Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lq8GFmH11QBam611iQ5avZ4DPd0.roa
File: lq8GFmH11QBam611iQ5avZ4DPd0.roa (raw, json)
Hash identifier: 9U8whyHT8xmQQ68aXWiYDDyoVAb2l7AUG43/dQ1cUqc=
Subject key identifier: 96:AF:06:16:61:F5:D5:00:5A:9B:AD:75:89:0E:5A:BD:9E:03:3D:DD
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018B37863E19FAED5627B9E7EFAF9AF20754
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lq8GFmH11QBam611iQ5avZ4DPd0.roa
Signing time: Mon 16 Oct 2023 08:07:06 +0000
ROA not before: Mon 16 Oct 2023 08:07:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9127
IP address blocks: 82.146.4.0/23 maxlen: 24
212.72.192.0/24 maxlen: 24
212.72.192.0/22 maxlen: 24
84.238.164.0/24 maxlen: 24
84.238.166.0/24 maxlen: 24
82.146.8.0/23 maxlen: 24
212.72.196.0/23 maxlen: 24
82.146.10.0/24 maxlen: 24
212.72.204.0/24 maxlen: 24
212.72.200.0/23 maxlen: 24
82.146.14.0/24 maxlen: 24
212.72.204.0/23 maxlen: 24
212.72.213.0/24 maxlen: 24
212.72.207.0/24 maxlen: 24
212.72.208.0/22 maxlen: 24
213.130.94.0/24 maxlen: 24
212.72.215.0/24 maxlen: 24
82.146.30.0/24 maxlen: 24
212.72.216.0/22 maxlen: 24
212.72.220.0/24 maxlen: 24
212.72.222.0/23 maxlen: 24
213.130.70.0/23 maxlen: 24
213.130.72.0/23 maxlen: 24
213.130.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:86:3e:19:fa:ed:56:27:b9:e7:ef:af:9a:f2:07:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Oct 16 08:07:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96af061661f5d5005a9bad75890e5abd9e033ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b6:57:4e:05:39:b4:6e:bb:8f:ca:8f:44:2f:
01:1b:16:f0:b2:a0:85:d5:be:95:d6:56:97:d2:5f:
be:88:8b:65:ae:95:0d:12:17:81:15:4c:9f:41:05:
92:d7:5f:39:99:f0:78:b7:81:91:b1:3d:ee:49:d9:
c6:e2:29:e1:59:10:c2:2e:b1:b4:76:f9:f7:ea:2d:
c9:48:fc:82:60:96:45:20:b7:33:4b:c7:9a:74:36:
f9:63:61:37:78:35:83:b8:e1:5a:34:fc:79:82:49:
68:d1:9b:31:09:41:9f:19:4b:64:75:1d:52:ac:85:
1d:49:73:60:84:6b:47:71:79:ab:f3:c3:80:7c:25:
ee:31:cd:95:3d:40:37:d6:75:0a:0c:37:c8:d3:2a:
c6:69:df:cb:05:63:4f:ef:73:89:40:fd:58:f4:be:
2b:d8:a1:a8:a1:49:ec:6b:a0:2f:78:88:a2:56:f8:
7d:d7:4e:e1:5c:b0:e4:2d:9d:0b:1f:b0:2b:2a:4b:
f3:6a:6e:4a:ea:aa:16:a5:90:f4:db:79:ab:6f:c8:
87:d6:27:33:b0:c3:aa:02:75:22:2a:10:a4:4a:c9:
80:ba:ff:8d:ab:7f:47:b5:b1:f7:9a:03:00:8f:18:
d2:57:9c:b7:c3:6c:00:9a:70:19:d6:79:4a:ff:11:
9a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AF:06:16:61:F5:D5:00:5A:9B:AD:75:89:0E:5A:BD:9E:03:3D:DD
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lq8GFmH11QBam611iQ5avZ4DPd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.4.0/23
