Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/a498Nwagkjw8lnR9QShfLBwzSl8.roa
File: a498Nwagkjw8lnR9QShfLBwzSl8.roa (raw, json)
Hash identifier: iANw8PXNPXtReQr8hB6CdaZiR97FRclWaTkKcgGqJ28=
Subject key identifier: 6B:8F:7C:37:06:A0:92:3C:3C:96:74:7D:41:28:5F:2C:1C:33:4A:5F
Certificate issuer: /CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e
Certificate serial: 01857127884002B948416F578E06B0767149
Authority key identifier: D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/a498Nwagkjw8lnR9QShfLBwzSl8.roa
Signing time: Mon 02 Jan 2023 06:24:54 +0000
ROA not before: Mon 02 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50295
IP address blocks: 185.66.80.0/22 maxlen: 24
185.47.112.0/22 maxlen: 24
37.203.216.0/21 maxlen: 24
93.187.8.0/21 maxlen: 24
185.101.60.0/22 maxlen: 24
2a01:8ee0::/32 maxlen: 32
2a00:1f00::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:88:40:02:b9:48:41:6f:57:8e:06:b0:76:71:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d832da8d458849d5f40ba6f0b9208f8585d9e23e
Validity
Not Before: Jan 2 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b8f7c3706a0923c3c96747d41285f2c1c334a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:70:f7:a4:7d:7e:96:73:62:88:55:bc:06:5c:
b1:87:4a:90:a5:cd:51:16:bc:a6:fd:8a:6c:e4:a0:
e0:5e:c4:77:e7:7a:59:9e:f6:56:92:5f:3d:94:0d:
62:4b:e1:09:47:6a:40:b0:6f:24:92:28:dc:ba:e2:
1f:d4:d0:3b:05:80:52:18:d0:d2:31:79:68:3a:7c:
07:4b:6a:72:31:4f:53:c0:07:99:6d:48:8b:bc:37:
49:fc:fc:bf:10:8d:c3:0e:2c:e7:02:8a:d3:22:73:
ec:f9:cd:2d:6f:0f:68:74:c1:8a:db:c7:d5:9d:60:
98:e1:bb:da:5e:cc:49:e1:02:2e:5f:ef:52:57:ce:
d5:f7:48:18:74:ad:d3:62:26:27:19:90:51:b9:81:
08:76:a8:38:d2:92:f9:02:29:5d:33:06:5b:8f:ed:
4e:74:4b:44:6b:e9:0e:54:18:b6:18:97:6b:fa:71:
f9:52:de:3b:67:a3:67:70:70:a0:88:7f:d0:42:38:
bd:68:66:bb:1f:79:39:86:c5:d7:43:69:c9:b1:ec:
d7:be:79:f9:08:60:cf:e3:e9:54:7a:0d:c0:ea:11:
59:3e:86:6e:a9:3d:cf:af:e6:ba:74:e6:10:15:fa:
7c:46:a4:9a:d0:10:f1:1b:03:8c:b2:43:ec:f3:4c:
ce:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8F:7C:37:06:A0:92:3C:3C:96:74:7D:41:28:5F:2C:1C:33:4A:5F
X509v3 Authority Key Identifier:
keyid:D8:32:DA:8D:45:88:49:D5:F4:0B:A6:F0:B9:20:8F:85:85:D9:E2:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DLajUWISdX0C6bwuSCPhYXZ4j4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/a498Nwagkjw8lnR9QShfLBwzSl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7d21ee-a460-4c39-9e6f-c99795f3885f/1/2DLajUWISdX0C6bwuSCPhYXZ4j4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.216.0/21
