Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/0PBDmR9rAhHgp_o2npMs0K5PkQY.roa
File: 0PBDmR9rAhHgp_o2npMs0K5PkQY.roa (raw, json)
Hash identifier: +cMlpQbwCpZVQ1ogrg34bx5ihFutyVB7CWhiUe2rKjA=
Subject key identifier: D0:F0:43:99:1F:6B:02:11:E0:A7:FA:36:9E:93:2C:D0:AE:4F:91:06
Certificate issuer: /CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Certificate serial: 018573CCF428584D6CA41E03E10329EA2777
Authority key identifier: 32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/0PBDmR9rAhHgp_o2npMs0K5PkQY.roa
Signing time: Mon 02 Jan 2023 18:44:49 +0000
ROA not before: Mon 02 Jan 2023 18:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8823
IP address blocks: 185.45.240.0/22 maxlen: 22
213.137.192.0/19 maxlen: 19
212.63.64.0/19 maxlen: 19
213.214.0.0/19 maxlen: 19
77.76.192.0/18 maxlen: 18
2001:ad8::/29 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:f4:28:58:4d:6c:a4:1e:03:e1:03:29:ea:27:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3250d58d77b0fa5dcec4f42ae96f347bc80daa3e
Validity
Not Before: Jan 2 18:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0f043991f6b0211e0a7fa369e932cd0ae4f9106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bb:5b:b1:15:a4:0f:be:bf:63:d3:49:9d:c3:
92:df:5e:47:e9:07:67:88:ba:56:c0:e8:d7:da:a9:
93:26:41:96:3a:22:ac:04:63:59:92:81:0c:e6:0a:
5d:79:d0:ff:b9:d0:5e:df:50:79:cb:73:75:57:15:
14:33:cd:3a:b3:bb:76:1d:6a:63:f0:32:aa:a3:1c:
ce:5e:34:6e:f6:e3:82:fe:1d:15:8c:3b:b3:95:b3:
47:5f:75:ac:28:fd:66:16:88:1b:f3:ff:c6:00:a5:
32:72:a3:fd:4a:2a:46:6d:70:85:c8:7a:0b:61:78:
c9:f4:dd:2a:f6:61:d3:fa:33:43:ce:31:a4:1b:75:
32:9f:a2:fc:b6:fd:43:77:86:a4:fa:98:56:15:80:
3e:f0:9d:06:80:04:a1:20:0a:26:9e:92:6c:a5:cf:
0c:f1:19:ff:6b:56:a0:10:9c:c6:4c:85:da:5e:75:
10:19:c4:2b:4f:c7:74:4d:18:b8:e3:9f:25:dc:76:
18:d1:16:ac:43:79:0c:b7:c6:f8:12:0e:d1:6c:31:
58:38:bf:18:1f:d6:d5:77:59:05:42:f6:2d:ca:16:
4d:d8:c1:2d:71:1b:e3:4f:7e:df:66:aa:36:be:5e:
5a:1d:4c:5d:98:ce:76:4d:0f:67:24:fb:9b:b2:4a:
95:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F0:43:99:1F:6B:02:11:E0:A7:FA:36:9E:93:2C:D0:AE:4F:91:06
X509v3 Authority Key Identifier:
keyid:32:50:D5:8D:77:B0:FA:5D:CE:C4:F4:2A:E9:6F:34:7B:C8:0D:AA:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlDVjXew-l3OxPQq6W80e8gNqj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/0PBDmR9rAhHgp_o2npMs0K5PkQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b9fce7-0927-4847-b605-3e30a4c4b826/1/MlDVjXew-l3OxPQq6W80e8gNqj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.192.0/18
185.45.240.0/22
212.63.64.0/19
