Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/AAlClWERfkBgVcq04yJe6L8oF00.roa
File: AAlClWERfkBgVcq04yJe6L8oF00.roa (raw, json)
Hash identifier: 6UR+WzTrXZQCfKT2SJMkTA8z09CEnkFWqCrTLO1khWY=
Subject key identifier: 00:09:42:95:61:11:7E:40:60:55:CA:B4:E3:22:5E:E8:BF:28:17:4D
Certificate issuer: /CN=153b46702839a795baba8d8d15ecdcca637e336c
Certificate serial: 018CC64B7AB99CEC63585FB217CC89DD1924
Authority key identifier: 15:3B:46:70:28:39:A7:95:BA:BA:8D:8D:15:EC:DC:CA:63:7E:33:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTtGcCg5p5W6uo2NFezcymN-M2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/AAlClWERfkBgVcq04yJe6L8oF00.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8823
IP address blocks: 185.245.22.0/24 maxlen: 24
2a0c:d4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7a:b9:9c:ec:63:58:5f:b2:17:cc:89:dd:19:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=153b46702839a795baba8d8d15ecdcca637e336c
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0009429561117e406055cab4e3225ee8bf28174d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:dd:1e:22:d3:b6:3d:9d:0d:30:8e:d3:fe:
c8:e2:cc:95:3a:3d:cf:fc:e1:65:0a:fa:73:92:77:
2f:f9:88:39:67:70:dd:7d:ac:5d:88:47:80:56:43:
fb:09:e7:c2:46:37:39:81:38:88:db:00:05:d3:54:
9e:a3:29:b5:b3:43:a8:b7:1e:e4:28:fd:f9:9d:7e:
51:56:d0:03:3d:0e:37:ed:1b:ed:c3:ff:58:21:22:
e9:81:e9:0c:13:ce:6e:eb:dc:21:1f:07:39:e8:eb:
08:33:51:6a:99:70:4a:20:6c:8b:08:83:9b:52:8b:
c0:b2:de:0d:53:52:83:63:ce:b0:82:dd:8a:3d:fb:
14:6d:21:2a:ef:28:ac:0d:a5:6b:6f:8f:71:59:6b:
cc:4d:66:20:a2:2b:68:8d:f4:59:0a:9d:fa:80:78:
8f:51:64:41:11:12:48:06:3c:c8:b3:a7:4b:f1:0d:
7c:ea:b3:c2:b5:e3:18:c7:29:e7:bb:6c:78:35:9a:
64:e2:a6:a3:b2:ad:11:65:41:68:60:60:18:1e:98:
1b:bc:1c:2e:52:76:e6:d9:c6:34:56:f5:8f:8f:d7:
04:04:aa:f7:aa:28:84:55:b7:d2:f8:95:80:6d:ee:
29:a0:ee:a2:45:bb:23:2a:79:aa:73:c5:47:2c:60:
53:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:09:42:95:61:11:7E:40:60:55:CA:B4:E3:22:5E:E8:BF:28:17:4D
X509v3 Authority Key Identifier:
keyid:15:3B:46:70:28:39:A7:95:BA:BA:8D:8D:15:EC:DC:CA:63:7E:33:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTtGcCg5p5W6uo2NFezcymN-M2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/AAlClWERfkBgVcq04yJe6L8oF00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f56d7f-1b78-4453-81e7-ba56378a6476/1/FTtGcCg5p5W6uo2NFezcymN-M2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.22.0/24
IPv6:
