Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/41DT6lEKv2KqPdByKFbo9mqAHGM.roa
File: 41DT6lEKv2KqPdByKFbo9mqAHGM.roa (raw, json)
Hash identifier: Q5B+uqhgctCwiiW14fWn3oJqjtbdiCN7o107QrWy5QI=
Subject key identifier: E3:50:D3:EA:51:0A:BF:62:AA:3D:D0:72:28:56:E8:F6:6A:80:1C:63
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 018CC6B83499ACBA76E86EA5F233F77606D0
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/41DT6lEKv2KqPdByKFbo9mqAHGM.roa
Signing time: Mon 01 Jan 2024 20:30:10 +0000
ROA not before: Mon 01 Jan 2024 20:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395092
IP address blocks: 217.195.152.0/22 maxlen: 22
213.108.246.0/23 maxlen: 23
45.95.16.0/22 maxlen: 22
185.93.222.0/23 maxlen: 24
213.139.204.0/22 maxlen: 22
45.155.36.0/22 maxlen: 22
2a0d:9ec2::/48 maxlen: 48
2a0d:9ec0::/48 maxlen: 48
2a0d:d8c0::/48 maxlen: 48
2a0d:d8c0:1::/48 maxlen: 48
2a0d:9ec1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:51:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:34:99:ac:ba:76:e8:6e:a5:f2:33:f7:76:06:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 1 20:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e350d3ea510abf62aa3dd0722856e8f66a801c63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:84:fb:13:4c:7c:4d:1c:fa:f4:47:2a:3f:88:
2f:d5:a3:14:9a:39:b1:1a:b3:78:e2:99:73:6e:62:
5b:c2:ac:5f:ce:22:b7:e1:45:2a:ed:69:fe:e6:d7:
52:53:24:88:35:87:88:6e:64:f3:78:80:7d:47:98:
c4:82:a7:65:d5:a8:78:19:cc:8e:bd:c5:5e:dc:19:
fd:22:a5:7a:e8:ed:74:b3:7f:b9:67:e7:18:db:c6:
e4:06:58:61:7f:70:ec:74:36:ec:4b:19:02:ca:73:
24:73:ab:bf:2b:4b:ce:df:3a:88:50:54:aa:6a:0d:
52:01:e4:87:02:c3:ab:51:28:22:6d:ce:c6:e5:c8:
40:15:9b:9f:50:25:ce:4b:81:5b:a5:94:7f:04:d4:
bd:c2:5c:4e:f3:4c:c7:96:4d:ad:e4:87:e3:a3:d2:
9d:c7:89:d6:8f:a6:8f:8b:5e:32:c2:e3:5d:1f:93:
33:11:b8:de:1d:f0:4d:3a:e9:c6:d3:0c:2e:47:aa:
e3:1f:7c:cb:ae:41:3d:d3:0e:40:e9:62:35:57:84:
3c:6c:37:89:a9:e4:f2:0b:1b:f8:4e:7a:f8:e0:0d:
85:04:61:31:06:c1:f8:a0:c8:fb:72:c9:50:4c:9e:
4a:6d:ae:3b:0e:48:c1:2b:16:be:f1:2a:a7:af:dd:
3f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:50:D3:EA:51:0A:BF:62:AA:3D:D0:72:28:56:E8:F6:6A:80:1C:63
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/41DT6lEKv2KqPdByKFbo9mqAHGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.16.0/22
45.155.36.0/22
185.93.222.0/23
213.108.246.0/23
