Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/u1m0Dbsjmfi-OMhIYofIknudPXQ.roa
File: u1m0Dbsjmfi-OMhIYofIknudPXQ.roa (raw, json)
Hash identifier: ta4GyuRAKHFV1U6ZykYRTRVg8nqbb6rRfhYdFoTxnT0=
Subject key identifier: BB:59:B4:0D:BB:23:99:F8:BE:38:C8:48:62:87:C8:92:7B:9D:3D:74
Certificate issuer: /CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Certificate serial: 01856D2F21F7A74C8A945D7178DA69E97319
Authority key identifier: 11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/u1m0Dbsjmfi-OMhIYofIknudPXQ.roa
Signing time: Sun 01 Jan 2023 11:54:43 +0000
ROA not before: Sun 01 Jan 2023 11:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 195.112.64.0/19 maxlen: 19
62.167.0.0/17 maxlen: 17
62.167.0.0/16 maxlen: 16
84.226.0.0/15 maxlen: 16
195.141.0.0/16 maxlen: 16
193.192.224.0/19 maxlen: 19
194.230.0.0/16 maxlen: 16
178.38.0.0/15 maxlen: 16
212.161.128.0/17 maxlen: 17
194.230.144.0/20 maxlen: 20
31.164.0.0/15 maxlen: 16
188.154.0.0/15 maxlen: 16
212.98.32.0/19 maxlen: 19
194.158.224.0/19 maxlen: 19
89.217.0.0/16 maxlen: 16
212.35.32.0/19 maxlen: 19
2001:1700::/27 maxlen: 27
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:21:f7:a7:4c:8a:94:5d:71:78:da:69:e9:73:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Validity
Not Before: Jan 1 11:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb59b40dbb2399f8be38c8486287c8927b9d3d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ac:b1:1c:ed:a9:25:45:c5:1a:38:11:8f:58:
47:c4:6e:48:a8:b9:83:f0:33:8c:cf:79:ad:63:1b:
94:ea:24:16:b0:4a:f3:d0:34:70:3a:e4:4d:c6:89:
a9:99:31:59:ce:4b:c6:6b:37:46:44:d8:c2:e6:15:
56:dd:de:09:16:60:56:92:17:0f:d8:ff:5f:b9:12:
f3:b2:9a:95:c8:83:32:ca:4d:21:ff:01:a6:97:47:
98:78:0d:c9:ad:46:0b:6d:4a:ff:27:26:47:26:bb:
4c:22:fc:9d:f8:05:64:a4:97:9b:4a:c5:cf:9f:25:
43:12:43:5c:1c:7c:e0:b9:7a:28:d6:4a:8a:23:89:
7c:22:ee:9a:23:b3:59:3e:15:3f:87:3f:93:95:57:
4c:25:2f:36:5f:cc:19:3f:5c:34:17:a0:ba:51:ad:
1e:43:1c:da:ea:5c:39:9c:95:26:fc:5a:17:6b:92:
d4:be:30:ed:28:92:8d:2f:49:4a:38:60:2d:f0:89:
9e:58:cf:f1:99:db:df:bd:7d:34:d8:71:ef:f4:8a:
57:88:fc:6c:82:09:44:39:50:c7:fe:d1:1d:69:62:
ec:11:60:77:de:25:d1:81:e8:92:f7:01:d3:e7:9e:
b9:98:39:72:43:d1:d2:52:da:9d:0a:a9:bf:04:06:
cd:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:59:B4:0D:BB:23:99:F8:BE:38:C8:48:62:87:C8:92:7B:9D:3D:74
X509v3 Authority Key Identifier:
keyid:11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/u1m0Dbsjmfi-OMhIYofIknudPXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.164.0.0/15
62.167.0.0/16
84.226.0.0/15
89.217.0.0/16
178.38.0.0/15
188.154.0.0/15
193.192.224.0/19
194.158.224.0/19