2a0c:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:69:8e:c8:ac:59:84:51:7e:cc:b7:50:8b:8e:a9:72:29:16:
f2:91:b2:f9:8a:6e:21:3d:bb:dc:a7:28:f7:4e:f2:37:3a:16:
ca:64:47:f9:ea:55:b2:48:78:fb:f0:db:1c:02:f0:b5:77:2f:
3e:15:39:cc:72:24:6e:76:aa:c4:eb:47:36:3d:ed:cf:e4:dc:
83:ae:34:b4:ce:54:b6:b5:66:15:23:c0:fd:e0:0e:46:09:ca:
20:d2:93:20:22:a6:07:ea:ea:98:68:1b:44:5d:2b:a0:8e:7d:
3a:69:7d:67:09:96:e3:63:77:43:5c:83:bf:01:f3:6f:02:56:
b9:43:c2:c3:ef:58:4d:ad:87:eb:90:8c:ae:0a:7c:ba:3c:2b:
5f:9f:54:be:0f:be:e0:81:f4:08:83:f7:e2:74:12:d4:38:3e:
d5:50:37:fe:7c:84:96:46:fe:06:cb:33:42:16:ed:b0:22:3b:
ac:03:1a:44:9f:66:92:91:0b:60:d2:a7:51:29:cc:09:03:48:
9f:b8:b8:c5:e4:aa:05:ad:68:0a:56:6f:55:78:60:fb:8d:cf:
3f:70:82:4b:c4:a1:ba:f5:b3:8e:a1:b6:38:0e:47:88:a0:1a:
a3:9a:7b:a7:c8:63:28:b1:82:83:43:31:d9:7e:bb:80:b7:33:
aa:0a:8c:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS3q5nOxjWF+yF8yJ3RkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2I0NjcwMjgzOWE3OTViYWJhOGQ4ZDE1ZWNkY2NhNjM3
ZTMzNmMwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDA5NDI5NTYxMTE3ZTQwNjA1NWNhYjRlMzIyNWVlOGJmMjgxNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8rdHiLTtj2dDTCO0/7I4syVOj3P
/OFlCvpzkncv+Yg5Z3DdfaxdiEeAVkP7CefCRjc5gTiI2wAF01Seoym1s0Ootx7k
KP35nX5RVtADPQ437Rvtw/9YISLpgekME85u69whHwc56OsIM1FqmXBKIGyLCIOb
UovAst4NU1KDY86wgt2KPfsUbSEq7yisDaVrb49xWWvMTWYgoitojfRZCp36gHiP
UWRBERJIBjzIs6dL8Q186rPCteMYxynnu2x4NZpk4qajsq0RZUFoYGAYHpgbvBwu
Unbm2cY0VvWPj9cEBKr3qiiEVbfS+JWAbe4poO6iRbsjKnmqc8VHLGBTowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAAJQpVhEX5AYFXKtOMiXui/KBdNMB8GA1UdIwQY
MBaAFBU7RnAoOaeVurqNjRXs3MpjfjNsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlR0R2NDZzVwNVc2dW8yTkZlemN5bU4tTTJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNTZkN2YtMWI3OC00NDUzLTgxZTct
YmE1NjM3OGE2NDc2LzEvQUFsQ2xXRVJma0JnVmNxMDR5SmU2TDhvRjAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNTZkN2YtMWI3OC00NDUzLTgxZTctYmE1NjM3OGE2NDc2
LzEvRlR0R2NDZzVwNVc2dW8yTkZlemN5bU4tTTJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufUWMA0E
AgACMAcDBQMqDNTAMA0GCSqGSIb3DQEBCwUAA4IBAQAqaY7IrFmEUX7Mt1CLjqly
KRbykbL5im4hPbvcpyj3TvI3OhbKZEf56lWySHj78NscAvC1dy8+FTnMciRudqrE
60c2Pe3P5NyDrjS0zlS2tWYVI8D94A5GCcog0pMgIqYH6uqYaBtEXSugjn06aX1n
CZbjY3dDXIO/AfNvAla5Q8LD71hNrYfrkIyuCny6PCtfn1S+D77ggfQIg/fidBLU
OD7VUDf+fISWRv4GyzNCFu2wIjusAxpEn2aSkQtg0qdRKcwJA0ifuLjF5KoFrWgK
Vm9VeGD7jc8/cIJLxKG69bOOobY4DkeIoBqjmnunyGMosYKDQzHZfruAtzOqCoxx
-----END CERTIFICATE-----
Generated at Thu May 1 10:04:04 2025 by rpki-client