213.139.204.0/22
217.195.152.0/22
IPv6:
2a0d:9ec0::/48
2a0d:9ec1::/48
2a0d:9ec2::/48
2a0d:d8c0::/47
Signature Algorithm: sha256WithRSAEncryption
a3:31:b8:c9:5c:de:1e:30:ca:ea:8f:e6:45:0c:36:b5:46:19:
46:21:73:ea:1a:bb:52:bb:ce:cf:f3:30:0c:77:31:b8:90:34:
03:9f:8e:90:9b:98:c6:8e:e6:bb:42:87:9f:58:24:7c:9b:be:
f3:65:26:34:18:f2:cd:bf:5c:80:8a:60:79:00:f2:d2:27:4a:
35:fd:b1:ee:91:38:29:d0:74:81:00:49:67:b5:8f:fa:ba:22:
07:54:3f:f1:27:3a:c8:93:f6:78:89:04:fd:5e:eb:21:01:3f:
ff:d3:26:58:0a:43:0f:2d:f3:d6:d2:e1:6e:52:fa:85:a6:b3:
fe:f7:59:a6:f8:fb:92:b2:09:63:17:21:13:4c:9a:23:4e:45:
61:e3:f0:b1:2a:5b:3d:b1:bb:b6:35:87:65:1b:94:c0:5e:6d:
24:0d:84:2d:05:5c:ed:81:eb:0e:60:fc:6e:cd:eb:98:e8:7b:
39:19:ee:cb:e4:68:eb:e6:fa:d0:84:e4:e2:85:3c:e3:94:cd:
f0:4e:3c:95:8b:d3:bc:c6:c6:e6:25:3f:cb:41:af:63:de:27:
83:93:52:1b:e0:38:ec:23:4b:a8:94:db:86:75:8f:5e:fc:f5:
45:22:16:33:a4:a3:12:fe:b0:ba:a5:68:46:85:5c:61:aa:33:
bd:7b:c8:a5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYzGuDSZrLp26G6l8jP3dgbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjQwMTAxMjAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUwZDNlYTUxMGFiZjYyYWEzZGQwNzIyODU2ZThmNjZhODAxYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIT7E0x8TRz69EcqP4gv1aMUmjmx
GrN44plzbmJbwqxfziK34UUq7Wn+5tdSUySINYeIbmTzeIB9R5jEgqdl1ah4GcyO
vcVe3Bn9IqV66O10s3+5Z+cY28bkBlhhf3DsdDbsSxkCynMkc6u/K0vO3zqIUFSq
ag1SAeSHAsOrUSgibc7G5chAFZufUCXOS4FbpZR/BNS9wlxO80zHlk2t5Ifjo9Kd
x4nWj6aPi14ywuNdH5MzEbjeHfBNOunG0wwuR6rjH3zLrkE90w5A6WI1V4Q8bDeJ
qeTyCxv4Tnr44A2FBGExBsH4oMj7cslQTJ5Kba47DkjBKxa+8Sqnr90/WwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFONQ0+pRCr9iqj3QcihW6PZqgBxjMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvNDFEVDZsRUt2MktxUGRCeUtGYm85bXFBSEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAqBAIAATAkAwQCLV8QAwQC
LZskAwQBuV3eAwQB1Wz2AwQC1YvMAwQC2cOYMCoEAgACMCQDBwAqDZ7AAAADBwAq
DZ7BAAADBwAqDZ7CAAADBwEqDdjAAAAwDQYJKoZIhvcNAQELBQADggEBAKMxuMlc
3h4wyuqP5kUMNrVGGUYhc+oau1K7zs/zMAx3MbiQNAOfjpCbmMaO5rtCh59YJHyb
vvNlJjQY8s2/XICKYHkA8tInSjX9se6ROCnQdIEASWe1j/q6IgdUP/EnOsiT9niJ
BP1e6yEBP//TJlgKQw8t89bS4W5S+oWms/73Wab4+5KyCWMXIRNMmiNORWHj8LEq
Wz2xu7Y1h2UblMBebSQNhC0FXO2B6w5g/G7N65joezkZ7svkaOvm+tCE5OKFPOOU
zfBOPJWL07zGxuYlP8tBr2PeJ4OTUhvgOOwjS6iU24Z1j1789UUiFjOkoxL+sLql
aEaFXGGqM717yKU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org