Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/saOl4cHs4GlhnvwSLNbYEUTDHDU.roa
File: saOl4cHs4GlhnvwSLNbYEUTDHDU.roa (raw, json)
Hash identifier: gMC5R7j9h74+mHi5YUM3vRt/27s0wGqJOJsEqbk4FdA=
Subject key identifier: B1:A3:A5:E1:C1:EC:E0:69:61:9E:FC:12:2C:D6:D8:11:44:C3:1C:35
Certificate issuer: /CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Certificate serial: 0185FA58E5F3D10F1658301D2CBF891BE94D
Authority key identifier: 96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/saOl4cHs4GlhnvwSLNbYEUTDHDU.roa
Signing time: Sat 28 Jan 2023 21:46:48 +0000
ROA not before: Sat 28 Jan 2023 21:46:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40975
IP address blocks: 86.107.192.0/24 maxlen: 24
185.84.64.0/23 maxlen: 23
185.84.66.0/24 maxlen: 24
89.35.6.0/23 maxlen: 23
217.19.14.0/23 maxlen: 23
86.104.254.0/23 maxlen: 23
2a03:6fe0::/32 maxlen: 32
2a03:6fe0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:fa:58:e5:f3:d1:0f:16:58:30:1d:2c:bf:89:1b:e9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Validity
Not Before: Jan 28 21:46:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1a3a5e1c1ece069619efc122cd6d81144c31c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ee:2b:d0:a4:39:69:2c:d6:05:ec:5f:6f:16:
04:43:43:f9:14:7a:89:97:76:86:f5:4d:6d:24:5c:
7e:83:1c:e8:96:38:67:2d:51:c8:8a:9d:b2:6d:6b:
48:97:04:b1:6f:f8:64:8c:13:d1:6a:5d:11:b2:b1:
5c:d9:f6:ec:23:53:a8:ba:99:53:d2:c4:d4:29:23:
48:11:36:93:b6:df:99:dc:7f:f6:44:c6:ab:f1:9b:
3b:8c:07:56:7d:8b:1c:76:e5:1d:ef:7b:5f:59:7c:
de:8a:e0:d3:c0:7d:cf:fc:a9:7b:fb:ce:ef:5a:a9:
0e:3a:c4:d7:5f:6f:83:77:ca:78:24:b0:f9:f9:10:
ac:de:57:35:22:23:72:04:af:cd:f4:1b:02:74:84:
47:b9:eb:8d:7a:4f:50:90:d1:d9:da:e2:72:ab:08:
9d:47:89:d2:f1:46:6e:87:e4:bd:b9:47:06:98:f2:
da:ea:68:7f:49:31:62:76:53:5f:b3:ae:9b:75:6d:
14:40:48:cc:72:b4:ea:7c:86:75:64:e6:e3:9c:f2:
56:19:e9:08:90:39:57:b2:2d:c1:ae:fe:51:71:a5:
4a:27:02:b9:04:95:ec:79:29:c0:bd:12:f0:c3:c6:
5f:0f:21:f6:e2:03:46:9d:d1:02:ed:c7:d9:7f:52:
35:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A3:A5:E1:C1:EC:E0:69:61:9E:FC:12:2C:D6:D8:11:44:C3:1C:35
X509v3 Authority Key Identifier:
keyid:96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/saOl4cHs4GlhnvwSLNbYEUTDHDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.254.0/23
86.107.192.0/24
89.35.6.0/23
185.84.64.0-185.84.66.255
217.19.14.0/23
IPv6:
2a03:6fe0::/32
Signature Algorithm: sha256WithRSAEncryption
