Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aqNYkkvppYaN_TvDu9iNqqkytEI.roa
File: aqNYkkvppYaN_TvDu9iNqqkytEI.roa (raw, json)
Hash identifier: 5k5ORm4jtFcOCsUUMZO1iOi9PInP0rjjp74X9IZ0LP8=
Subject key identifier: 6A:A3:58:92:4B:E9:A5:86:8D:FD:3B:C3:BB:D8:8D:AA:A9:32:B4:42
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01867C99C3DF15C78BB4FE427301299993F1
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aqNYkkvppYaN_TvDu9iNqqkytEI.roa
Signing time: Thu 23 Feb 2023 04:48:17 +0000
ROA not before: Thu 23 Feb 2023 04:48:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 188.240.83.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Mar 2023 21:12:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:99:c3:df:15:c7:8b:b4:fe:42:73:01:29:99:93:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 23 04:48:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa358924be9a5868dfd3bc3bbd88daaa932b442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:df:36:1e:ce:fa:40:96:fa:cb:ca:24:ea:ce:
09:b0:db:37:66:3b:95:a1:18:0c:43:e2:be:9e:8a:
7a:af:22:e7:9f:3c:9b:80:8b:f9:cf:fc:aa:c0:73:
70:49:8c:cf:cc:ab:22:c4:50:42:27:de:58:32:2f:
58:ce:1b:c8:9b:34:c6:26:4e:e2:27:6c:97:29:a3:
cb:20:35:d8:ba:ee:d8:42:81:24:8d:06:12:9d:21:
8d:fd:2e:19:bd:7a:5a:36:96:81:d9:93:88:f0:29:
2f:94:58:66:e5:11:b0:5b:64:9d:3c:83:8e:3d:d0:
4b:e3:1a:f7:6f:40:7b:2e:57:89:cc:3b:72:a6:2e:
ea:ba:23:e1:78:f3:eb:bb:18:d6:fd:d5:b6:ab:61:
8f:c8:87:5e:17:7e:e8:42:77:f3:1c:37:21:a7:b1:
e6:cd:13:77:11:44:bb:53:05:2d:89:56:29:f3:a4:
2d:32:86:e4:f9:6c:c9:a1:4f:49:bc:ff:c2:41:d8:
38:88:80:59:d7:c3:69:d0:ea:31:8e:33:54:11:09:
3e:27:4a:90:3b:5f:72:c7:46:5d:30:bc:12:f1:b2:
d5:7e:95:5a:38:6d:60:b7:ff:37:80:41:d9:92:51:
88:20:f6:cb:a9:62:c9:dd:da:3a:70:30:a5:aa:55:
cd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A3:58:92:4B:E9:A5:86:8D:FD:3B:C3:BB:D8:8D:AA:A9:32:B4:42
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/aqNYkkvppYaN_TvDu9iNqqkytEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
176.223.190.0/24
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
56:74:22:fa:ac:4b:2a:f9:d1:e1:db:7b:87:54:3d:3d:97:98:
53:ef:53:12:dd:1b:f6:89:fd:97:74:8f:93:e4:c6:ec:32:1b:
03:93:ce:35:46:fe:4d:dc:ab:a4:fe:ce:41:b9:0e:f4:a4:45:
01:c1:8a:9a:e4:a6:c4:16:9b:9d:4e:3a:56:0f:1a:04:b3:0d:
28:f2:df:bd:47:2c:af:c8:2b:69:66:fc:59:f7:d3:1d:fd:3d:
28:a5:f6:f2:d6:c4:f2:16:a2:1d:af:8d:54:64:80:ed:dc:5a:
0e:8b:98:23:b4:a4:89:f7:e0:df:48:25:fd:69:8d:2e:8e:cc:
9d:a9:dc:c4:1d:39:e9:f1:67:f4:6a:91:e3:82:58:c5:0e:66:
f7:04:58:a8:ce:ee:ef:70:87:b8:d5:1f:2a:2e:f3:fd:5a:e6:
b7:2a:54:76:4b:02:4f:75:7a:a4:e4:1c:f9:d1:06:8b:c9:be:
36:be:7b:e6:8f:2f:12:9c:15:28:e8:bc:68:fb:c5:df:a5:46:
87:31:6e:e4:a5:3e:97:f3:0b:eb:a3:df:28:21:1a:39:1c:77:
09:45:25:4c:7b:70:0d:5a:be:1d:72:19:04:dd:83:d3:e3:6f:
b5:56:9c:b1:a4:f7:01:23:38:95:25:1b:d9:38:94:80:b5:88:
95:db:11:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZ8mcPfFceLtP5CcwEpmZPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwMjIzMDQ0ODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEzNTg5MjRiZTlhNTg2OGRmZDNiYzNiYmQ4OGRhYWE5MzJiNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi982Hs76QJb6y8ok6s4JsNs3ZjuV
oRgMQ+K+nop6ryLnnzybgIv5z/yqwHNwSYzPzKsixFBCJ95YMi9YzhvImzTGJk7i
J2yXKaPLIDXYuu7YQoEkjQYSnSGN/S4ZvXpaNpaB2ZOI8CkvlFhm5RGwW2SdPIOO
PdBL4xr3b0B7LleJzDtypi7quiPhePPruxjW/dW2q2GPyIdeF37oQnfzHDchp7Hm
zRN3EUS7UwUtiVYp86QtMobk+WzJoU9JvP/CQdg4iIBZ18Np0OoxjjNUEQk+J0qQ
O19yx0ZdMLwS8bLVfpVaOG1gt/83gEHZklGIIPbLqWLJ3do6cDClqlXN5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGqjWJJL6aWGjf07w7vYjaqpMrRCMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvYXFOWWtrdnBwWWFOX1R2RHU5aU5xcWt5dEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSWAAwQA
sN++AwQAvPBTMA0GCSqGSIb3DQEBCwUAA4IBAQBWdCL6rEsq+dHh23uHVD09l5hT
71MS3Rv2if2XdI+T5MbsMhsDk841Rv5N3Kuk/s5BuQ70pEUBwYqa5KbEFpudTjpW
DxoEsw0o8t+9RyyvyCtpZvxZ99Md/T0opfby1sTyFqIdr41UZIDt3FoOi5gjtKSJ
9+DfSCX9aY0ujsydqdzEHTnp8Wf0apHjgljFDmb3BFiozu7vcIe41R8qLvP9Wua3
KlR2SwJPdXqk5Bz50QaLyb42vnvmjy8SnBUo6Lxo+8XfpUaHMW7kpT6X8wvro98o
IRo5HHcJRSVMe3ANWr4dchkE3YPT42+1VpyxpPcBIziVJRvZOJSAtYiV2xFG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org