Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/e43d-I1DHyOlS8KdSsJTRMGQ6bg.roa
File: e43d-I1DHyOlS8KdSsJTRMGQ6bg.roa (raw, json)
Hash identifier: l0/TDBuyPZOOxgNjsDCQcesYC2hj2Y3R2t7BkxdUIls=
Subject key identifier: 7B:8D:DD:F8:8D:43:1F:23:A5:4B:C2:9D:4A:C2:53:44:C1:90:E9:B8
Certificate issuer: /CN=7a8746a76cda8369009d28941ef156239c6a63a1
Certificate serial: 018B4231430A76D8F5396B2FAE2245E3FD76
Authority key identifier: 7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/e43d-I1DHyOlS8KdSsJTRMGQ6bg.roa
Signing time: Wed 18 Oct 2023 09:50:06 +0000
ROA not before: Wed 18 Oct 2023 09:50:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 195.92.0.0/16 maxlen: 16
195.80.64.0/19 maxlen: 19
194.112.64.0/18 maxlen: 18
194.6.64.0/19 maxlen: 19
194.205.0.0/16 maxlen: 16
62.208.0.0/16 maxlen: 16
194.6.0.0/18 maxlen: 18
213.38.0.0/16 maxlen: 16
217.134.0.0/15 maxlen: 15
217.161.0.0/16 maxlen: 16
141.1.0.0/16 maxlen: 16
195.89.13.0/24 maxlen: 24
195.10.0.0/18 maxlen: 18
212.165.0.0/19 maxlen: 19
193.164.160.0/19 maxlen: 19
194.176.128.0/19 maxlen: 19
195.144.128.0/19 maxlen: 19
212.158.0.0/17 maxlen: 17
195.89.0.0/16 maxlen: 16
185.204.4.0/22 maxlen: 22
213.12.0.0/16 maxlen: 16
195.44.0.0/16 maxlen: 16
217.135.0.0/16 maxlen: 16
195.2.0.0/19 maxlen: 19
62.221.0.0/19 maxlen: 19
194.221.0.0/16 maxlen: 16
62.25.64.0/18 maxlen: 18
195.59.0.0/16 maxlen: 16
195.27.0.0/16 maxlen: 16
194.152.64.0/19 maxlen: 19
194.177.160.0/19 maxlen: 19
213.185.192.0/19 maxlen: 19
212.137.0.0/16 maxlen: 16
2001:5000::/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 17 Nov 2023 16:03:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:31:43:0a:76:d8:f5:39:6b:2f:ae:22:45:e3:fd:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8746a76cda8369009d28941ef156239c6a63a1
Validity
Not Before: Oct 18 09:50:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b8dddf88d431f23a54bc29d4ac25344c190e9b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:df:c2:42:6f:d5:14:14:07:17:0d:6b:fa:78:
e4:6c:10:84:14:80:db:06:d5:3c:b2:ae:4c:5b:7b:
ad:35:1e:d5:00:41:53:dc:58:25:44:e7:3b:4c:00:
13:0f:a8:f7:63:d8:23:9d:20:a4:d2:de:23:81:08:
99:95:50:4c:34:f6:91:03:e3:8e:9c:ef:87:c2:75:
48:5f:ff:8d:3d:1f:05:3d:c9:ab:17:ea:23:ba:dd:
24:bc:f7:a0:cd:c7:73:f0:52:28:e8:0e:a4:c7:c3:
7f:d2:dc:7b:fa:cc:b4:d4:0e:2d:99:76:d5:77:5b:
67:3f:b1:b8:54:ee:74:c4:a2:c6:06:9a:c1:3e:d3:
08:3b:2c:36:5a:21:74:94:31:f7:e1:c2:69:d1:a4:
64:23:be:3f:b6:37:8b:57:2a:c1:d3:61:a4:73:59:
15:69:b5:09:e5:14:2d:fe:8e:76:ab:14:d6:bd:17:
19:e9:38:da:b6:9b:1f:2c:e0:7b:76:6d:ad:cd:b4:
be:fb:70:e4:00:f1:c3:38:b8:87:44:a1:a6:9b:40:
01:23:3a:67:ab:50:dc:6b:1c:e5:71:af:36:6d:6d:
47:d8:52:70:11:e6:ec:f6:84:04:32:ad:03:7d:07:
80:0b:14:54:61:44:20:5c:af:cc:f8:4e:7a:96:c9:
93:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:8D:DD:F8:8D:43:1F:23:A5:4B:C2:9D:4A:C2:53:44:C1:90:E9:B8
X509v3 Authority Key Identifier:
keyid:7A:87:46:A7:6C:DA:83:69:00:9D:28:94:1E:F1:56:23:9C:6A:63:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eodGp2zag2kAnSiUHvFWI5xqY6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/e43d-I1DHyOlS8KdSsJTRMGQ6bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/913e12-f5ed-46f4-982c-52dedddee393/1/eodGp2zag2kAnSiUHvFWI5xqY6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.25.64.0/18