00:e8:7a:e6:0f:fe:73:6a:87:f3:e2:28:71:a7:c6:5c:94:82:
69:a5:20:68:94:e6:8e:e0:8e:f8:2d:9a:72:84:1b:1e:f2:18:
ad:6a:35:16:ca:9b:52:c7:b8:e1:ab:98:b4:f2:af:09:ba:ef:
95:f4:b5:fc:ef:66:9e:ba:5e:92:6e:a5:22:14:71:6e:a7:60:
27:5c:f9:bf:f0:d2:dc:cf:fa:12:2e:51:7f:a7:d0:3c:20:f4:
04:ae:f5:1a:71:b8:0e:4d:70:d6:b6:e0:16:6f:56:43:c5:ff:
3b:c5:2e:13:10:dc:c6:49:71:1d:35:a8:6e:6d:f9:2b:88:0a:
0e:8e:1c:05:3b:44:e3:f8:9b:50:e9:c7:7d:91:be:b5:db:b7:
de:0a:04:fd:81:48:4c:e3:a5:4e:84:b3:0d:6f:54:d7:e1:23:
0e:01:80:7e:f5:71:2b:fd:a9:5f:ed:cc:16:e2:e0:fd:eb:09:
88:eb:3c:29:07:f3:5a:ba:1a:33:2e:d5:b5:f4:57:24:bd:ad:
7b:4d:09:bc:53:04:fa:30:5f:59:b3:ae:5d:7b:35:80:0b:72:
f9:ba:80:55:f3:44:ac:70:cc:1d:a6:aa:ee:85:0e:68:4a:52:
28:c3:4e:65:dc:db:9a:32:1c:8f:b9:1a:a3:63:f0:c4:f3:ca:
72:3a:0d:93
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYX6WOXz0Q8WWDAdLL+JG+lNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFlMzQ2MzkzOGIyNmY4M2I3NmYwYzRkZjgxZGZhYmIx
NWE0ZWIwHhcNMjMwMTI4MjE0NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWEzYTVlMWMxZWNlMDY5NjE5ZWZjMTIyY2Q2ZDgxMTQ0YzMxYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhO4r0KQ5aSzWBexfbxYEQ0P5FHqJ
l3aG9U1tJFx+gxzoljhnLVHIip2ybWtIlwSxb/hkjBPRal0RsrFc2fbsI1OouplT
0sTUKSNIETaTtt+Z3H/2RMar8Zs7jAdWfYscduUd73tfWXzeiuDTwH3P/Kl7+87v
WqkOOsTXX2+Dd8p4JLD5+RCs3lc1IiNyBK/N9BsCdIRHueuNek9QkNHZ2uJyqwid
R4nS8UZuh+S9uUcGmPLa6mh/STFidlNfs66bdW0UQEjMcrTqfIZ1ZObjnPJWGekI
kDlXsi3Brv5RcaVKJwK5BJXseSnAvRLww8ZfDyH24gNGndEC7cfZf1I1owIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLGjpeHB7OBpYZ78EizW2BFEwxw1MB8GA1UdIwQY
MBaAFJYq40Y5OLJvg7dvDE34Hfq7FaTrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMt
OWVkZjBkMTdmYjkxLzEvc2FPbDRjSHM0R2xobnZ3U0xOYllFVVRESERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMtOWVkZjBkMTdmYjkx
LzEvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQBVmj+AwQA
VmvAAwQBWSMGMAwDBAa5VEADBAC5VEIDBAHZEw4wDQQCAAIwBwMFACoDb+AwDQYJ
KoZIhvcNAQELBQADggEBAADoeuYP/nNqh/PiKHGnxlyUgmmlIGiU5o7gjvgtmnKE
Gx7yGK1qNRbKm1LHuOGrmLTyrwm675X0tfzvZp66XpJupSIUcW6nYCdc+b/w0tzP
+hIuUX+n0Dwg9ASu9RpxuA5NcNa24BZvVkPF/zvFLhMQ3MZJcR01qG5t+SuICg6O
HAU7ROP4m1Dpx32RvrXbt94KBP2BSEzjpU6Esw1vVNfhIw4BgH71cSv9qV/tzBbi
4P3rCYjrPCkH81q6GjMu1bX0VyS9rXtNCbxTBPowX1mzrl17NYALcvm6gFXzRKxw
zB2mqu6FDmhKUijDTmXc25oyHI+5GqNj8MTzynI6DZM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:41 2024 by rpki-client on console-fra.rpki-client.org