Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/1dU2VtP5BDugmfiEDF-Boyl7gz4.roa
File: 1dU2VtP5BDugmfiEDF-Boyl7gz4.roa (raw, json)
Hash identifier: bjvllydJdydd9VbKMw0fXI41Ne+3mGRbB8PMivk4QiM=
Subject key identifier: D5:D5:36:56:D3:F9:04:3B:A0:99:F8:84:0C:5F:81:A3:29:7B:83:3E
Certificate issuer: /CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Certificate serial: 01856FF95C4F7C042F9EAAD3A7E923FCA6C8
Authority key identifier: C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/1dU2VtP5BDugmfiEDF-Boyl7gz4.roa
Signing time: Mon 02 Jan 2023 00:54:51 +0000
ROA not before: Mon 02 Jan 2023 00:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29283
IP address blocks: 85.184.64.0/19 maxlen: 19
89.33.144.0/21 maxlen: 21
85.184.78.0/24 maxlen: 24
94.199.120.0/21 maxlen: 21
185.6.62.0/24 maxlen: 24
185.6.60.0/22 maxlen: 22
185.6.60.0/24 maxlen: 24
185.6.61.0/24 maxlen: 24
213.174.96.0/19 maxlen: 19
213.174.127.0/24 maxlen: 24
2a02:6c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f9:5c:4f:7c:04:2f:9e:aa:d3:a7:e9:23:fc:a6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Validity
Not Before: Jan 2 00:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5d53656d3f9043ba099f8840c5f81a3297b833e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:10:d7:0a:e8:c1:8b:df:40:37:f9:0e:a2:be:
50:c9:d7:80:c5:35:1a:f6:c9:91:7b:61:6d:45:5b:
fc:6c:a6:55:4e:36:ca:6f:6a:38:44:56:f6:d3:82:
e2:28:b8:d2:75:88:84:6d:7f:68:e3:a1:32:82:f4:
c4:b4:42:e5:c7:e5:84:fa:f4:4c:43:a9:00:de:3c:
d9:bd:21:21:80:63:71:31:89:9e:e8:57:8e:78:f5:
28:13:54:4c:b5:bb:c8:23:44:44:3f:92:d3:b2:46:
17:62:41:78:22:62:d5:91:85:f2:e4:8e:cb:3e:79:
4b:4d:13:42:a7:43:a1:e6:2e:d0:42:9d:c6:93:db:
97:8c:21:73:8d:42:77:01:6d:c3:51:36:09:c9:60:
93:73:f0:07:ad:38:5d:80:c8:53:40:c7:df:45:27:
01:24:2d:e2:0f:51:a6:47:49:96:8d:55:45:d1:46:
4f:7d:24:29:aa:4c:6c:50:45:d8:05:0c:2f:47:ff:
6d:e1:34:85:5d:1b:8f:78:91:c1:0b:ad:1d:62:e6:
8a:d7:5f:da:4f:a1:d7:0e:41:22:82:1e:d0:63:0d:
57:89:20:1e:85:54:af:4d:b4:c0:55:b1:f6:77:8c:
8a:5a:a4:8d:6a:1e:fb:64:d6:b3:62:f0:d2:e6:46:
54:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:D5:36:56:D3:F9:04:3B:A0:99:F8:84:0C:5F:81:A3:29:7B:83:3E
X509v3 Authority Key Identifier:
keyid:C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/1dU2VtP5BDugmfiEDF-Boyl7gz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.64.0/19
89.33.144.0/21
94.199.120.0/21
185.6.60.0/22
213.174.96.0/19
IPv6:
2a02:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