213.137.192.0/19
213.214.0.0/19
IPv6:
2001:ad8::/29
Signature Algorithm: sha256WithRSAEncryption
61:bf:fb:b3:95:5c:02:4b:d2:e5:e8:56:b7:6f:00:74:81:fa:
5c:8e:53:81:9e:f9:f5:4e:59:ca:ad:36:bd:95:73:da:5e:e5:
6b:c9:f1:73:a6:8a:78:c5:5e:08:d5:23:c4:d0:a7:70:e1:63:
42:6b:3a:fb:33:fb:d5:65:12:9b:18:53:9b:95:2d:f9:cd:a4:
76:af:8b:45:63:01:38:2c:4c:ae:d0:60:28:a7:08:28:64:2e:
a4:9b:18:1f:06:7f:4f:87:fa:2a:e6:33:90:db:b6:96:a4:12:
51:29:4d:32:d4:60:18:76:99:66:4d:86:1a:03:ea:0a:18:2e:
93:f6:48:e5:bd:3d:96:9f:3a:66:24:15:84:2d:e6:0d:2f:78:
6d:19:7a:cf:01:60:16:9a:0a:e9:7a:d4:4a:ac:e6:f4:40:ce:
b4:35:ff:7f:0a:c4:49:f3:d2:c8:05:df:5b:67:0f:62:32:e0:
57:93:10:ad:18:ac:d9:5e:ac:08:99:56:63:b5:4d:69:c8:61:
9a:2d:16:e5:6a:9b:40:a0:e5:17:65:f4:3e:df:39:0e:94:44:
99:6a:6e:e5:0c:c5:c8:4d:25:55:16:7d:d2:2a:a2:64:19:16:
2a:72:a7:7a:2b:54:de:6e:19:22:76:78:5a:de:4c:aa:ac:db:
9b:ea:cd:06
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVzzPQoWE1spB4D4QMp6id3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTBkNThkNzdiMGZhNWRjZWM0ZjQyYWU5NmYzNDdiYzgw
ZGFhM2UwHhcNMjMwMTAyMTg0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYwNDM5OTFmNmIwMjExZTBhN2ZhMzY5ZTkzMmNkMGFlNGY5MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLtbsRWkD76/Y9NJncOS315H6Qdn
iLpWwOjX2qmTJkGWOiKsBGNZkoEM5gpdedD/udBe31B5y3N1VxUUM806s7t2HWpj
8DKqoxzOXjRu9uOC/h0VjDuzlbNHX3WsKP1mFogb8//GAKUycqP9SipGbXCFyHoL
YXjJ9N0q9mHT+jNDzjGkG3Uyn6L8tv1Dd4ak+phWFYA+8J0GgAShIAomnpJspc8M
8Rn/a1agEJzGTIXaXnUQGcQrT8d0TRi4458l3HYY0RasQ3kMt8b4Eg7RbDFYOL8Y
H9bVd1kFQvYtyhZN2MEtcRvjT37fZqo2vl5aHUxdmM52TQ9nJPubskqVjQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNDwQ5kfawIR4Kf6Np6TLNCuT5EGMB8GA1UdIwQY
MBaAFDJQ1Y13sPpdzsT0KulvNHvIDao+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUt
M2UzMGE0YzRiODI2LzEvMFBCRG1SOXJBaEhncF9vMm5wTXMwSzVQa1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iOWZjZTctMDkyNy00ODQ3LWI2MDUtM2UzMGE0YzRiODI2
LzEvTWxEVmpYZXctbDNPeFBRcTZXODBlOGdOcWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGTUzAAwQC
uS3wAwQF1D9AAwQF1YnAAwQF1dYAMA0EAgACMAcDBQMgAQrYMA0GCSqGSIb3DQEB
CwUAA4IBAQBhv/uzlVwCS9Ll6Fa3bwB0gfpcjlOBnvn1TlnKrTa9lXPaXuVryfFz
pop4xV4I1SPE0Kdw4WNCazr7M/vVZRKbGFOblS35zaR2r4tFYwE4LEyu0GAopwgo
ZC6kmxgfBn9Ph/oq5jOQ27aWpBJRKU0y1GAYdplmTYYaA+oKGC6T9kjlvT2Wnzpm
JBWELeYNL3htGXrPAWAWmgrpetRKrOb0QM60Nf9/CsRJ89LIBd9bZw9iMuBXkxCt
GKzZXqwImVZjtU1pyGGaLRblaptAoOUXZfQ+3zkOlESZam7lDMXITSVVFn3SKqJk
GRYqcqd6K1Tebhkidnha3kyqrNub6s0G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:24 2024 by rpki-client on console-ams.rpki-client.org