Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/4Jb3WV2n3HAz53LtqmjXDJoeOMI.roa
File: 4Jb3WV2n3HAz53LtqmjXDJoeOMI.roa (raw, json)
Hash identifier: B8qhgd31jPrQIS9BGavDcvffqHMAcKfviEByqmKr4Rk=
Subject key identifier: E0:96:F7:59:5D:A7:DC:70:33:E7:72:ED:AA:68:D7:0C:9A:1E:38:C2
Certificate issuer: /CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Certificate serial: 018CCA2A656254A5CD6FDF54C34985352A6C
Authority key identifier: 80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/4Jb3WV2n3HAz53LtqmjXDJoeOMI.roa
Signing time: Tue 02 Jan 2024 12:33:45 +0000
ROA not before: Tue 02 Jan 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6789
IP address blocks: 91.247.96.0/19 maxlen: 19
185.99.168.0/22 maxlen: 22
185.92.136.0/22 maxlen: 22
185.92.144.0/22 maxlen: 22
80.245.112.0/24 maxlen: 24
85.91.192.0/19 maxlen: 19
185.186.232.0/22 maxlen: 22
80.245.112.0/20 maxlen: 20
109.200.128.0/19 maxlen: 19
185.100.103.0/24 maxlen: 24
2a00:1d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Feb 2024 09:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:65:62:54:a5:cd:6f:df:54:c3:49:85:35:2a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808e238e30dcb759759fb8a394d9e211a28b9d87
Validity
Not Before: Jan 2 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e096f7595da7dc7033e772edaa68d70c9a1e38c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:37:7b:79:01:cd:35:d7:c0:e2:aa:68:0e:
a2:b5:e0:40:b9:b1:e3:05:4c:b8:37:39:a8:fb:dc:
01:70:d6:c1:f5:70:0c:97:4b:51:9b:9b:d4:e4:92:
1d:f1:14:06:03:f3:4a:d6:f5:cf:29:73:9a:7d:9c:
1e:cc:3c:a5:74:68:1e:61:5c:e0:18:02:27:2e:02:
9e:9d:7a:4b:d6:57:ee:78:23:23:b7:96:1f:a0:ef:
d4:08:82:bb:8e:93:76:45:66:b1:9c:72:0d:af:b1:
57:15:e3:05:72:37:43:20:ac:bf:c5:ea:ef:7e:d5:
ed:06:d6:a5:92:82:3b:25:28:88:3e:17:e6:fd:9b:
44:62:37:ab:6c:cf:f5:5f:c1:3c:d9:c6:1d:40:de:
20:ef:1d:eb:7e:59:bf:35:c3:ae:d0:a3:86:11:7c:
07:c3:cf:44:9f:08:91:3f:a7:3a:61:ab:b4:81:f7:
45:c6:4f:16:ab:43:9a:ad:3b:80:81:3f:10:8f:f4:
26:3d:b0:0c:5c:ee:43:b5:10:ed:7a:79:cf:ad:05:
4e:37:72:c1:e1:dd:9b:61:05:cb:83:bf:6a:c4:61:
3b:5c:7c:3c:a0:eb:a9:ea:5e:e9:89:a7:f2:80:4a:
8e:2c:ce:2d:43:6d:80:bf:7d:37:ff:c1:6e:f7:f6:
03:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:96:F7:59:5D:A7:DC:70:33:E7:72:ED:AA:68:D7:0C:9A:1E:38:C2
X509v3 Authority Key Identifier:
keyid:80:8E:23:8E:30:DC:B7:59:75:9F:B8:A3:94:D9:E2:11:A2:8B:9D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gI4jjjDct1l1n7ijlNniEaKLnYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/4Jb3WV2n3HAz53LtqmjXDJoeOMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/7b2cd6-b1f3-43fc-9f09-cd974042649f/1/gI4jjjDct1l1n7ijlNniEaKLnYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.245.112.0/20