4d:41:ff:e9:92:44:8f:25:83:6e:a4:f7:fd:8a:68:93:7f:97:
ff:69:e4:1e:b0:80:2f:6d:48:84:f3:08:16:02:9b:ee:32:e6:
ee:3a:9c:85:85:b4:68:e2:aa:7b:72:d5:87:8d:c1:64:c1:c1:
3d:c2:77:3f:aa:e3:a1:69:a5:12:9d:bc:38:eb:ab:aa:b4:c8:
21:9a:b4:1a:d8:53:31:14:3c:ea:d7:b3:c4:8a:b5:30:d1:48:
4e:f2:d5:2a:8c:af:54:eb:23:7b:44:53:37:57:a5:f8:9a:5b:
50:2f:d2:4d:69:a0:93:12:bd:3d:02:62:ab:09:3d:ee:f0:cc:
2b:94:08:7e:64:4c:d7:a7:df:50:c5:ef:ca:f0:1b:fa:f8:18:
44:74:9b:00:40:eb:1f:7f:93:6a:75:a1:04:c8:52:df:a8:b2:
95:17:be:68:6a:5f:70:3a:c2:ca:f0:47:58:b9:9b:89:25:e5:
84:09:41:c6:f3:0f:b5:dd:15:e8:93:15:4d:3a:8c:b6:11:18:
80:72:f5:a9:f3:eb:7b:96:23:fe:b8:ae:0e:5a:90:e4:3d:4e:
7c:c3:6a:79:89:b4:b8:00:ff:4e:04:db:75:19:98:a1:e6:b8:
d0:87:df:66:10:4a:4b:c9:b1:e0:e1:ce:7b:e2:6d:75:e9:60:
6a:3f:88:bc
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVv+VxPfAQvnqrTp+kj/KbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZWQ2NGM5M2RkZmRmMmY0OWI3ZWExYzIzZWFhZDA4NzAy
NDlhMzMwHhcNMjMwMTAyMDA1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWQ1MzY1NmQzZjkwNDNiYTA5OWY4ODQwYzVmODFhMzI5N2I4MzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBDXCujBi99AN/kOor5QydeAxTUa
9smRe2FtRVv8bKZVTjbKb2o4RFb204LiKLjSdYiEbX9o46EygvTEtELlx+WE+vRM
Q6kA3jzZvSEhgGNxMYme6FeOePUoE1RMtbvII0REP5LTskYXYkF4ImLVkYXy5I7L
PnlLTRNCp0Oh5i7QQp3Gk9uXjCFzjUJ3AW3DUTYJyWCTc/AHrThdgMhTQMffRScB
JC3iD1GmR0mWjVVF0UZPfSQpqkxsUEXYBQwvR/9t4TSFXRuPeJHBC60dYuaK11/a
T6HXDkEigh7QYw1XiSAehVSvTbTAVbH2d4yKWqSNah77ZNazYvDS5kZUDwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNXVNlbT+QQ7oJn4hAxfgaMpe4M+MB8GA1UdIwQY
MBaAFMntZMk9398vSbfqHCPqrQhwJJozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMt
MzVlZDViNTNkYTA1LzEvMWRVMlZ0UDVCRHVnbWZpRURGLUJveWw3Z3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yYTJhYjItMzA5OC00YTBmLTgwOWMtMzVlZDViNTNkYTA1
LzEveWUxa3lUM2YzeTlKdC1vY0ktcXRDSEFrbWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFVbhAAwQD
WSGQAwQDXsd4AwQCuQY8AwQF1a5gMA0EAgACMAcDBQAqAmxAMA0GCSqGSIb3DQEB
CwUAA4IBAQBNQf/pkkSPJYNupPf9imiTf5f/aeQesIAvbUiE8wgWApvuMubuOpyF
hbRo4qp7ctWHjcFkwcE9wnc/quOhaaUSnbw466uqtMghmrQa2FMxFDzq17PEirUw
0UhO8tUqjK9U6yN7RFM3V6X4mltQL9JNaaCTEr09AmKrCT3u8MwrlAh+ZEzXp99Q
xe/K8Bv6+BhEdJsAQOsff5NqdaEEyFLfqLKVF75oal9wOsLK8EdYuZuJJeWECUHG
8w+13RXokxVNOoy2ERiAcvWp8+t7liP+uK4OWpDkPU58w2p5ibS4AP9OBNt1GZih
5rjQh99mEEpLybHg4c574m116WBqP4i8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:12 2024 by rpki-client on console-ams.rpki-client.org