Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/AKhsIyCr7GUwpYTJzAhd2FtGYvI.roa
File: AKhsIyCr7GUwpYTJzAhd2FtGYvI.roa (raw, json)
Hash identifier: FGTHH2/ziZk7gsQVeFg5nz0By3ruSNB3AUle/nl6dkY=
Subject key identifier: 00:A8:6C:23:20:AB:EC:65:30:A5:84:C9:CC:08:5D:D8:5B:46:62:F2
Certificate issuer: /CN=0c44f3e24bbfc6048e5ffa50c3dce364ffc012b0
Certificate serial: 0190C7197BE4B7E5E6DBF75022558D8CA468
Authority key identifier: 0C:44:F3:E2:4B:BF:C6:04:8E:5F:FA:50:C3:DC:E3:64:FF:C0:12:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/AKhsIyCr7GUwpYTJzAhd2FtGYvI.roa
Signing time: Thu 18 Jul 2024 18:27:34 +0000
ROA not before: Thu 18 Jul 2024 18:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29030
IP address blocks: 87.121.8.0/21 maxlen: 21
87.121.24.0/22 maxlen: 22
87.121.152.0/21 maxlen: 21
94.156.194.0/24 maxlen: 24
94.156.195.0/24 maxlen: 24
94.156.198.0/24 maxlen: 24
94.156.199.0/24 maxlen: 24
94.156.208.0/21 maxlen: 21
185.217.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c7:19:7b:e4:b7:e5:e6:db:f7:50:22:55:8d:8c:a4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c44f3e24bbfc6048e5ffa50c3dce364ffc012b0
Validity
Not Before: Jul 18 18:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00a86c2320abec6530a584c9cc085dd85b4662f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9b:c3:ff:53:a3:1e:f1:0d:b3:71:10:99:10:
a6:50:c0:4e:0b:71:17:53:91:db:47:13:d3:e9:83:
9c:99:aa:b1:a6:67:11:41:9e:35:54:69:bf:6d:6f:
04:05:21:38:0f:af:18:ad:bf:0c:75:a4:be:bf:39:
02:56:5d:0d:42:7f:2b:35:e7:d8:1e:58:c1:ac:b5:
66:87:b1:0c:3e:0b:0f:08:fa:0f:3d:97:0f:42:a2:
fb:9d:fb:d7:79:e6:67:fa:21:e7:dd:24:97:99:4a:
32:c0:cc:28:2d:4a:60:eb:fb:b0:ca:40:c2:b2:9c:
52:9b:69:7b:91:29:7c:6f:cf:5e:be:5e:bc:a0:5c:
60:ae:9a:76:8e:59:54:06:8a:8e:51:e5:6c:23:3e:
6e:8f:d2:f6:d5:28:98:02:db:bf:cc:75:07:0e:88:
a6:67:84:b7:8d:fd:b4:e8:93:1f:25:10:c8:54:8f:
e7:c1:c4:ac:4c:81:54:05:e9:ec:7b:20:fe:c6:d3:
c3:a5:81:c4:01:27:f9:8f:8a:5a:70:15:be:25:25:
7a:8b:a1:da:ea:5d:2b:44:86:30:2a:d3:d8:7b:04:
6a:64:c6:25:05:49:c3:f1:fc:5f:98:77:0f:96:75:
b9:63:0e:f6:b8:87:b3:4a:75:84:aa:a1:56:82:1e:
9f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A8:6C:23:20:AB:EC:65:30:A5:84:C9:CC:08:5D:D8:5B:46:62:F2
X509v3 Authority Key Identifier:
keyid:0C:44:F3:E2:4B:BF:C6:04:8E:5F:FA:50:C3:DC:E3:64:FF:C0:12:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/AKhsIyCr7GUwpYTJzAhd2FtGYvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/DETz4ku_xgSOX_pQw9zjZP_AErA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.8.0/21
87.121.24.0/22
87.121.152.0/21
94.156.194.0/23
94.156.198.0/23
