Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/a5oSipsFP77zBC82uRVx3H6aMUM.roa
File: a5oSipsFP77zBC82uRVx3H6aMUM.roa (raw, json)
Hash identifier: 86UaI/PbhZ986s5CR6v+s+9eOLUZOuMHyqQ2Tf07Mp4=
Subject key identifier: 6B:9A:12:8A:9B:05:3F:BE:F3:04:2F:36:B9:15:71:DC:7E:9A:31:43
Certificate issuer: /CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Certificate serial: 018C34F892DC55E27E89603B13A1D27C622A
Authority key identifier: 4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/a5oSipsFP77zBC82uRVx3H6aMUM.roa
Signing time: Mon 04 Dec 2023 13:15:54 +0000
ROA not before: Mon 04 Dec 2023 13:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49673
IP address blocks: 185.54.244.0/22 maxlen: 22
185.54.244.0/24 maxlen: 24
94.247.104.0/21 maxlen: 21
94.247.111.0/24 maxlen: 24
94.247.110.0/23 maxlen: 23
94.247.110.0/24 maxlen: 24
2a02:47a0:a:115::/64 maxlen: 64
2a02:47a0:a:112::/64 maxlen: 64
2a02:47a0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:f8:92:dc:55:e2:7e:89:60:3b:13:a1:d2:7c:62:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Validity
Not Before: Dec 4 13:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9a128a9b053fbef3042f36b91571dc7e9a3143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8d:94:5c:d0:bf:6a:05:62:16:e7:a4:93:48:
ac:21:a6:97:47:a3:ff:f7:b4:90:9d:e2:86:d4:04:
8c:5e:5f:05:bb:26:a6:73:c1:21:dd:b8:d6:7e:4c:
e2:3e:35:66:0c:2e:df:c6:2e:92:21:45:8f:35:e7:
d3:72:f0:16:ec:98:c4:4f:a5:8e:ea:3c:7f:1a:54:
4b:37:b8:62:6a:3a:f5:9a:a0:37:84:a7:5b:ca:88:
57:1e:9f:70:64:3f:8c:6b:3d:ae:68:38:f2:60:60:
9f:3e:97:46:08:b2:df:1b:ba:b6:38:da:f1:23:49:
0f:a4:f8:89:46:7e:29:f8:21:d0:d8:da:2a:ac:79:
87:e3:df:9e:53:27:13:ca:29:b1:e8:6a:1f:c7:03:
0f:52:5e:99:ef:d5:1a:2c:89:98:d4:fa:90:52:e7:
c8:c0:d0:07:f6:ba:d2:1e:19:db:e7:2c:95:38:1d:
de:b4:b4:59:fc:13:20:7c:fd:d0:42:db:24:c1:49:
ee:9e:9f:0e:62:cb:34:f1:23:74:27:31:5d:b3:25:
58:4a:d5:ba:28:1a:58:a7:7e:b9:fd:15:f4:ec:5b:
24:b7:d0:ba:97:fb:5a:d9:7a:a8:19:2f:81:85:48:
c3:b9:38:bd:d7:d3:22:ed:1b:81:03:ec:b3:ba:78:
18:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9A:12:8A:9B:05:3F:BE:F3:04:2F:36:B9:15:71:DC:7E:9A:31:43
X509v3 Authority Key Identifier:
keyid:4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/a5oSipsFP77zBC82uRVx3H6aMUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.104.0/21
185.54.244.0/22
IPv6:
2a02:47a0:a::/48
Signature Algorithm: sha256WithRSAEncryption
