Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-qladtKy1JFXzxrPlUAu5avEmQo.roa
File: 1-qladtKy1JFXzxrPlUAu5avEmQo.roa (raw, json)
Hash identifier: ug3KUtJI2h+lZxL6pAQ2t/OKmgb7T3syUcBbCxIYKbM=
Subject key identifier: FA:A9:5A:76:D2:B2:D4:91:57:CF:1A:CF:95:40:2E:E5:AB:C4:99:0A
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 0188983F188AF7CD871A7C135B3AF8F3A461
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-qladtKy1JFXzxrPlUAu5avEmQo.roa
Signing time: Wed 07 Jun 2023 23:44:11 +0000
ROA not before: Wed 07 Jun 2023 23:44:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.95.16.0/22 maxlen: 22
185.93.222.0/23 maxlen: 24
213.139.204.0/22 maxlen: 22
45.155.36.0/22 maxlen: 22
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
2a0d:d8c0:1::/48 maxlen: 48
2a0d:9ec1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 13 Oct 2023 15:27:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:98:3f:18:8a:f7:cd:87:1a:7c:13:5b:3a:f8:f3:a4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jun 7 23:44:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faa95a76d2b2d49157cf1acf95402ee5abc4990a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c3:63:2a:7c:68:51:07:6d:77:2a:2a:f3:49:
d5:2b:d6:73:15:98:72:56:a5:6d:ac:56:a3:06:92:
fe:34:c4:e8:88:d9:a2:2f:bd:c9:4c:0c:f5:9e:99:
fd:6a:04:c4:7f:e6:fd:82:d6:b5:28:84:65:63:4d:
f4:2a:0f:ca:30:30:be:b9:f9:9d:c2:00:fe:87:21:
07:c1:65:e0:5c:81:80:7f:76:75:6a:6f:5c:59:11:
8b:ad:81:75:d5:a5:45:5b:38:20:3f:4c:73:90:5d:
aa:fc:84:f5:22:f2:7a:af:cf:f3:7c:31:b1:72:89:
f6:b9:80:fd:ad:2b:fc:78:cf:52:4a:65:ab:68:27:
b9:46:94:65:94:9c:68:af:7a:aa:71:11:2c:c4:15:
86:6d:5e:0b:77:1b:54:ff:cc:5c:ec:fe:b4:4f:0c:
7a:9f:61:62:06:71:9e:29:37:57:fb:50:17:48:e6:
73:b2:e2:b8:18:5b:93:20:41:34:bf:a9:ef:1b:3b:
ad:33:ef:96:e8:72:4b:bf:7b:13:49:22:37:9b:e6:
15:35:b6:5e:74:66:44:d8:10:a7:d8:31:27:15:c6:
6b:f5:70:ba:ae:0e:33:fc:00:14:87:4e:e0:5c:e7:
08:dc:1d:ee:c7:60:e3:4a:6b:86:f1:2b:a7:81:29:
3c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A9:5A:76:D2:B2:D4:91:57:CF:1A:CF:95:40:2E:E5:AB:C4:99:0A
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/1-qladtKy1JFXzxrPlUAu5avEmQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/22
45.155.36.0/22
185.93.222.0/23
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:9ec1::/48
2a0d:d8c0::/47
Signature Algorithm: sha256WithRSAEncryption
0b:91:9c:b4:12:7d:f8:4d:25:6a:cc:ce:13:38:30:3c:12:f3:
ea:61:d0:bc:24:7b:4a:88:28:78:3a:10:8d:98:bb:aa:ec:65:
9c:41:7d:cd:42:bf:23:07:a8:40:f4:44:5c:33:c0:a7:63:33:
8c:cf:dd:93:c5:4a:48:f1:c2:96:b1:c4:76:3c:e9:1e:7c:8f:
b3:60:f7:f9:e4:9f:e2:d5:4d:65:23:c6:f4:46:a6:34:36:e7:
d6:8b:d6:d4:48:df:f1:16:3e:78:08:4b:7e:6f:74:7b:31:84:
6f:73:bd:9f:6a:0c:fc:9e:7a:8f:7c:66:c3:1e:f8:74:02:20:
58:d3:9a:67:18:84:9a:32:7c:85:04:80:53:0a:3b:ae:60:04:
19:70:a0:fd:87:97:27:cc:ed:0e:15:16:a3:28:45:26:e8:92:
de:ef:e5:ec:29:42:a9:96:d3:8d:b3:be:39:32:1a:70:f9:b1:
65:8b:68:e5:12:01:0f:ea:3a:45:a2:2d:3b:29:3b:0b:ae:7d:
8e:01:56:99:9c:c7:34:42:e6:6b:57:64:45:79:d4:a2:bf:47:
32:0a:31:06:e8:39:af:0d:ec:61:2d:d7:7f:c6:33:be:04:a7:
e4:87:2b:7b:ea:3a:2c:d3:0f:24:2c:8c:c6:6a:77:7c:b6:dc:
a8:31:68:fd
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYiYPxiK982HGnwTWzr486RhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjMwNjA3MjM0NDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE5NWE3NmQyYjJkNDkxNTdjZjFhY2Y5NTQwMmVlNWFiYzQ5OTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMNjKnxoUQdtdyoq80nVK9ZzFZhy
VqVtrFajBpL+NMToiNmiL73JTAz1npn9agTEf+b9gta1KIRlY030Kg/KMDC+ufmd
wgD+hyEHwWXgXIGAf3Z1am9cWRGLrYF11aVFWzggP0xzkF2q/IT1IvJ6r8/zfDGx
con2uYD9rSv8eM9SSmWraCe5RpRllJxor3qqcREsxBWGbV4LdxtU/8xc7P60Twx6
n2FiBnGeKTdX+1AXSOZzsuK4GFuTIEE0v6nvGzutM++W6HJLv3sTSSI3m+YVNbZe
dGZE2BCn2DEnFcZr9XC6rg4z/AAUh07gXOcI3B3ux2DjSmuG8SungSk8rwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPqpWnbSstSRV88az5VALuWrxJkKMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvMS1xbGFkdEt5MUpGWHp4clBsVUF1NWF2RW1Rby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvNjQ5ZmRjLTBkM2EtNDFlYy1hMWNlLWRjZTk0N2UyOTRi
Ni8xLzlOQ0tIaHk4a0pKVTZlYTV5VG45aGFKb3NlRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBgBggrBgEFBQcBBwEB/wRRME8wKgQCAAEwJAMEAi1fEAME
Ai2bJAMEAbld3gMEAdVs9gMEAtWLzAMEAtnDmDAhBAIAAjAbAwcAKg2ewAAAAwcA
Kg2ewQAAAwcBKg3YwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQALkZy0En34TSVqzM4T
ODA8EvPqYdC8JHtKiCh4OhCNmLuq7GWcQX3NQr8jB6hA9ERcM8CnYzOMz92TxUpI
8cKWscR2POkefI+zYPf55J/i1U1lI8b0RqY0NufWi9bUSN/xFj54CEt+b3R7MYRv
c72fagz8nnqPfGbDHvh0AiBY05pnGISaMnyFBIBTCjuuYAQZcKD9h5cnzO0OFRaj
KEUm6JLe7+XsKUKpltONs745Mhpw+bFli2jlEgEP6jpFoi07KTsLrn2OAVaZnMc0
QuZrV2RFedSiv0cyCjEG6DmvDexhLdd/xjO+BKfkhyt76jos0w8kLIzGand8ttyo
MWj9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:16 2024 by rpki-client on console-ams.rpki-client.org