Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/v10zyrJ1ig72o8kfQ5nLmJBfEM8.roa
File: v10zyrJ1ig72o8kfQ5nLmJBfEM8.roa (raw, json)
Hash identifier: iAp2M2FzCgqdORnJjBG7kU+fdoWY9uN5OgGvEFk9y1g=
Subject key identifier: BF:5D:33:CA:B2:75:8A:0E:F6:A3:C9:1F:43:99:CB:98:90:5F:10:CF
Certificate issuer: /CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Certificate serial: 0185724C6802565C46FD7ADC73AD01E470BF
Authority key identifier: 9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/v10zyrJ1ig72o8kfQ5nLmJBfEM8.roa
Signing time: Mon 02 Jan 2023 11:44:48 +0000
ROA not before: Mon 02 Jan 2023 11:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56465
IP address blocks: 195.140.224.0/24 maxlen: 24
195.140.225.0/24 maxlen: 24
195.140.226.0/24 maxlen: 24
195.140.227.0/24 maxlen: 24
94.124.162.0/24 maxlen: 24
94.124.163.0/24 maxlen: 24
94.124.167.0/24 maxlen: 24
2a0c:29c1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 30 Nov 2023 13:26:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:68:02:56:5c:46:fd:7a:dc:73:ad:01:e4:70:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Validity
Not Before: Jan 2 11:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf5d33cab2758a0ef6a3c91f4399cb98905f10cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:ff:b2:74:e3:e8:fb:9b:9d:19:ee:b1:a0:
6b:f5:48:5b:67:cc:22:af:4a:92:15:29:02:ff:d4:
7b:c7:a2:0d:f1:34:10:a3:04:9d:d1:7c:c5:53:0a:
71:60:82:e1:32:27:d7:5d:25:41:67:73:36:b3:b4:
12:9a:fc:b4:40:1a:72:18:79:8f:b3:85:c6:f8:b7:
a6:fe:8a:ed:9e:19:a5:64:e7:87:af:07:60:7c:38:
b2:8f:a3:14:71:e5:70:23:19:e9:b6:e8:81:50:32:
35:a6:a2:6a:a1:44:ab:53:f1:a0:52:28:53:0f:cd:
ba:e2:f9:46:55:9e:1f:f6:6e:b2:98:11:bd:f0:cf:
6b:1e:c9:a1:ab:99:33:a9:34:02:0e:41:c1:f3:f3:
34:58:e1:ac:87:8c:22:29:76:a0:62:14:43:50:c0:
de:77:79:ef:6f:de:10:3d:6e:7a:a7:0a:c2:ba:70:
ef:8f:29:db:30:e4:d8:77:a7:c9:9f:3b:e8:03:ca:
c2:10:8a:34:4b:a1:c5:52:8d:d4:9b:ab:77:33:41:
78:5a:41:a4:82:12:d6:9c:ed:3f:f8:31:ac:04:13:
94:24:02:aa:de:7a:2c:02:89:d7:b7:14:b8:55:c8:
c8:6d:d8:56:ae:41:5c:46:dc:69:b6:97:83:f3:4e:
4b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5D:33:CA:B2:75:8A:0E:F6:A3:C9:1F:43:99:CB:98:90:5F:10:CF
X509v3 Authority Key Identifier:
keyid:9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/v10zyrJ1ig72o8kfQ5nLmJBfEM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/n_FQMhD-Bu01SQsCMdvbWWfhKYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.124.162.0/23
94.124.167.0/24