82.146.8.0-82.146.10.255
82.146.14.0/24
82.146.30.0/24
84.238.164.0/24
84.238.166.0/24
212.72.192.0-212.72.197.255
212.72.200.0/23
212.72.204.0/23
212.72.207.0-212.72.211.255
212.72.213.0/24
212.72.215.0-212.72.220.255
212.72.222.0/23
213.130.70.0-213.130.73.255
213.130.75.0/24
213.130.94.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:55:db:51:8b:79:1a:9a:aa:c6:72:71:5e:84:94:d5:d8:66:
28:58:e9:10:66:51:9a:d7:4b:da:db:d7:76:e3:17:00:e3:2b:
13:47:e1:28:9e:d4:71:f4:93:10:44:74:af:6c:b0:e5:89:52:
e0:2d:0d:14:04:8d:20:c1:89:cb:85:90:83:81:0c:3d:25:eb:
ad:62:c1:e2:44:3e:e5:47:77:94:12:05:68:76:af:a8:e1:8b:
90:08:b8:33:43:61:34:43:52:fd:27:93:c6:d2:99:20:cf:18:
bf:b0:24:7c:6e:a7:f3:12:b5:9c:40:25:9e:19:96:3a:8a:df:
a3:32:8f:67:14:80:0f:13:f5:db:62:c7:31:6b:45:f1:84:ad:
04:3b:96:c1:8b:ca:9a:99:ca:0d:c1:22:22:51:1c:9c:e2:c2:
71:c5:79:f7:41:5f:6b:18:37:e4:8d:b9:39:d7:d3:99:b5:6b:
1f:27:bd:42:6e:77:b4:23:f3:fc:56:9b:8a:17:bb:37:80:bd:
56:ad:31:e1:bc:a0:58:e4:fe:a2:4f:de:35:b9:f8:68:63:c0:
e7:3e:8d:a2:2f:8d:88:f7:42:09:36:1f:8e:f5:d7:e2:d3:c4:
a8:a7:de:82:c4:91:61:48:57:e8:1b:f8:1b:31:70:76:f4:25:
91:1b:65:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYs3hj4Z+u1WJ7nn76+a8gdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMxMDE2MDgwNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmFmMDYxNjYxZjVkNTAwNWE5YmFkNzU4OTBlNWFiZDllMDMzZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbZXTgU5tG67j8qPRC8BGxbwsqCF
1b6V1laX0l++iItlrpUNEheBFUyfQQWS1185mfB4t4GRsT3uSdnG4inhWRDCLrG0
dvn36i3JSPyCYJZFILczS8eadDb5Y2E3eDWDuOFaNPx5gklo0ZsxCUGfGUtkdR1S
rIUdSXNghGtHcXmr88OAfCXuMc2VPUA31nUKDDfI0yrGad/LBWNP73OJQP1Y9L4r
2KGooUnsa6AveIiiVvh9107hXLDkLZ0LH7ArKkvzam5K6qoWpZD023mrb8iH1icz
sMOqAnUiKhCkSsmAuv+Nq39HtbH3mgMAjxjSV5y3w2wAmnAZ1nlK/xGaUwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFJavBhZh9dUAWputdYkOWr2eAz3dMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvbHE4R0ZtSDExUUJhbTYxMWlRNWF2WjREUGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAFS
kgQwDAMEA1KSCAMEAFKSCgMEAFKSDgMEAFKSHgMEAFTupAMEAFTupjAMAwQG1EjA
AwQB1EjEAwQB1EjIAwQB1EjMMAwDBADUSM8DBALUSNADBADUSNUwDAMEANRI1wME
ANRI3AMEAdRI3jAMAwQB1YJGAwQB1YJIAwQA1YJLAwQA1YJeMA0GCSqGSIb3DQEB
CwUAA4IBAQAPVdtRi3kamqrGcnFehJTV2GYoWOkQZlGa10va29d24xcA4ysTR+Eo
ntRx9JMQRHSvbLDliVLgLQ0UBI0gwYnLhZCDgQw9JeutYsHiRD7lR3eUEgVodq+o
4YuQCLgzQ2E0Q1L9J5PG0pkgzxi/sCR8bqfzErWcQCWeGZY6it+jMo9nFIAPE/Xb
Yscxa0XxhK0EO5bBi8qamcoNwSIiURyc4sJxxXn3QV9rGDfkjbk519OZtWsfJ71C
bne0I/P8VpuKF7s3gL1WrTHhvKBY5P6iT941ufhoY8DnPo2iL42I90IJNh+O9dfi
08Sop96CxJFhSFfoG/gbMXB29CWRG2X6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org