94.156.208.0/21
185.217.38.0/24
Signature Algorithm: sha256WithRSAEncryption
68:55:77:9d:66:03:8b:13:d7:e0:51:75:ac:c6:44:c0:52:5e:
7e:14:93:5d:bf:9e:08:7e:50:a5:59:88:1a:96:3e:ca:bb:62:
85:76:e4:29:74:4b:46:45:d9:f1:e2:c6:3f:fb:45:08:f7:74:
77:8e:86:64:f5:e7:c7:8d:fe:13:d1:c7:29:1e:1c:be:93:72:
bb:40:8c:9c:22:49:5a:c9:93:dd:5a:e5:6f:40:67:0d:88:46:
cf:15:bb:05:50:95:ae:11:bc:98:55:5c:6b:d5:18:b3:da:78:
68:ae:44:e8:af:d3:f3:33:40:37:e0:62:bc:e5:56:d7:ed:a1:
b8:9b:24:b0:d0:06:4e:9f:f9:9d:f4:13:ae:c0:2b:c1:2d:57:
be:53:9b:11:80:67:85:41:f7:70:0d:4c:5f:bd:de:da:6b:c7:
aa:a9:ba:53:de:40:2b:d0:cb:2f:41:50:0b:29:0b:c7:c7:29:
a4:f1:a0:a0:df:86:b4:19:42:82:88:b7:35:4c:b4:93:10:10:
60:2f:33:7e:93:7c:75:ec:00:c1:aa:59:ff:fc:57:a6:26:fc:
26:83:15:f8:db:bd:45:55:e4:2c:06:8e:91:cc:e0:7d:72:cf:
b7:98:df:f0:d8:8c:29:09:63:03:ea:d6:fb:a6:f5:b3:79:48:
58:a7:3d:e4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZDHGXvkt+Xm2/dQIlWNjKRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDRmM2UyNGJiZmM2MDQ4ZTVmZmE1MGMzZGNlMzY0ZmZj
MDEyYjAwHhcNMjQwNzE4MTgyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGE4NmMyMzIwYWJlYzY1MzBhNTg0YzljYzA4NWRkODViNDY2MmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5vD/1OjHvENs3EQmRCmUMBOC3EX
U5HbRxPT6YOcmaqxpmcRQZ41VGm/bW8EBSE4D68Yrb8MdaS+vzkCVl0NQn8rNefY
HljBrLVmh7EMPgsPCPoPPZcPQqL7nfvXeeZn+iHn3SSXmUoywMwoLUpg6/uwykDC
spxSm2l7kSl8b89evl68oFxgrpp2jllUBoqOUeVsIz5uj9L21SiYAtu/zHUHDoim
Z4S3jf206JMfJRDIVI/nwcSsTIFUBenseyD+xtPDpYHEASf5j4pacBW+JSV6i6Ha
6l0rRIYwKtPYewRqZMYlBUnD8fxfmHcPlnW5Yw72uIezSnWEqqFWgh6fOwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFACobCMgq+xlMKWEycwIXdhbRmLyMB8GA1UdIwQY
MBaAFAxE8+JLv8YEjl/6UMPc42T/wBKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVUejRrdV94Z1NPWF9wUXc5empaUF9BRXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85OTE4YWEtMzQ3ZC00ODc4LWExNmIt
OGFjN2JlNDZjYzRiLzEvQUtoc0l5Q3I3R1V3cFlUSnpBaGQyRnRHWXZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85OTE4YWEtMzQ3ZC00ODc4LWExNmItOGFjN2JlNDZjYzRi
LzEvREVUejRrdV94Z1NPWF9wUXc5empaUF9BRXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDV3kIAwQC
V3kYAwQDV3mYAwQBXpzCAwQBXpzGAwQDXpzQAwQAudkmMA0GCSqGSIb3DQEBCwUA
A4IBAQBoVXedZgOLE9fgUXWsxkTAUl5+FJNdv54IflClWYgalj7Ku2KFduQpdEtG
Rdnx4sY/+0UI93R3joZk9efHjf4T0ccpHhy+k3K7QIycIklayZPdWuVvQGcNiEbP
FbsFUJWuEbyYVVxr1Riz2nhorkTor9PzM0A34GK85VbX7aG4mySw0AZOn/md9BOu
wCvBLVe+U5sRgGeFQfdwDUxfvd7aa8eqqbpT3kAr0MsvQVALKQvHxymk8aCg34a0
GUKCiLc1TLSTEBBgLzN+k3x17ADBqln//FemJvwmgxX4271FVeQsBo6RzOB9cs+3
mN/w2IwpCWMD6tb7pvWzeUhYpz3k
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:55:30 2025 by rpki-client