Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/8zWrsbVqavIPTJX673kTli0OPB4.roa
File: 8zWrsbVqavIPTJX673kTli0OPB4.roa (raw, json)
Hash identifier: sqhlUq3EQaSULy9n+wDPLzFtREk9d5b6ud5rACxdsK0=
Subject key identifier: F3:35:AB:B1:B5:6A:6A:F2:0F:4C:95:FA:EF:79:13:96:2D:0E:3C:1E
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 018F4FF301BA5C9F0DAEC2343969ACB5DD79
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/8zWrsbVqavIPTJX673kTli0OPB4.roa
Signing time: Mon 06 May 2024 22:07:56 +0000
ROA not before: Mon 06 May 2024 22:07:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12929
IP address blocks: 46.15.0.0/16 maxlen: 16
80.232.124.0/24 maxlen: 24
89.8.0.0/15 maxlen: 15
89.9.72.0/23 maxlen: 24
89.9.254.0/24 maxlen: 24
176.11.0.0/16 maxlen: 16
212.45.160.0/19 maxlen: 19
212.125.252.0/22 maxlen: 22
212.169.64.0/18 maxlen: 18
Validation: Failed, certificate revoked on Tue 21 May 2024 10:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4f:f3:01:ba:5c:9f:0d:ae:c2:34:39:69:ac:b5:dd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: May 6 22:07:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f335abb1b56a6af20f4c95faef7913962d0e3c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:75:bc:f8:08:2e:63:26:9c:61:37:6c:bd:
34:2b:4a:28:d2:d7:55:83:4e:31:23:e2:5c:8d:e1:
8e:23:55:42:3a:a0:71:35:ce:14:56:81:e8:bc:4f:
83:76:33:eb:ff:2b:ee:a8:25:83:c8:ee:c4:28:c1:
98:2d:86:8c:df:c3:6f:f9:04:2d:7f:7f:c7:73:9a:
80:a4:c6:0d:0b:0a:39:61:2a:9f:2c:6f:51:6c:8e:
54:41:54:5d:56:66:a9:34:09:32:e0:e7:0a:c6:6a:
59:7a:18:76:04:ee:86:34:64:1a:13:9a:95:f8:60:
1b:70:80:fd:0e:03:30:7a:09:15:89:e4:91:56:27:
be:c5:24:d4:99:6a:6e:0a:1a:a8:cb:8f:eb:cc:43:
5d:74:6f:54:7f:4a:a0:d3:88:ab:f4:44:4b:6d:db:
92:3f:1e:e3:9f:4f:07:a1:6a:f6:ee:dd:90:a1:43:
23:07:9f:8f:a9:41:3b:25:1a:37:1e:b2:66:aa:a2:
b5:d9:12:1a:8b:f5:fe:0f:7d:a3:2d:a0:b2:f2:bf:
de:e8:87:6f:f2:b3:9c:6e:bd:17:71:4c:a8:4e:a6:
fb:62:37:9f:19:53:0b:1b:39:50:45:78:f6:82:1b:
b6:b0:d7:d4:9a:5e:93:ff:8a:6c:dc:65:e5:7f:74:
8a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:35:AB:B1:B5:6A:6A:F2:0F:4C:95:FA:EF:79:13:96:2D:0E:3C:1E
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/8zWrsbVqavIPTJX673kTli0OPB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.15.0.0/16
80.232.124.0/24
89.8.0.0/15
176.11.0.0/16
212.45.160.0/19
212.125.252.0/22
212.169.64.0/18
Signature Algorithm: sha256WithRSAEncryption
94:2c:f9:1d:6d:6d:df:63:1e:43:7d:72:e3:52:5e:e2:1d:ba:
34:a5:2a:c0:cb:b1:3e:17:98:26:85:d6:ed:35:b2:99:86:2c:
86:3e:eb:a5:e2:e4:5c:7e:4c:5f:c6:d6:57:1f:a6:ba:dd:77:
2c:cd:1e:e1:9c:b7:b1:81:30:70:05:e0:bb:11:2c:63:28:7a:
ae:9b:22:e5:f9:6e:31:ba:e7:3d:dd:9f:54:00:77:15:51:7b:
3a:58:a6:92:01:3f:66:34:d6:ea:1b:7c:0e:c3:21:f8:76:9f:
04:79:c9:a5:59:45:1b:3c:0a:62:6d:84:a5:95:b3:73:3f:81:
62:b9:41:10:42:89:48:52:0c:75:16:e5:52:0f:9b:09:89:07:
07:50:e0:25:23:b0:c5:5a:c6:af:c1:dc:0a:c3:c2:12:0e:ff:
af:5a:41:15:fc:60:85:f0:09:52:be:bd:b4:c7:18:86:16:2c:
81:6d:63:b7:cb:9a:4b:ad:80:81:15:75:b4:5f:31:15:31:e7:
61:5d:38:27:0b:39:f4:e9:8f:c9:db:0d:4c:eb:4e:f2:d4:a3:
f8:d1:47:1d:e8:3e:86:54:65:ab:bb:9c:57:35:ad:52:f0:55:
17:44:16:d7:9c:61:cf:19:d5:fd:6b:5b:11:15:e0:3e:dc:3a:
00:6e:7e:a1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY9P8wG6XJ8NrsI0OWmstd15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjQwNTA2MjIwNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM1YWJiMWI1NmE2YWYyMGY0Yzk1ZmFlZjc5MTM5NjJkMGUzYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5p1vPgILmMmnGE3bL00K0oo0tdV
g04xI+JcjeGOI1VCOqBxNc4UVoHovE+DdjPr/yvuqCWDyO7EKMGYLYaM38Nv+QQt
f3/Hc5qApMYNCwo5YSqfLG9RbI5UQVRdVmapNAky4OcKxmpZehh2BO6GNGQaE5qV
+GAbcID9DgMwegkVieSRVie+xSTUmWpuChqoy4/rzENddG9Uf0qg04ir9ERLbduS
Px7jn08HoWr27t2QoUMjB5+PqUE7JRo3HrJmqqK12RIai/X+D32jLaCy8r/e6Idv
8rOcbr0XcUyoTqb7YjefGVMLGzlQRXj2ghu2sNfUml6T/4ps3GXlf3SKgwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPM1q7G1amryD0yV+u95E5YtDjweMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvOHpXcnNiVnFhdklQVEpYNjcza1RsaTBPUEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnAwMALg8DBABQ
6HwDAwFZCAMDALALAwQF1C2gAwQC1H38AwQG1KlAMA0GCSqGSIb3DQEBCwUAA4IB
AQCULPkdbW3fYx5DfXLjUl7iHbo0pSrAy7E+F5gmhdbtNbKZhiyGPuul4uRcfkxf
xtZXH6a63XcszR7hnLexgTBwBeC7ESxjKHqumyLl+W4xuuc93Z9UAHcVUXs6WKaS
AT9mNNbqG3wOwyH4dp8EecmlWUUbPApibYSllbNzP4FiuUEQQolIUgx1FuVSD5sJ
iQcHUOAlI7DFWsavwdwKw8ISDv+vWkEV/GCF8AlSvr20xxiGFiyBbWO3y5pLrYCB
FXW0XzEVMedhXTgnCzn06Y/J2w1M607y1KP40Ucd6D6GVGWru5xXNa1S8FUXRBbX
nGHPGdX9a1sRFeA+3DoAbn6h
-----END CERTIFICATE-----
Generated at Tue May 21 15:21:37 2024 by rpki-client on console-ams.rpki-client.org