Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/0ATd9duTLZFxhyeOD_NfHH2WIz8.roa
File: 0ATd9duTLZFxhyeOD_NfHH2WIz8.roa (raw, json)
Hash identifier: 1LtW2hsgWAhlR3LlN+B9QZWvHnqafwT9AsXGtMwwgtk=
Subject key identifier: D0:04:DD:F5:DB:93:2D:91:71:87:27:8E:0F:F3:5F:1C:7D:96:23:3F
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018C8CB9D6DC52EEE8293E6A42B7689E2C63
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/0ATd9duTLZFxhyeOD_NfHH2WIz8.roa
Signing time: Thu 21 Dec 2023 14:13:58 +0000
ROA not before: Thu 21 Dec 2023 14:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 22773
IP address blocks: 85.8.160.0/23 maxlen: 23
85.8.162.0/23 maxlen: 23
185.231.224.0/22 maxlen: 22
193.187.108.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
84.54.0.0/23 maxlen: 23
84.54.2.0/23 maxlen: 23
85.8.144.0/23 maxlen: 23
85.8.146.0/23 maxlen: 23
176.53.168.0/22 maxlen: 22
85.8.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:b9:d6:dc:52:ee:e8:29:3e:6a:42:b7:68:9e:2c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 21 14:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d004ddf5db932d917187278e0ff35f1c7d96233f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c3:51:d9:76:ec:f1:15:b3:c9:80:2b:b1:c1:
8d:22:59:cf:a8:0a:58:10:66:0a:f3:d3:d5:fd:0a:
df:63:a4:6f:12:ab:8f:ac:2b:dc:b5:df:97:3b:39:
c4:09:bd:8b:50:81:51:05:0b:ec:11:17:c8:8b:3c:
fb:45:93:19:59:7d:61:1c:99:9c:4f:32:fd:fe:a6:
eb:36:78:86:08:52:08:06:a7:f6:13:fc:86:e9:f9:
13:7a:dd:1f:67:1d:0f:fc:2b:b6:e8:7a:ca:1c:b4:
3b:03:34:01:a0:e2:d9:c3:55:92:9f:5e:db:83:fa:
fe:c1:60:85:17:8c:28:40:91:1b:b9:be:67:e2:1b:
6b:43:35:df:51:c2:18:36:7a:bc:95:02:4c:6e:51:
7f:21:67:ec:e8:22:39:c7:b3:d2:50:c3:94:db:c4:
2e:ad:97:29:cc:9d:3e:68:6d:fc:55:77:7c:ed:95:
c7:0c:c6:14:30:bb:5c:e3:6d:1e:8d:bc:3b:6c:83:
67:2e:78:11:df:33:66:5e:3e:c7:06:6f:7a:93:f8:
81:11:cd:ac:2f:50:68:26:9b:ff:36:ec:4a:1a:30:
0c:11:9f:99:09:98:f6:a9:48:6e:32:de:5f:0a:84:
cf:8f:d2:26:83:24:81:78:0d:c0:60:fd:df:e5:25:
72:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:04:DD:F5:DB:93:2D:91:71:87:27:8E:0F:F3:5F:1C:7D:96:23:3F
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/0ATd9duTLZFxhyeOD_NfHH2WIz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.0.0/22
85.8.144.0/22
85.8.156.0-85.8.163.255
176.53.168.0/22
185.231.224.0/22
193.187.108.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:f9:18:df:3f:31:c1:23:87:f1:06:23:b6:2d:e8:ec:47:85:
12:73:d0:b9:e7:02:0f:cc:71:ee:d2:0a:46:2a:37:5e:d5:ce:
19:ec:fe:e7:c2:3c:23:9c:f9:8c:36:19:62:c9:bf:1d:9e:1f:
bf:8b:f4:a2:ab:c3:d7:51:f4:df:86:c2:bf:b5:ef:26:ce:4f:
1b:48:e0:77:b1:06:be:d7:b7:ad:be:51:95:8d:4f:e4:be:8b:
be:08:2e:8e:7f:d3:7b:9b:27:b8:73:51:44:d6:25:fa:74:e7:
c0:8d:b8:6e:43:2d:82:58:a7:78:0d:f2:80:3c:06:e7:9b:9f:
0a:2f:d0:8a:cc:4b:a6:09:07:36:52:1c:72:a0:d3:5a:7a:fb:
36:1d:1d:66:6e:53:21:41:bd:1d:63:5b:24:57:b9:18:ac:fc:
c4:b8:b3:52:94:c7:9f:26:fa:b4:cc:7f:d9:e3:f8:43:7e:30:
2f:18:1a:21:3e:3b:b7:dd:50:01:14:4c:8d:d9:18:75:21:ae:
46:98:67:34:28:92:6f:31:6a:7d:0a:08:cc:ea:44:45:6f:2d:
f5:f2:89:2d:c8:a1:b0:50:c3:32:58:4c:e3:4b:14:62:a3:4c:
82:31:8f:97:4f:49:98:e6:db:bb:dc:66:d6:df:ac:d8:72:99:
4a:8a:04:68
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYyMudbcUu7oKT5qQrdonixjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMjIxMTQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDA0ZGRmNWRiOTMyZDkxNzE4NzI3OGUwZmYzNWYxYzdkOTYyMzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8NR2Xbs8RWzyYArscGNIlnPqApY
EGYK89PV/QrfY6RvEquPrCvctd+XOznECb2LUIFRBQvsERfIizz7RZMZWX1hHJmc
TzL9/qbrNniGCFIIBqf2E/yG6fkTet0fZx0P/Cu26HrKHLQ7AzQBoOLZw1WSn17b
g/r+wWCFF4woQJEbub5n4htrQzXfUcIYNnq8lQJMblF/IWfs6CI5x7PSUMOU28Qu
rZcpzJ0+aG38VXd87ZXHDMYUMLtc420ejbw7bINnLngR3zNmXj7HBm96k/iBEc2s
L1BoJpv/NuxKGjAMEZ+ZCZj2qUhuMt5fCoTPj9ImgySBeA3AYP3f5SVy7wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNAE3fXbky2RcYcnjg/zXxx9liM/MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMEFUZDlkdVRMWkZ4aHllT0RfTmZISDJXSXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCVDYAAwQC
VQiQMAwDBAJVCJwDBAJVCKADBAKwNagDBAK55+ADBALBu2wDBALVi+AwDQYJKoZI
hvcNAQELBQADggEBAKn5GN8/McEjh/EGI7Yt6OxHhRJz0LnnAg/Mce7SCkYqN17V
zhns/ufCPCOc+Yw2GWLJvx2eH7+L9KKrw9dR9N+Gwr+17ybOTxtI4HexBr7Xt62+
UZWNT+S+i74ILo5/03ubJ7hzUUTWJfp058CNuG5DLYJYp3gN8oA8Buebnwov0IrM
S6YJBzZSHHKg01p6+zYdHWZuUyFBvR1jWyRXuRis/MS4s1KUx58m+rTMf9nj+EN+
MC8YGiE+O7fdUAEUTI3ZGHUhrkaYZzQokm8xan0KCMzqREVvLfXyiS3IobBQwzJY
TONLFGKjTIIxj5dPSZjm27vcZtbfrNhymUqKBGg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:49 2024 by rpki-client on console-fra.rpki-client.org