85.91.192.0/19
91.247.96.0/19
109.200.128.0/19
185.92.136.0/22
185.92.144.0/22
185.99.168.0/22
185.100.103.0/24
185.186.232.0/22
IPv6:
2a00:1d80::/32
Signature Algorithm: sha256WithRSAEncryption
65:01:54:9b:11:87:b4:f1:19:8c:9b:15:ef:b9:45:e7:65:8f:
54:7c:09:c3:15:8b:51:c4:6c:ed:68:cf:bc:02:e8:cc:0d:d6:
fa:8c:00:98:23:fb:2a:7d:b9:98:54:c5:b3:4c:6a:a4:71:14:
fa:22:4e:1e:07:73:2f:52:13:fc:85:20:f7:a7:f8:a4:28:d2:
64:ad:d1:3f:95:e0:a5:5e:84:0c:79:26:32:17:5e:8e:4c:92:
30:6d:b5:c9:70:a5:25:54:c5:00:9e:f3:05:5b:dd:9d:8b:df:
ed:c8:c8:01:b8:74:35:05:05:97:6a:2d:e0:d3:49:5c:de:b9:
8c:c6:24:06:1c:01:1a:b7:87:dc:04:49:ce:5a:a8:f3:16:0e:
6e:54:be:eb:c0:0b:95:4f:6d:19:d0:b3:f8:a2:46:93:eb:87:
3d:24:ac:41:fa:ff:a0:02:a2:19:3e:3c:7f:c8:46:72:3c:9c:
04:d5:f2:99:fc:c4:0b:3b:32:2b:61:37:33:50:11:af:a6:0e:
26:15:b3:eb:c4:2c:98:9b:63:54:f4:4f:3e:a2:00:d8:bf:92:
0f:a3:be:91:fb:ea:38:67:06:32:2f:20:ff:31:db:eb:d3:06:
2f:85:96:37:1a:ea:02:ac:fa:28:dc:ca:75:24:2c:26:83:b0:
9c:c9:4b:9a
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzKKmViVKXNb99Uw0mFNSpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGUyMzhlMzBkY2I3NTk3NTlmYjhhMzk0ZDllMjExYTI4
YjlkODcwHhcNMjQwMTAyMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDk2Zjc1OTVkYTdkYzcwMzNlNzcyZWRhYTY4ZDcwYzlhMWUzOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd83e3kBzTXXwOKqaA6iteBAubHj
BUy4Nzmo+9wBcNbB9XAMl0tRm5vU5JId8RQGA/NK1vXPKXOafZwezDyldGgeYVzg
GAInLgKenXpL1lfueCMjt5YfoO/UCIK7jpN2RWaxnHINr7FXFeMFcjdDIKy/xerv
ftXtBtalkoI7JSiIPhfm/ZtEYjerbM/1X8E82cYdQN4g7x3rflm/NcOu0KOGEXwH
w89EnwiRP6c6Yau0gfdFxk8Wq0OarTuAgT8Qj/QmPbAMXO5DtRDtennPrQVON3LB
4d2bYQXLg79qxGE7XHw8oOup6l7piafygEqOLM4tQ22Av303/8Fu9/YDaQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOCW91ldp9xwM+dy7apo1wyaHjjCMB8GA1UdIwQY
MBaAFICOI44w3LdZdZ+4o5TZ4hGii52HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDkt
Y2Q5NzQwNDI2NDlmLzEvNEpiM1dWMm4zSEF6NTNMdHFtalhESm9lT01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi83YjJjZDYtYjFmMy00M2ZjLTlmMDktY2Q5NzQwNDI2NDlm
LzEvZ0k0ampqRGN0MWwxbjdpamxObmlFYUtMblljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEUPVwAwQF
VVvAAwQFW/dgAwQFbciAAwQCuVyIAwQCuVyQAwQCuWOoAwQAuWRnAwQCubroMA0E
AgACMAcDBQAqAB2AMA0GCSqGSIb3DQEBCwUAA4IBAQBlAVSbEYe08RmMmxXvuUXn
ZY9UfAnDFYtRxGztaM+8AujMDdb6jACYI/sqfbmYVMWzTGqkcRT6Ik4eB3MvUhP8
hSD3p/ikKNJkrdE/leClXoQMeSYyF16OTJIwbbXJcKUlVMUAnvMFW92di9/tyMgB
uHQ1BQWXai3g00lc3rmMxiQGHAEat4fcBEnOWqjzFg5uVL7rwAuVT20Z0LP4okaT
64c9JKxB+v+gAqIZPjx/yEZyPJwE1fKZ/MQLOzIrYTczUBGvpg4mFbPrxCyYm2NU
9E8+ogDYv5IPo76R++o4ZwYyLyD/Mdvr0wYvhZY3GuoCrPoo3Mp1JCwmg7CcyUua
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:02 2024 by rpki-client on console-fra.rpki-client.org