Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/__TAd9cYEGou07susYLbT0Yl80k.roa
File: __TAd9cYEGou07susYLbT0Yl80k.roa (raw, json)
Hash identifier: IrDwzWtgeQ7fq5THxLc98bTn8yd+X4wh3vXfwetw+og=
Subject key identifier: FF:F4:C0:77:D7:18:10:6A:2E:D3:BB:2E:B1:82:DB:4F:46:25:F3:49
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018AAEB93F1ED9CEF0F05D7AB68AA0CF7B7A
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/__TAd9cYEGou07susYLbT0Yl80k.roa
Signing time: Tue 19 Sep 2023 18:34:50 +0000
ROA not before: Tue 19 Sep 2023 18:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
193.38.44.0/22 maxlen: 22
139.28.240.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
139.28.48.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
176.96.128.0/22 maxlen: 22
194.93.48.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 22 Sep 2023 18:27:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ae:b9:3f:1e:d9:ce:f0:f0:5d:7a:b6:8a:a0:cf:7b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Sep 19 18:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fff4c077d718106a2ed3bb2eb182db4f4625f349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:91:fa:c6:1b:c6:c7:34:5c:6d:3f:25:cd:fa:
cc:18:bd:42:e1:33:ce:24:37:20:c5:75:e4:f3:53:
55:79:d7:48:5a:04:6e:86:b9:ff:1b:34:99:92:ab:
19:ad:53:57:26:12:d0:55:7d:64:86:b6:d4:21:2f:
a8:fb:00:23:35:2b:af:e5:74:29:9d:b7:bc:3d:45:
31:4f:c2:87:99:a2:8d:b6:3b:a1:39:86:0b:07:82:
13:97:36:72:14:8a:03:e4:5c:a8:ac:cd:4f:70:6b:
31:7f:a8:9a:a2:44:c8:8c:13:0f:28:86:96:d9:43:
c2:d8:8a:2c:4e:e1:dd:6b:0f:0e:80:6e:0d:94:40:
5e:13:37:1f:ac:47:e3:b0:3e:f4:07:91:4f:db:f9:
6a:22:05:2b:95:25:a3:2b:25:6a:20:d9:1c:19:6b:
27:55:ac:be:63:e8:a4:44:1f:af:d7:18:9d:b0:c3:
ef:8a:0b:cb:ce:3e:65:c9:2d:62:0e:27:9a:5c:81:
ac:5e:c5:36:a4:08:be:50:2c:97:70:d8:cc:11:4d:
c4:ce:00:bf:d1:04:03:44:69:a1:09:83:2d:83:33:
e6:6b:b9:01:8c:1e:72:83:69:63:22:1d:d8:3f:85:
ca:7f:93:6a:09:aa:83:7b:85:c1:a0:b5:97:cd:66:
cb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F4:C0:77:D7:18:10:6A:2E:D3:BB:2E:B1:82:DB:4F:46:25:F3:49
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/__TAd9cYEGou07susYLbT0Yl80k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
139.28.48.0/22
139.28.240.0/22
176.53.156.0/22
176.96.128.0/22
193.38.44.0/22
194.93.48.0/22
Signature Algorithm: sha256WithRSAEncryption
20:0b:67:64:2a:d4:7f:e1:1b:ce:f0:db:e8:e3:95:90:f6:90:
3f:3f:56:2c:9a:1f:5a:0a:8b:d9:db:3f:21:db:c0:47:89:56:
85:c6:f7:0c:1a:df:0d:ff:a1:1a:ae:2d:a8:20:42:2e:02:73:
3c:07:75:73:b6:3e:6d:b7:36:79:0e:38:4f:c5:9d:54:c0:e5:
ac:38:c3:51:02:81:1a:ab:0d:8a:42:0b:48:52:9f:78:cc:69:
6a:7d:c3:75:bf:94:f3:1d:1b:ed:33:24:f7:0c:5d:a8:06:d7:
0a:e8:86:d1:f4:5c:55:98:12:c7:d6:53:1e:1e:38:e9:f0:ad:
54:ca:75:52:03:f9:a3:29:91:85:1d:83:bb:20:8f:ff:91:5b:
27:a7:be:2a:74:ab:3b:9b:04:13:1a:27:a8:e4:fc:28:9b:fe:
3d:a9:ef:aa:c4:54:3f:21:45:df:95:dc:61:d0:0d:aa:b8:08:
59:38:a9:e6:4e:ea:37:a6:bd:bc:8a:2a:7e:9e:0d:ea:e2:dd:
62:4c:7f:7d:1f:f9:72:4e:1d:6b:3f:c1:65:59:ac:d9:f9:d4:
1c:ab:b3:0d:4e:76:30:0f:26:01:f0:03:f6:89:87:03:a2:db:
fd:18:c3:27:77:c9:7c:b1:38:b8:4c:07:35:76:d3:a4:e1:0a:
26:6d:54:eb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYquuT8e2c7w8F16toqgz3t6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwOTE5MTgzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmY0YzA3N2Q3MTgxMDZhMmVkM2JiMmViMTgyZGI0ZjQ2MjVmMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJH6xhvGxzRcbT8lzfrMGL1C4TPO
JDcgxXXk81NVeddIWgRuhrn/GzSZkqsZrVNXJhLQVX1khrbUIS+o+wAjNSuv5XQp
nbe8PUUxT8KHmaKNtjuhOYYLB4ITlzZyFIoD5FyorM1PcGsxf6iaokTIjBMPKIaW
2UPC2IosTuHdaw8OgG4NlEBeEzcfrEfjsD70B5FP2/lqIgUrlSWjKyVqINkcGWsn
Vay+Y+ikRB+v1xidsMPvigvLzj5lyS1iDieaXIGsXsU2pAi+UCyXcNjMEU3EzgC/
0QQDRGmhCYMtgzPma7kBjB5yg2ljIh3YP4XKf5NqCaqDe4XBoLWXzWbLcwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP/0wHfXGBBqLtO7LrGC209GJfNJMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvX19UQWQ5Y1lFR291MDdzdXNZTGJUMFlsODBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBYV8AwQC
U6v0AwQCVQigAwQCXPk8AwQCixwwAwQCixzwAwQCsDWcAwQCsGCAAwQCwSYsAwQC
wl0wMA0GCSqGSIb3DQEBCwUAA4IBAQAgC2dkKtR/4RvO8Nvo45WQ9pA/P1Ysmh9a
CovZ2z8h28BHiVaFxvcMGt8N/6Eari2oIEIuAnM8B3Vztj5ttzZ5DjhPxZ1UwOWs
OMNRAoEaqw2KQgtIUp94zGlqfcN1v5TzHRvtMyT3DF2oBtcK6IbR9FxVmBLH1lMe
Hjjp8K1UynVSA/mjKZGFHYO7II//kVsnp74qdKs7mwQTGieo5Pwom/49qe+qxFQ/
IUXfldxh0A2quAhZOKnmTuo3pr28iip+ng3q4t1iTH99H/lyTh1rP8FlWazZ+dQc
q7MNTnYwDyYB8AP2iYcDotv9GMMnd8l8sTi4TAc1dtOk4QombVTr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org