Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/_H1H-kcnL9PciqltJ1s5VIW4uNU.roa
File: _H1H-kcnL9PciqltJ1s5VIW4uNU.roa (raw, json)
Hash identifier: ZEE+r9VloDOgrjmEj587vM3lYUZLfqE9jcuf/k/1HjI=
Subject key identifier: FC:7D:47:FA:47:27:2F:D3:DC:8A:A9:6D:27:5B:39:54:85:B8:B8:D5
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 01856D6F8C293D66BB36DFEA5FEC4418DDBF
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/_H1H-kcnL9PciqltJ1s5VIW4uNU.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51275
IP address blocks: 193.23.139.0/24 maxlen: 24
109.232.201.0/24 maxlen: 24
109.232.200.0/21 maxlen: 21
193.23.138.0/24 maxlen: 24
109.232.202.0/24 maxlen: 24
109.232.200.0/24 maxlen: 24
89.107.249.0/24 maxlen: 24
2a00:1608::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:8c:29:3d:66:bb:36:df:ea:5f:ec:44:18:dd:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc7d47fa47272fd3dc8aa96d275b395485b8b8d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8e:d6:07:bf:2e:22:20:c9:e4:8a:e6:95:03:
ce:da:69:b1:f4:a8:ff:a7:de:f8:b4:23:62:74:76:
91:88:6a:50:ca:e0:73:f5:9c:9b:79:9a:54:44:f6:
21:39:9c:84:79:69:b6:91:a4:28:c2:32:9a:6b:ed:
2c:7a:32:46:86:90:43:2d:32:8c:9f:5d:1c:96:be:
82:18:21:d2:08:fb:48:00:63:db:ee:22:93:ce:95:
49:f8:25:c8:c4:b6:8c:e6:c6:5d:61:9a:50:d0:7b:
d0:8a:ab:cf:cd:7a:50:1c:f0:68:b4:c9:44:d3:1e:
3c:bd:48:e1:03:b0:2d:91:d0:95:0a:77:55:c4:2c:
ee:86:f5:9e:be:67:29:9f:e7:ea:af:bc:e8:ca:67:
a6:92:da:45:e3:cd:f3:bb:8a:fb:5d:46:ab:1d:c6:
ff:73:4c:88:29:5c:b5:cb:ab:d1:31:0c:98:fd:ef:
55:52:cf:ff:f8:6a:30:55:d4:d9:69:de:bc:b1:1d:
38:13:b8:53:21:c4:61:28:5f:4b:ab:8b:da:44:47:
18:ad:77:65:58:ab:51:27:c6:3d:dc:0a:d2:5b:ec:
71:e4:da:e1:7a:10:d2:68:59:fa:fa:c6:cf:16:b7:
5f:51:41:dd:4e:92:f6:d0:8a:91:a1:4c:26:14:89:
84:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7D:47:FA:47:27:2F:D3:DC:8A:A9:6D:27:5B:39:54:85:B8:B8:D5
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/_H1H-kcnL9PciqltJ1s5VIW4uNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.249.0/24
109.232.200.0/21
193.23.138.0/23
IPv6:
2a00:1608::/32
Signature Algorithm: sha256WithRSAEncryption
7b:80:d2:33:a4:e7:03:be:1a:5e:cf:2e:35:3d:8a:d7:1b:b4:
07:a0:cc:7d:95:f7:93:98:1b:4b:ed:07:25:b9:7a:61:b1:f4:
45:82:7a:56:57:f4:90:63:24:2d:66:1c:67:18:23:dd:e6:f9:
a9:87:d9:50:d2:b2:73:a8:ad:2b:9b:c4:be:b8:08:f5:43:51:
b9:02:9b:71:20:ba:37:e6:c9:5c:bc:8f:a2:a4:31:cf:ee:6b:
57:33:00:cc:dd:83:db:2f:a5:c7:cf:a4:52:55:31:5a:d0:08:
37:04:8c:00:b6:79:6f:e1:c0:7c:bf:55:9b:f7:5e:c1:be:82:
4c:8e:4b:ec:95:9b:5c:89:d6:ed:d9:4f:20:39:d7:3a:19:aa:
17:b5:78:20:dc:9b:e2:29:dc:87:56:fc:75:c2:86:ca:7a:ae:
e4:2e:bd:bd:db:15:1c:d0:4c:fe:d4:79:e5:42:54:1d:52:80:
20:5a:24:71:46:37:6c:b1:e7:18:9c:27:21:ef:49:56:60:06:
8b:19:08:aa:a9:2b:ec:78:c3:02:f1:1d:9c:3c:63:9a:1c:d7:
29:3c:d8:c4:a9:76:43:3b:91:f2:5c:92:58:5b:15:39:d8:ad:
63:41:44:bb:7f:1a:7e:34:2a:bf:2b:e2:13:0b:a5:4d:15:72:
5d:ac:cf:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtb4wpPWa7Nt/qX+xEGN2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzdkNDdmYTQ3MjcyZmQzZGM4YWE5NmQyNzViMzk1NDg1YjhiOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAno7WB78uIiDJ5IrmlQPO2mmx9Kj/
p974tCNidHaRiGpQyuBz9ZybeZpURPYhOZyEeWm2kaQowjKaa+0sejJGhpBDLTKM
n10clr6CGCHSCPtIAGPb7iKTzpVJ+CXIxLaM5sZdYZpQ0HvQiqvPzXpQHPBotMlE
0x48vUjhA7AtkdCVCndVxCzuhvWevmcpn+fqr7zoymemktpF483zu4r7XUarHcb/
c0yIKVy1y6vRMQyY/e9VUs//+GowVdTZad68sR04E7hTIcRhKF9Lq4vaREcYrXdl
WKtRJ8Y93ArSW+xx5NrhehDSaFn6+sbPFrdfUUHdTpL20IqRoUwmFImERwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPx9R/pHJy/T3IqpbSdbOVSFuLjVMB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvX0gxSC1rY25MOVBjaXFsdEoxczVWSVc0dU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWWv5AwQD
bejIAwQBwReKMA0EAgACMAcDBQAqABYIMA0GCSqGSIb3DQEBCwUAA4IBAQB7gNIz
pOcDvhpezy41PYrXG7QHoMx9lfeTmBtL7QcluXphsfRFgnpWV/SQYyQtZhxnGCPd
5vmph9lQ0rJzqK0rm8S+uAj1Q1G5AptxILo35slcvI+ipDHP7mtXMwDM3YPbL6XH
z6RSVTFa0Ag3BIwAtnlv4cB8v1Wb917BvoJMjkvslZtcidbt2U8gOdc6GaoXtXgg
3JviKdyHVvx1wobKeq7kLr292xUc0Ez+1HnlQlQdUoAgWiRxRjdssecYnCch70lW
YAaLGQiqqSvseMMC8R2cPGOaHNcpPNjEqXZDO5HyXJJYWxU52K1jQUS7fxp+NCq/
K+ITC6VNFXJdrM/R
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:57 2024 by rpki-client on console-ams.rpki-client.org