d:b9:
ec:15:8d:cb:34:63:6f:57:04:77:a8:57:ee:32:76:9a:87:b5:
1c:fd:92:38:d4:e2:79:7a:d4:28:85:1a:2c:0c:2b:4b:82:68:
37:b5:97:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwKmbPVxL+pAP8beck2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZWVhMjBiYmJkYjlhNWQxY2RjNzExNGUyYWY1MThlNzZi
MTQyNmUwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTAzMGExMTVlMzA0ZDIwNjZjY2NkYjlkMzhkOWIyNzY1ZTIyMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r8dCPtpldrJozmZ9kTo9It7ADON
lFOgOY7/eAmsFQY27srQg0oGTNnm7pV0Xm/6PKFly+OllNjtah7Utwgn6MD6mxVu
yA9XFpevUjPqiVniZ4V6XHVzw4k3gSS22yo7ouiVjp1BCZ2jCAUNDPEqA42UNVhK
KCTyCroF4dPytA2yf9P+SXvJBG0r1qDgFJIyM/N/ITt/kW1b9lzZJ7z04B352ZN+
4L3ZHbpu/mzn3pzdPgXGMTWU8gZcfPZvXJv4Gj5GlYOxbbhDdsUJRCuFeHPvTyyW
jdGqsc+eoWNF++s3SITAIIUwQisPySUWmJj0s4Gd0UTMOjIydCH2351yJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEDChFeME0gZszNudONmydl4iDrMB8GA1UdIwQY
MBaAFOruogu725pdHNxxFOKvUY52sUJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnU2aUM3dmJtbDBjM0hFVTRxOVJqbmF4UW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83ZGY4NTktMjg1MS00M2MzLWEzMmIt
YWIwNDcyMDkzMGNmLzEvQVFNS0VWNHdUU0Jtek0yNTA0MmJKMlhpSU9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83ZGY4NTktMjg1MS00M2MzLWEzMmItYWIwNDcyMDkzMGNm
LzEvNnU2aUM3dmJtbDBjM0hFVTRxOVJqbmF4UW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkMMA0G
CSqGSIb3DQEBCwUAA4IBAQApA7Gb5zLAIIhBLEXblAeE6s1mf2e55myfXCGEotbU
R/uuFjIHun3QwG0K1P65aNT1+/5Ich+dAC9dKPcaRFIl7esXmO+Izh3NL1zkAP4L
AAm8zKb/snMFeQ8yTyT43+cP29W9dUKNXqc/kAf/KbS4JuYhU457TUboSOQzM5Fv
HvT3yLcMqheO4qyZTfqnRwZkIDlphBdGTRVfQ0wjw1NRqcW2PvAO1U5xH+gmYM4x
/5fntns9r58hDcKqMx3DW4jF9kJiFSakktT4Y7Abvu9jvl/0NXMufbnsFY3LNGNv
VwR3qFfuMnaah7Uc/ZI41OJ5etQohRosDCtLgmg3tZcq
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:14 2025 by rpki-client