Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2f24_roU6kWPbt_J7AXQA4YUoFo.roa
File: 2f24_roU6kWPbt_J7AXQA4YUoFo.roa (raw, json)
Hash identifier: Qw/NPF9GGaL0N9TavE8aZNER61N8A7pmEEpfyN6VUmM=
Subject key identifier: D9:FD:B8:FE:BA:14:EA:45:8F:6E:DF:C9:EC:05:D0:03:86:14:A0:5A
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018786EC8B80BD062CAB3127297F414A037D
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2f24_roU6kWPbt_J7AXQA4YUoFo.roa
Signing time: Sat 15 Apr 2023 21:57:41 +0000
ROA not before: Sat 15 Apr 2023 21:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 85.8.160.0/22 maxlen: 22
147.78.68.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 17 Apr 2023 22:37:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:86:ec:8b:80:bd:06:2c:ab:31:27:29:7f:41:4a:03:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Apr 15 21:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9fdb8feba14ea458f6edfc9ec05d0038614a05a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e0:0e:7c:76:52:1d:d7:f6:ae:2e:77:e5:60:
90:7a:04:d2:42:3c:ff:74:bb:a4:24:9a:e5:b5:4b:
4b:5a:a1:65:50:ff:66:87:5a:27:72:3a:63:d4:28:
0c:9c:e3:e6:29:02:1a:78:36:f9:89:19:6a:70:b1:
bd:54:72:ca:03:a0:2b:55:c6:83:a5:60:b3:89:24:
3f:77:9d:34:f1:d8:30:78:70:77:b8:a2:96:cb:3a:
be:b3:00:dd:1d:75:ea:cd:f9:f5:3e:36:30:f7:7c:
ca:70:d1:78:71:6f:7b:92:e8:a3:ba:f5:61:32:95:
6d:5d:e0:f4:32:3f:9c:45:0f:8b:9f:d3:87:50:1b:
44:b6:82:12:73:fb:ef:04:b7:58:f5:c4:46:bd:d4:
70:98:84:8f:bd:02:a4:59:49:f1:63:43:ba:5f:e8:
3a:f7:87:80:04:d1:eb:d6:aa:7d:99:cc:f5:df:9f:
80:27:b3:17:75:d1:a8:28:63:b3:a8:9a:48:bf:be:
6f:12:15:4a:78:b3:b4:17:88:fa:ee:54:44:f6:d9:
28:57:fc:d7:56:9a:b0:e3:60:40:a4:f1:2b:dd:70:
80:df:cb:4d:4d:ea:3e:df:41:c2:9a:1d:4c:d7:08:
b5:70:b0:46:c0:57:7c:eb:62:a0:ef:d9:99:31:49:
3c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FD:B8:FE:BA:14:EA:45:8F:6E:DF:C9:EC:05:D0:03:86:14:A0:5A
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/2f24_roU6kWPbt_J7AXQA4YUoFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
85.8.160.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:6f:d9:19:d2:2b:2c:9f:6f:b6:9c:d2:e9:87:3d:c6:95:25:
2c:5c:97:cb:51:c3:f2:b7:66:fc:65:17:55:df:bb:a2:73:32:
f9:02:c6:b9:05:bd:ba:b5:73:f7:12:a6:91:00:f1:55:b4:10:
0f:b2:06:b1:da:b3:8a:af:dd:3e:ba:fa:40:71:2a:48:e2:d1:
19:d0:d5:a9:7e:11:e4:41:67:67:2c:e9:8b:7a:17:0a:c4:83:
48:3d:ad:01:b2:79:f4:2a:60:50:4a:28:53:d1:97:f9:ca:84:
b3:e4:e1:32:9e:5a:68:4e:9c:2a:7f:53:96:a5:ed:88:df:33:
27:4e:c0:11:c5:b3:f0:b3:99:e8:21:65:4c:0b:c0:9f:56:5e:
16:fe:5f:6d:82:55:cf:55:4e:e3:e3:a3:1a:03:a2:54:a6:11:
c4:52:2e:ec:4e:2f:9b:5c:ec:a4:73:e4:22:01:06:13:73:b0:
93:e9:27:b6:65:76:90:43:da:68:f3:59:6a:88:87:6d:04:4a:
02:8b:6d:46:02:26:26:e9:00:67:c1:c9:09:0b:8f:cb:aa:ec:
33:c6:9b:7b:45:20:bc:28:11:2f:21:ae:5e:84:06:28:5b:6b:
45:d0:a6:83:b7:51:a2:10:a0:20:81:f7:bd:51:d5:55:fc:3b:
5f:21:5e:49
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYeG7IuAvQYsqzEnKX9BSgN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwNDE1MjE1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZkYjhmZWJhMTRlYTQ1OGY2ZWRmYzllYzA1ZDAwMzg2MTRhMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uAOfHZSHdf2ri535WCQegTSQjz/
dLukJJrltUtLWqFlUP9mh1oncjpj1CgMnOPmKQIaeDb5iRlqcLG9VHLKA6ArVcaD
pWCziSQ/d5008dgweHB3uKKWyzq+swDdHXXqzfn1PjYw93zKcNF4cW97kuijuvVh
MpVtXeD0Mj+cRQ+Ln9OHUBtEtoISc/vvBLdY9cRGvdRwmISPvQKkWUnxY0O6X+g6
94eABNHr1qp9mcz135+AJ7MXddGoKGOzqJpIv75vEhVKeLO0F4j67lRE9tkoV/zX
Vpqw42BApPEr3XCA38tNTeo+30HCmh1M1wi1cLBGwFd862Kg79mZMUk8swIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNn9uP66FOpFj27fyewF0AOGFKBaMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvMmYyNF9yb1U2a1dQYnRfSjdBWFFBNFlVb0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCU6v0AwQC
VQigAwQCk05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQAub9kZ0iss
n2+2nNLphz3GlSUsXJfLUcPyt2b8ZRdV37uiczL5Asa5Bb26tXP3EqaRAPFVtBAP
sgax2rOKr90+uvpAcSpI4tEZ0NWpfhHkQWdnLOmLehcKxINIPa0Bsnn0KmBQSihT
0Zf5yoSz5OEynlpoTpwqf1OWpe2I3zMnTsARxbPws5noIWVMC8CfVl4W/l9tglXP
VU7j46MaA6JUphHEUi7sTi+bXOykc+QiAQYTc7CT6Se2ZXaQQ9po81lqiIdtBEoC
i21GAiYm6QBnwckJC4/Lquwzxpt7RSC8KBEvIa5ehAYoW2tF0KaDt1GiEKAggfe9
UdVV/DtfIV5J
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org