23:36:50:c3:bc:08:cb:84:9a:da:e0:bc:1b:f3:a8:ce:2b:4d:
8b:0e:9f:8a:29:b7:1e:89:d7:92:2e:77:76:25:bc:29:ec:ca:
16:1e:0e:94:30:ea:58:9c:4a:fe:15:f2:20:44:1d:2f:8e:90:
87:85:6a:64:01:a6:fa:f8:2e:3c:b1:f0:cd:b9:5f:8f:3b:a3:
bd:fe:87:a3:db:6e:ab:b5:a6:5f:6b:10:4d:91:36:87:02:89:
e5:71:3b:6e:13:f1:e4:88:c9:9f:4f:45:4f:48:34:1f:c2:37:
82:50:7d:aa:71:d8:f7:31:7c:b8:3b:01:60:e0:96:7e:78:fe:
5a:e2:84:86:96:33:6d:76:fe:96:03:9c:f7:07:4c:4b:4c:e4:
00:0f:ce:cb:fa:4f:4b:62:82:89:08:08:da:47:cc:45:ab:7d:
c0:8a:f1:4f:b6:7e:a9:59:02:7c:d6:ee:85:db:42:a4:8c:c6:
dd:5d:ac:8d:7b:8c:9a:d2:cb:9d:91:bc:93:84:02:5f:f5:ed:
f9:96:0b:5d:2e:13:4a:4f:c4:32:d9:7e:71:52:7e:61:db:19:
00:1f:c0:fd:e2:d0:2d:55:77:01:78:93:4e:6b:47:da:ed:d0:
91:a4:0b:3e:c5:2a:63:45:f8:26:56:89:0c:fe:b6:62:28:a9:
94:63:3a:c6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYw0+JLcVeJ+iWA7E6HSfGIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODczODllZjQxZjE4YzFmY2M4Mjc1NDM0OWVhNzA5Njk4
MGIxZTMwHhcNMjMxMjA0MTMxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjlhMTI4YTliMDUzZmJlZjMwNDJmMzZiOTE1NzFkYzdlOWEzMTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmI2UXNC/agViFuekk0isIaaXR6P/
97SQneKG1ASMXl8Fuyamc8Eh3bjWfkziPjVmDC7fxi6SIUWPNefTcvAW7JjET6WO
6jx/GlRLN7hiajr1mqA3hKdbyohXHp9wZD+Maz2uaDjyYGCfPpdGCLLfG7q2ONrx
I0kPpPiJRn4p+CHQ2NoqrHmH49+eUycTyimx6GofxwMPUl6Z79UaLImY1PqQUufI
wNAH9rrSHhnb5yyVOB3etLRZ/BMgfP3QQtskwUnunp8OYss08SN0JzFdsyVYStW6
KBpYp365/RX07Fskt9C6l/ta2XqoGS+BhUjDuTi919Mi7RuBA+yzungY+wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGuaEoqbBT++8wQvNrkVcdx+mjFDMB8GA1UdIwQY
MBaAFEyHOJ70HxjB/MgnVDSepwlpgLHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTct
ZmZiNzA5Zjc2NjhjLzEvYTVvU2lwc0ZQNzd6QkM4MnVSVngzSDZhTVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTctZmZiNzA5Zjc2Njhj
LzEvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDXvdoAwQC
uTb0MA8EAgACMAkDBwAqAkegAAowDQYJKoZIhvcNAQELBQADggEBACM2UMO8CMuE
mtrgvBvzqM4rTYsOn4optx6J15Iud3YlvCnsyhYeDpQw6licSv4V8iBEHS+OkIeF
amQBpvr4Ljyx8M25X487o73+h6Pbbqu1pl9rEE2RNocCieVxO24T8eSIyZ9PRU9I
NB/CN4JQfapx2PcxfLg7AWDgln54/lrihIaWM212/pYDnPcHTEtM5AAPzsv6T0ti
gokICNpHzEWrfcCK8U+2fqlZAnzW7oXbQqSMxt1drI17jJrSy52RvJOEAl/17fmW
C10uE0pPxDLZfnFSfmHbGQAfwP3i0C1VdwF4k05rR9rt0JGkCz7FKmNF+CZWiQz+
tmIoqZRjOsY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:50 2024 by rpki-client on console-fra.rpki-client.org