Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IAgN_H4v95SBhuQ5eueIAAe70VE.roa
File: IAgN_H4v95SBhuQ5eueIAAe70VE.roa (raw, json)
Hash identifier: RPDNqPp4mCA2j3Be4X98ceDHgvzy+qi1EiPNAt9jzNQ=
Subject key identifier: 20:08:0D:FC:7E:2F:F7:94:81:86:E4:39:7A:E7:88:00:07:BB:D1:51
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0191380B84B002A57019A361D9459DF87395
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IAgN_H4v95SBhuQ5eueIAAe70VE.roa
Signing time: Fri 09 Aug 2024 16:49:24 +0000
ROA not before: Fri 09 Aug 2024 16:49:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
91.132.57.0/24 maxlen: 24
159.255.32.0/22 maxlen: 24
185.231.172.0/22 maxlen: 24
188.214.236.0/22 maxlen: 22
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 06:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:38:0b:84:b0:02:a5:70:19:a3:61:d9:45:9d:f8:73:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 9 16:49:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20080dfc7e2ff7948186e4397ae7880007bbd151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:88:4d:02:66:b3:99:1d:50:9c:40:20:68:1b:
66:e8:19:93:71:94:25:03:78:8e:0d:89:ab:f9:8e:
8e:ad:21:f8:c8:8d:e0:4a:ab:71:7f:f5:ce:fb:51:
0b:c8:2d:4e:86:f3:56:fd:1a:bc:b7:dc:12:c3:61:
e0:a7:cc:61:b1:22:5c:4d:5e:91:a6:d6:bf:be:e3:
d5:16:be:02:52:f5:38:05:64:98:7f:ad:6f:04:48:
58:de:09:3c:a2:61:fc:22:1e:77:40:45:5e:3d:5c:
9c:93:da:ec:e1:72:0c:3c:b4:1c:f0:92:fb:21:d3:
a4:15:61:0e:4b:d5:65:84:62:a6:75:f9:f6:c0:ca:
84:ae:2b:9e:0d:ad:5f:f3:f1:a8:f2:e4:fe:ff:ef:
39:a5:f8:8d:4f:aa:bf:18:f5:ac:33:29:73:8d:f7:
f8:fa:fb:c1:a4:1c:3f:bf:cc:53:f3:a2:81:7c:08:
e6:8c:65:b8:d6:88:24:73:b5:f3:21:75:77:f6:c3:
67:9b:12:d0:34:a7:79:a5:a3:b9:67:67:f3:01:18:
cc:dd:75:8a:ea:7d:e7:ea:ee:74:0b:12:0a:99:ca:
2f:28:bb:9d:e0:a6:b7:d3:4f:83:09:95:91:06:06:
45:4f:d0:e0:fd:a5:c9:4b:1c:fd:29:7b:f6:d8:15:
fe:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:08:0D:FC:7E:2F:F7:94:81:86:E4:39:7A:E7:88:00:07:BB:D1:51
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/IAgN_H4v95SBhuQ5eueIAAe70VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.28.0/23
89.251.10.0/24
91.132.57.0/24
159.255.32.0/22
185.231.172.0/22
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
63:44:98:0c:a6:32:ad:16:cd:b0:45:a1:4b:76:00:d3:27:8b:
c5:14:e4:ba:ab:06:94:af:cc:8d:6a:9c:33:3a:3b:0b:d8:c0:
a5:8b:2f:5f:b9:06:7d:a5:f9:87:a8:fc:ce:9e:84:89:71:9b:
bc:ef:70:e5:35:58:9f:e9:18:1d:17:87:64:9d:8e:e6:e8:6b:
36:d8:69:01:17:97:7d:f8:ce:a8:23:39:57:82:08:14:44:1c:
8e:04:6d:65:26:1e:8e:06:90:fc:3e:3b:88:6a:72:ba:c8:f7:
33:1e:0e:a5:5b:a5:e8:9e:fe:42:32:95:97:d3:87:53:da:d1:
c1:b1:16:06:1c:d1:35:08:5a:77:1f:42:03:39:8d:09:d5:fa:
e7:60:92:9c:31:a2:af:fc:f1:a0:d7:b7:bd:87:fa:9e:90:ed:
5e:a4:35:a5:6a:d9:dd:3c:d5:d4:62:7e:3d:5c:d1:cc:be:23:
ba:aa:bc:f0:63:2e:52:f1:f8:e5:df:7b:b2:4e:7a:dd:73:60:
03:6c:87:7e:78:05:92:6a:be:a6:97:5d:7a:43:18:e6:2d:43:
1b:1d:6f:00:75:65:0e:c0:18:92:e0:9e:3c:13:76:02:23:c4:
04:cf:e6:28:06:21:87:7b:5c:42:ca:ff:46:fa:30:af:f0:ed:
20:f3:04:49
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZE4C4SwAqVwGaNh2UWd+HOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwODA5MTY0OTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA4MGRmYzdlMmZmNzk0ODE4NmU0Mzk3YWU3ODgwMDA3YmJkMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIhNAmazmR1QnEAgaBtm6BmTcZQl
A3iODYmr+Y6OrSH4yI3gSqtxf/XO+1ELyC1OhvNW/Rq8t9wSw2Hgp8xhsSJcTV6R
pta/vuPVFr4CUvU4BWSYf61vBEhY3gk8omH8Ih53QEVePVyck9rs4XIMPLQc8JL7
IdOkFWEOS9VlhGKmdfn2wMqEriueDa1f8/Go8uT+/+85pfiNT6q/GPWsMylzjff4
+vvBpBw/v8xT86KBfAjmjGW41ogkc7XzIXV39sNnmxLQNKd5paO5Z2fzARjM3XWK
6n3n6u50CxIKmcovKLud4Ka300+DCZWRBgZFT9Dg/aXJSxz9KXv22BX+8QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCAIDfx+L/eUgYbkOXrniAAHu9FRMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvSUFnTl9INHY5NVNCaHVRNWV1ZUlBQWU3MFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBUnMcAwQA
WfsKAwQAW4Q5AwQCn/8gAwQCueesAwQCvNbsAwQDvP0IAwQByoVaAwQC1a0gMA0G
CSqGSIb3DQEBCwUAA4IBAQBjRJgMpjKtFs2wRaFLdgDTJ4vFFOS6qwaUr8yNapwz
OjsL2MCliy9fuQZ9pfmHqPzOnoSJcZu873DlNVif6RgdF4dknY7m6Gs22GkBF5d9
+M6oIzlXgggURByOBG1lJh6OBpD8PjuIanK6yPczHg6lW6Xonv5CMpWX04dT2tHB
sRYGHNE1CFp3H0IDOY0J1frnYJKcMaKv/PGg17e9h/qekO1epDWlatndPNXUYn49
XNHMviO6qrzwYy5S8fjl33uyTnrdc2ADbId+eAWSar6ml116QxjmLUMbHW8AdWUO
wBiS4J48E3YCI8QEz+YoBiGHe1xCyv9G+jCv8O0g8wRJ
-----END CERTIFICATE-----
Generated at Sat Aug 31 09:16:37 2024 by rpki-client on console-fra.rpki-client.org