93.187.8.0/21
185.47.112.0/22
185.66.80.0/22
185.101.60.0/22
IPv6:
2a00:1f00::/32
2a01:8ee0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:fe:2e:94:69:4a:a1:cf:33:6d:f9:b5:e4:d5:59:23:f9:5c:
31:c0:dc:fb:05:49:da:78:a1:37:7f:13:cf:5e:c1:ef:cf:26:
2a:48:6e:f5:a2:d0:3f:cc:aa:80:78:78:bf:ef:e9:fb:51:b5:
de:50:37:5f:4c:8c:8d:9f:58:c9:4b:b0:07:07:81:da:fa:dc:
11:d7:9d:fc:d4:d3:5e:0b:7e:d3:ba:8f:f0:2f:18:3b:9a:eb:
a3:38:3b:93:2f:8c:af:13:a0:74:10:dd:bb:17:e6:6c:de:fe:
00:9c:8d:1f:c7:1d:e2:3c:70:94:40:4c:08:16:63:cd:24:56:
f0:44:e1:a0:41:64:fd:36:ef:94:61:ef:58:98:fa:0c:21:25:
b0:d1:2f:d4:05:e1:cd:33:b9:b9:83:a0:e2:9f:38:e8:04:e6:
55:15:67:27:05:4a:07:47:8f:ab:ea:bc:cc:63:7f:de:87:8b:
32:a1:e7:2e:ff:e3:c9:03:5f:5f:9d:10:28:33:da:ea:2e:15:
46:29:ee:1b:70:de:ad:be:cc:39:d0:ed:75:ce:9d:04:75:b1:
bb:2b:27:11:76:0e:77:c7:b9:62:61:2d:85:a2:21:3f:1b:95:
48:ec:af:a6:53:c0:99:a4:57:56:b0:51:ef:e1:50:9d:c3:15:
b2:e8:67:8d
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVxJ4hAArlIQW9XjgawdnFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzJkYThkNDU4ODQ5ZDVmNDBiYTZmMGI5MjA4Zjg1ODVk
OWUyM2UwHhcNMjMwMTAyMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhmN2MzNzA2YTA5MjNjM2M5Njc0N2Q0MTI4NWYyYzFjMzM0YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9HD3pH1+lnNiiFW8Blyxh0qQpc1R
Frym/Yps5KDgXsR353pZnvZWkl89lA1iS+EJR2pAsG8kkijcuuIf1NA7BYBSGNDS
MXloOnwHS2pyMU9TwAeZbUiLvDdJ/Py/EI3DDiznAorTInPs+c0tbw9odMGK28fV
nWCY4bvaXsxJ4QIuX+9SV87V90gYdK3TYiYnGZBRuYEIdqg40pL5AildMwZbj+1O
dEtEa+kOVBi2GJdr+nH5Ut47Z6NncHCgiH/QQji9aGa7H3k5hsXXQ2nJsezXvnn5
CGDP4+lUeg3A6hFZPoZuqT3Pr+a6dOYQFfp8RqSa0BDxGwOMskPs80zOJwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGuPfDcGoJI8PJZ0fUEoXywcM0pfMB8GA1UdIwQY
MBaAFNgy2o1FiEnV9Aum8Lkgj4WF2eI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYt
Yzk5Nzk1ZjM4ODVmLzEvYTQ5OE53YWdranc4bG5SOVFTaGZMQnd6U2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZDIxZWUtYTQ2MC00YzM5LTllNmYtYzk5Nzk1ZjM4ODVm
LzEvMkRMYWpVV0lTZFgwQzZid3VTQ1BoWVhaNGo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDJcvYAwQD
XbsIAwQCuS9wAwQCuUJQAwQCuWU8MBQEAgACMA4DBQAqAB8AAwUAKgGO4DANBgkq
hkiG9w0BAQsFAAOCAQEAjv4ulGlKoc8zbfm15NVZI/lcMcDc+wVJ2nihN38Tz17B
788mKkhu9aLQP8yqgHh4v+/p+1G13lA3X0yMjZ9YyUuwBweB2vrcEded/NTTXgt+
07qP8C8YO5rrozg7ky+MrxOgdBDduxfmbN7+AJyNH8cd4jxwlEBMCBZjzSRW8ETh
oEFk/TbvlGHvWJj6DCElsNEv1AXhzTO5uYOg4p846ATmVRVnJwVKB0ePq+q8zGN/
3oeLMqHnLv/jyQNfX50QKDPa6i4VRinuG3Derb7MOdDtdc6dBHWxuysnEXYOd8e5
YmEthaIhPxuVSOyvplPAmaRXVrBR7+FQncMVsuhnjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org