Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/an0EBPL1UsksvbjCaQDJJBtEHjg.roa
File: an0EBPL1UsksvbjCaQDJJBtEHjg.roa (raw, json)
Hash identifier: dTl+HQA+9M8yb19SGdtjlEUGWQ72eDq6qTOkbzS8ZjU=
Subject key identifier: 6A:7D:04:04:F2:F5:52:C9:2C:BD:B8:C2:69:00:C9:24:1B:44:1E:38
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01899C6EDF37D8F9BC1F13182F5EAD5F65BD
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/an0EBPL1UsksvbjCaQDJJBtEHjg.roa
Signing time: Fri 28 Jul 2023 12:17:39 +0000
ROA not before: Fri 28 Jul 2023 12:17:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 159.255.32.0/21 maxlen: 24
188.253.8.0/22 maxlen: 24
103.25.84.0/22 maxlen: 24
82.115.8.0/22 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Aug 2023 09:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9c:6e:df:37:d8:f9:bc:1f:13:18:2f:5e:ad:5f:65:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 28 12:17:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a7d0404f2f552c92cbdb8c26900c9241b441e38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:45:4e:b5:5c:bc:f8:e9:f2:f4:44:1e:15:74:
a2:7a:f4:f1:56:12:c4:84:52:10:4c:08:16:f8:0b:
d9:6f:7b:9b:15:11:4d:29:eb:ff:d4:cd:ce:fc:02:
2d:0d:cd:97:53:94:87:f7:24:fb:2e:9b:25:61:37:
16:3c:1d:06:98:0b:66:74:08:01:21:db:e3:90:f9:
a1:b7:6f:fd:6e:ad:4f:71:87:30:94:59:ae:1f:4f:
d9:31:15:6f:14:1d:57:5a:35:b9:7a:6d:89:91:eb:
ec:96:b6:ef:cd:8d:5a:a9:eb:b8:14:fb:ad:5e:42:
30:69:f8:9f:88:a5:84:f0:6d:ab:f3:8b:14:23:5f:
38:0b:18:ee:aa:ef:80:8d:85:db:78:82:33:db:53:
e6:3b:c1:5f:46:a9:5e:d8:b8:49:7c:5f:e7:55:6e:
e7:85:a2:76:31:eb:31:3c:fa:dc:60:10:0c:cc:24:
ba:91:1e:99:a5:e9:11:93:77:47:9c:58:da:96:58:
84:53:db:c2:e8:a7:21:a6:4c:e2:2e:5a:2e:6b:84:
95:c8:1f:20:cb:ac:f2:5a:16:b4:09:41:59:e3:36:
99:eb:09:79:c8:59:1e:83:76:44:ad:98:b4:3d:b4:
34:57:70:ff:c7:a2:b7:e0:8d:ad:37:97:cc:46:6e:
42:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:7D:04:04:F2:F5:52:C9:2C:BD:B8:C2:69:00:C9:24:1B:44:1E:38
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/an0EBPL1UsksvbjCaQDJJBtEHjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.8.0/22
103.25.84.0/22
159.255.32.0/21
188.214.236.0/22
188.253.8.0/22
Signature Algorithm: sha256WithRSAEncryption
83:32:34:d4:29:7d:51:60:62:b8:ff:12:a9:97:33:2e:5c:3a:
f9:99:d5:21:d4:ed:38:1a:92:6c:64:88:42:9a:db:9c:4d:a2:
eb:51:e7:78:c4:26:07:84:43:24:12:56:a2:b8:98:65:39:e1:
85:15:ff:cd:74:c9:26:73:c0:8b:e5:7d:c7:1e:7b:9f:f4:b3:
ba:f1:c4:c9:4c:f1:e3:26:6b:04:61:f6:b5:9c:68:01:7c:17:
ec:72:13:df:1c:d9:6d:86:7d:d2:74:bb:51:58:78:86:29:1c:
53:8b:13:cd:4a:57:5c:91:41:a1:72:bb:86:f4:93:a9:80:3b:
2e:55:1c:df:aa:c3:01:fd:cf:8b:ce:e4:a7:5f:9e:ad:b8:b3:
ee:b5:52:5a:80:3b:c5:68:3d:3c:2a:c6:2a:b1:89:56:13:01:
98:df:45:e5:9a:73:3b:84:d0:25:2a:93:77:63:ac:e0:84:99:
79:4f:1b:8b:9a:04:0c:4e:83:a5:c5:40:d5:50:84:69:06:46:
93:e0:4b:6d:e0:9b:d0:2c:c6:ef:75:46:8d:e3:85:42:66:9f:
71:fd:9e:9e:f6:43:41:b9:ac:9d:4c:1c:04:19:f9:71:a5:17:
c5:e0:c7:28:ab:cd:4a:ec:42:48:af:2a:dd:26:43:b6:6f:48:
e8:9c:c2:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYmcbt832Pm8HxMYL16tX2W9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNzI4MTIxNzM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTdkMDQwNGYyZjU1MmM5MmNiZGI4YzI2OTAwYzkyNDFiNDQxZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0VOtVy8+Ony9EQeFXSievTxVhLE
hFIQTAgW+AvZb3ubFRFNKev/1M3O/AItDc2XU5SH9yT7LpslYTcWPB0GmAtmdAgB
IdvjkPmht2/9bq1PcYcwlFmuH0/ZMRVvFB1XWjW5em2JkevslrbvzY1aqeu4FPut
XkIwafifiKWE8G2r84sUI184Cxjuqu+AjYXbeIIz21PmO8FfRqle2LhJfF/nVW7n
haJ2MesxPPrcYBAMzCS6kR6ZpekRk3dHnFjalliEU9vC6KchpkziLloua4SVyB8g
y6zyWha0CUFZ4zaZ6wl5yFkeg3ZErZi0PbQ0V3D/x6K34I2tN5fMRm5CfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGp9BATy9VLJLL24wmkAySQbRB44MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvYW4wRUJQTDFVc2tzdmJqQ2FRREpKQnRFSGpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUnMIAwQC
ZxlUAwQDn/8gAwQCvNbsAwQCvP0IMA0GCSqGSIb3DQEBCwUAA4IBAQCDMjTUKX1R
YGK4/xKplzMuXDr5mdUh1O04GpJsZIhCmtucTaLrUed4xCYHhEMkElaiuJhlOeGF
Ff/NdMkmc8CL5X3HHnuf9LO68cTJTPHjJmsEYfa1nGgBfBfschPfHNlthn3SdLtR
WHiGKRxTixPNSldckUGhcruG9JOpgDsuVRzfqsMB/c+LzuSnX56tuLPutVJagDvF
aD08KsYqsYlWEwGY30XlmnM7hNAlKpN3Y6zghJl5TxuLmgQMToOlxUDVUIRpBkaT
4Ett4JvQLMbvdUaN44VCZp9x/Z6e9kNBuaydTBwEGflxpRfF4Mcoq81K7EJIryrd
JkO2b0jonMK5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org