194.230.0.0/16
195.112.64.0/19
195.141.0.0/16
212.35.32.0/19
212.98.32.0/19
212.161.128.0/17
IPv6:
2001:1700::/27
Signature Algorithm: sha256WithRSAEncryption
a6:b9:11:26:4c:7b:23:12:ed:ac:b2:94:7a:24:ba:83:90:0e:
75:4c:66:96:d0:bc:b3:85:cd:4c:39:47:c6:82:ee:b4:d2:e0:
84:db:e3:1a:aa:0e:b4:9a:75:bd:a0:78:0c:01:64:67:d9:9b:
1c:e3:a1:57:b7:81:4e:db:b7:ca:f0:d1:e6:7e:eb:fa:16:c3:
a9:be:bc:5e:a2:a7:79:ae:41:95:d7:e8:f6:7d:6a:30:ab:9a:
97:24:65:57:02:1e:8d:02:7d:5f:a3:c2:df:8d:28:c4:78:51:
d9:4c:7c:18:34:67:67:44:fc:c8:ec:a9:95:70:70:ed:df:59:
6a:2b:2c:ba:7c:01:4b:df:b4:4e:73:bb:e0:da:c5:b5:ab:82:
51:c2:40:71:b9:b0:2c:23:bf:ce:f8:27:be:12:9c:5d:e0:52:
41:a4:8e:15:d4:db:96:95:98:d1:37:90:7d:1c:8e:ee:84:80:
7c:ca:0e:bf:c2:f4:43:9e:f8:24:33:60:08:72:62:73:17:06:
cd:7d:6c:d3:41:f1:31:17:ba:37:46:46:cd:0f:9f:17:4d:f4:
2d:ce:a2:5c:34:dd:96:48:a1:9b:7f:17:3e:72:a9:81:e3:78:
6d:c9:4c:be:b9:75:ab:cf:24:ce:40:eb:a2:2c:4c:3e:95:b4:
a0:29:59:36
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYVtLyH3p0yKlF1xeNpp6XMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWRiYzAwNDMzZTI5ZjJhZGViMDM4ZmVhMmZiZDcwNDhm
YjYzMmYwHhcNMjMwMTAxMTE1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjU5YjQwZGJiMjM5OWY4YmUzOGM4NDg2Mjg3Yzg5MjdiOWQzZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqyxHO2pJUXFGjgRj1hHxG5IqLmD
8DOMz3mtYxuU6iQWsErz0DRwOuRNxompmTFZzkvGazdGRNjC5hVW3d4JFmBWkhcP
2P9fuRLzspqVyIMyyk0h/wGml0eYeA3JrUYLbUr/JyZHJrtMIvyd+AVkpJebSsXP
nyVDEkNcHHzguXoo1kqKI4l8Iu6aI7NZPhU/hz+TlVdMJS82X8wZP1w0F6C6Ua0e
Qxza6lw5nJUm/FoXa5LUvjDtKJKNL0lKOGAt8ImeWM/xmdvfvX002HHv9IpXiPxs
gglEOVDH/tEdaWLsEWB33iXRgeiS9wHT5565mDlyQ9HSUtqdCqm/BAbNpQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFLtZtA27I5n4vjjISGKHyJJ7nT10MB8GA1UdIwQY
MBaAFBFdvABDPinyresDj+ovvXBI+2MvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTkt
MjI5YjRhZTc0MmRlLzEvdTFtMERic2ptZmktT01oSVlvZklrbnVkUFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTktMjI5YjRhZTc0MmRl
LzEvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwMBH6QDAwA+
pwMDAVTiAwMAWdkDAwGyJgMDAbyaAwQFwcDgAwQFwp7gAwMAwuYDBAXDcEADAwDD
jQMEBdQjIAMEBdRiIAMEB9ShgDANBAIAAjAHAwUFIAEXADANBgkqhkiG9w0BAQsF
AAOCAQEAprkRJkx7IxLtrLKUeiS6g5AOdUxmltC8s4XNTDlHxoLutNLghNvjGqoO
tJp1vaB4DAFkZ9mbHOOhV7eBTtu3yvDR5n7r+hbDqb68XqKnea5Bldfo9n1qMKua
lyRlVwIejQJ9X6PC340oxHhR2Ux8GDRnZ0T8yOyplXBw7d9ZaissunwBS9+0TnO7
4NrFtauCUcJAcbmwLCO/zvgnvhKcXeBSQaSOFdTblpWY0TeQfRyO7oSAfMoOv8L0
Q574JDNgCHJicxcGzX1s00HxMRe6N0ZGzQ+fF030Lc6iXDTdlkihm38XPnKpgeN4
bclMvrl1q88kzkDroixMPpW0oClZNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:53 2024 by rpki-client on console-ams.rpki-client.org