195.140.224.0/22
IPv6:
2a0c:29c1::/32
Signature Algorithm: sha256WithRSAEncryption
a8:8e:6f:85:98:16:43:87:ab:c0:0d:61:e0:75:37:8d:1d:03:
8a:6d:96:34:ad:0b:85:58:9f:08:6e:a8:07:ff:1c:38:f0:5f:
3d:2b:a8:4a:09:7a:11:70:41:16:e7:9f:37:95:d4:70:4a:0d:
fd:9e:6c:70:79:91:93:20:57:d3:b5:f6:ff:20:f4:08:5a:36:
81:33:99:fb:95:8f:eb:a6:5c:ae:39:15:da:de:fd:e6:5f:a5:
60:30:1d:5d:6d:29:86:a5:78:cb:48:36:f9:0b:cb:33:a4:6d:
05:3c:59:eb:8c:22:82:87:98:40:41:94:d3:18:0b:16:fc:f9:
a3:7d:bc:9d:f7:6a:c5:16:aa:f5:8e:54:ec:50:60:4c:c8:10:
b4:0e:0b:fb:6c:78:48:51:16:dd:ee:11:e7:53:03:c8:9a:39:
f4:80:94:44:88:09:2c:e1:44:45:19:83:cc:9e:7c:61:31:3c:
27:52:a5:d0:85:d1:d6:b4:30:28:c3:a4:f2:f3:82:1b:ad:12:
07:9a:15:5b:d6:1e:38:8f:0d:6b:5f:be:13:fd:17:f0:fa:a0:
98:69:f8:65:5b:e5:57:7e:89:15:22:59:e6:44:4e:55:2f:f7:
bf:ee:2e:a5:25:73:8e:c1:2e:df:b5:a9:e5:0d:84:4e:01:78:
93:b9:56:a1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVyTGgCVlxG/Xrcc60B5HC/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjE1MDMyMTBmZTA2ZWQzNTQ5MGIwMjMxZGJkYjU5Njdl
MTI5ODcwHhcNMjMwMTAyMTE0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjVkMzNjYWIyNzU4YTBlZjZhM2M5MWY0Mzk5Y2I5ODkwNWYxMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkj/snTj6PubnRnusaBr9UhbZ8wi
r0qSFSkC/9R7x6IN8TQQowSd0XzFUwpxYILhMifXXSVBZ3M2s7QSmvy0QBpyGHmP
s4XG+Lem/ortnhmlZOeHrwdgfDiyj6MUceVwIxnptuiBUDI1pqJqoUSrU/GgUihT
D8264vlGVZ4f9m6ymBG98M9rHsmhq5kzqTQCDkHB8/M0WOGsh4wiKXagYhRDUMDe
d3nvb94QPW56pwrCunDvjynbMOTYd6fJnzvoA8rCEIo0S6HFUo3Um6t3M0F4WkGk
ghLWnO0/+DGsBBOUJAKq3nosAonXtxS4VcjIbdhWrkFcRtxptpeD805LwQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFL9dM8qydYoO9qPJH0OZy5iQXxDPMB8GA1UdIwQY
MBaAFJ/xUDIQ/gbtNUkLAjHb21ln4SmHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAt
NDYzMjJlMDJmMDhkLzEvdjEwenlySjFpZzcybzhrZlE1bkxtSkJmRU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAtNDYzMjJlMDJmMDhk
LzEvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBXnyiAwQA
XnynAwQCw4zgMA0EAgACMAcDBQAqDCnBMA0GCSqGSIb3DQEBCwUAA4IBAQCojm+F
mBZDh6vADWHgdTeNHQOKbZY0rQuFWJ8IbqgH/xw48F89K6hKCXoRcEEW5583ldRw
Sg39nmxweZGTIFfTtfb/IPQIWjaBM5n7lY/rplyuORXa3v3mX6VgMB1dbSmGpXjL
SDb5C8szpG0FPFnrjCKCh5hAQZTTGAsW/Pmjfbyd92rFFqr1jlTsUGBMyBC0Dgv7
bHhIURbd7hHnUwPImjn0gJREiAks4URFGYPMnnxhMTwnUqXQhdHWtDAow6Ty84Ib
rRIHmhVb1h44jw1rX74T/Rfw+qCYafhlW+VXfokVIlnmRE5VL/e/7i6lJXOOwS7f
tanlDYROAXiTuVah
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:30 2024 by rpki-client on console-fra.rpki-client.org