62.208.0.0/16
62.221.0.0/19
141.1.0.0/16
185.204.4.0/22
193.164.160.0/19
194.6.0.0-194.6.95.255
194.112.64.0/18
194.152.64.0/19
194.176.128.0/19
194.177.160.0/19
194.205.0.0/16
194.221.0.0/16
195.2.0.0/19
195.10.0.0/18
195.27.0.0/16
195.44.0.0/16
195.59.0.0/16
195.80.64.0/19
195.89.0.0/16
195.92.0.0/16
195.144.128.0/19
212.137.0.0/16
212.158.0.0/17
212.165.0.0/19
213.12.0.0/16
213.38.0.0/16
213.185.192.0/19
217.134.0.0/15
217.161.0.0/16
IPv6:
2001:5000::/21
Signature Algorithm: sha256WithRSAEncryption
1b:db:e4:e4:1b:b3:ee:9b:1a:48:bb:4d:eb:dc:39:8c:7c:45:
32:aa:66:da:2d:c9:1e:6a:3f:63:1a:cc:ba:da:c1:9a:37:ca:
ad:81:22:a9:8c:0c:3b:f7:34:00:6d:3f:9c:4a:c9:46:31:1c:
99:dc:51:d7:4d:95:c8:cd:11:4d:71:99:9f:93:d5:18:6d:67:
f7:8a:5b:c8:cf:bd:d5:f0:5e:37:15:55:7d:e5:1a:7f:0e:17:
6b:61:85:06:9e:70:37:07:90:3a:cf:09:f0:fe:a8:f4:9c:00:
7e:e7:ec:47:1c:c6:08:b5:ed:80:f2:e2:8e:73:bb:86:d8:97:
c9:2c:4a:73:23:02:0d:a1:6d:f1:5b:49:ee:fd:af:58:8f:03:
e9:0e:b9:93:5e:9d:2b:34:73:d7:8b:e5:b1:6c:10:f3:05:c1:
18:a1:b0:04:6e:5b:a7:c5:7d:7a:7d:11:b0:9d:76:f6:0a:c1:
3d:44:0e:a1:33:f5:56:7f:8b:01:81:00:42:c6:4c:af:5b:b0:
ff:ab:f5:46:d1:4b:23:a7:5d:2b:54:12:0a:a0:60:f6:e5:b6:
24:9c:26:97:c3:df:9a:2d:c9:ac:bb:ea:6d:4f:a6:53:86:5e:
65:87:11:4f:c2:1f:aa:dd:77:33:34:1c:b4:8d:de:a9:94:9a:
33:83:5b:e1
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgISAYtCMUMKdtj1OWsvriJF4/12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhODc0NmE3NmNkYTgzNjkwMDlkMjg5NDFlZjE1NjIzOWM2
YTYzYTEwHhcNMjMxMDE4MDk1MDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjhkZGRmODhkNDMxZjIzYTU0YmMyOWQ0YWMyNTM0NGMxOTBlOWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd/CQm/VFBQHFw1r+njkbBCEFIDb
BtU8sq5MW3utNR7VAEFT3FglROc7TAATD6j3Y9gjnSCk0t4jgQiZlVBMNPaRA+OO
nO+HwnVIX/+NPR8FPcmrF+ojut0kvPegzcdz8FIo6A6kx8N/0tx7+sy01A4tmXbV
d1tnP7G4VO50xKLGBprBPtMIOyw2WiF0lDH34cJp0aRkI74/tjeLVyrB02Gkc1kV
abUJ5RQt/o52qxTWvRcZ6TjatpsfLOB7dm2tzbS++3DkAPHDOLiHRKGmm0ABIzpn
q1Dcaxzlca82bW1H2FJwEebs9oQEMq0DfQeACxRUYUQgXK/M+E56lsmT0QIDAQAB
o4ICwzCCAr8wHQYDVR0OBBYEFHuN3fiNQx8jpUvCnUrCU0TBkOm4MB8GA1UdIwQY
MBaAFHqHRqds2oNpAJ0olB7xViOcamOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMt
NTJkZWRkZGVlMzkzLzEvZTQzZC1JMURIeU9sUzhLZFNzSlRSTUdRNmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85MTNlMTItZjVlZC00NmY0LTk4MmMtNTJkZWRkZGVlMzkz
LzEvZW9kR3AyemFnMmtBblNpVUh2RldJNXhxWTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHYBggrBgEFBQcBBwEB/wSByDCBxTCBtAQCAAEwga0DBAY+
GUADAwA+0AMEBT7dAAMDAI0BAwQCucwEAwQFwaSgMAsDAwHCBgMEBcIGQAMEBsJw
QAMEBcKYQAMEBcKwgAMEBcKxoAMDAMLNAwMAwt0DBAXDAgADBAbDCgADAwDDGwMD
AMMsAwMAwzsDBAXDUEADAwDDWQMDAMNcAwQFw5CAAwMA1IkDBAfUngADBAXUpQAD
AwDVDAMDANUmAwQF1bnAAwMB2YYDAwDZoTAMBAIAAjAGAwQDIAFQMA0GCSqGSIb3
DQEBCwUAA4IBAQAb2+TkG7PumxpIu03r3DmMfEUyqmbaLckeaj9jGsy62sGaN8qt
gSKpjAw79zQAbT+cSslGMRyZ3FHXTZXIzRFNcZmfk9UYbWf3ilvIz73V8F43FVV9
5Rp/DhdrYYUGnnA3B5A6zwnw/qj0nAB+5+xHHMYIte2A8uKOc7uG2JfJLEpzIwIN
oW3xW0nu/a9YjwPpDrmTXp0rNHPXi+WxbBDzBcEYobAEblunxX16fRGwnXb2CsE9
RA6hM/VWf4sBgQBCxkyvW7D/q/VG0Usjp10rVBIKoGD25bYknCaXw9+aLcmsu+pt
T6ZThl5lhxFPwh+q3XczNBy0jd6plJozg1vh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:53 2024 by rpki-client on console-fra.rpki-client.org