Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/D9gGYEuBmysZH5UwDkqL1CpYC_s.roa
File: D9gGYEuBmysZH5UwDkqL1CpYC_s.roa (raw, json)
Hash identifier: /8I07FoNRNqSbgPW6uJZOI5BjifY4aeGRJmSMyqb3pA=
Subject key identifier: 0F:D8:06:60:4B:81:9B:2B:19:1F:95:30:0E:4A:8B:D4:2A:58:0B:FB
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018E00C145C49573EA513775CD7C62F11747
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/D9gGYEuBmysZH5UwDkqL1CpYC_s.roa
Signing time: Sat 02 Mar 2024 20:00:50 +0000
ROA not before: Sat 02 Mar 2024 20:00:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39521
IP address blocks: 83.171.244.0/22 maxlen: 22
85.8.160.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
194.93.60.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 04 Apr 2024 22:25:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:00:c1:45:c4:95:73:ea:51:37:75:cd:7c:62:f1:17:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Mar 2 20:00:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fd806604b819b2b191f95300e4a8bd42a580bfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:02:cd:9f:3f:fd:aa:31:c7:57:53:9b:fa:c1:
29:2f:fb:eb:1e:88:66:54:d8:92:3f:e0:25:36:12:
ef:8f:68:c2:fb:10:37:92:20:c8:b0:95:ba:65:98:
8c:78:26:82:b2:fe:82:03:50:cb:ac:82:e9:b9:1b:
6a:5e:b6:04:03:ac:c7:ea:1a:6e:a0:9f:18:8a:9d:
bb:a2:8d:7c:27:66:81:83:42:b1:ee:84:b2:91:cc:
2f:3b:f2:02:67:69:50:97:01:43:cb:1b:30:b2:af:
d0:fc:87:8d:0a:34:67:9b:2e:3f:8f:b7:fc:b0:35:
7c:61:f3:cf:f4:54:fd:cc:b0:26:1e:ab:6f:99:4d:
f1:ea:90:95:36:3a:f1:4c:dd:76:83:6f:88:f0:f5:
68:e4:85:3e:7e:0d:cd:45:08:00:67:b1:28:0d:a9:
23:56:40:66:ec:d2:50:84:d6:c9:c4:36:0b:c5:5b:
54:af:5e:8f:88:cb:39:ba:c8:99:39:38:04:10:df:
48:08:88:84:a3:5e:f4:5e:53:17:46:98:97:81:2f:
cf:46:e9:5c:a6:15:79:31:c1:c0:6d:1b:02:c2:2e:
da:36:0c:f9:ba:a9:14:f2:03:89:48:66:3a:85:4f:
cd:9a:d1:af:55:ea:2b:13:48:9b:07:97:b9:72:b9:
63:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D8:06:60:4B:81:9B:2B:19:1F:95:30:0E:4A:8B:D4:2A:58:0B:FB
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/D9gGYEuBmysZH5UwDkqL1CpYC_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
188.119.68.0/22
194.93.60.0/22
212.87.196.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
48:2d:12:1f:0b:61:69:04:b3:f6:9e:50:d4:56:6b:67:11:4c:
dc:89:7a:93:93:f6:22:48:db:5a:14:5e:c4:f6:bb:f7:85:0b:
2c:ca:00:b9:43:00:49:7d:17:bd:29:fc:9e:c1:b1:b1:16:77:
3b:c7:68:92:77:85:64:00:e6:aa:bd:17:eb:f8:36:f6:5d:89:
7d:1e:8a:6d:de:76:3e:f3:87:c0:d2:2a:71:f2:a8:bb:5a:a2:
f1:c0:58:a7:41:ad:00:9e:c3:3c:f2:e8:3c:6a:3c:33:cf:77:
49:e4:4a:6e:6a:a9:9c:31:a8:d0:76:91:f7:1e:25:76:3d:3a:
d0:99:2a:f7:d3:26:61:0d:c1:a7:03:fa:fc:bf:09:88:38:b4:
66:d0:fc:63:5a:c3:0e:81:1c:62:70:47:7d:91:d1:88:c9:a5:
4c:0f:ec:b8:c4:3e:0c:87:7c:1e:9a:2b:6e:4c:de:6f:24:69:
25:aa:d7:09:15:ac:7a:e0:e3:ba:24:0f:49:97:f7:f9:e2:c1:
63:57:59:db:b3:bd:73:71:ff:cd:83:46:dc:f6:c4:12:89:db:
80:07:f9:0a:ec:d8:27:cf:5c:c8:7e:d9:3d:f0:88:3f:ae:a8:
36:ab:3a:8f:79:94:cc:a0:6c:3c:87:d0:89:42:9e:f9:4f:eb:
3b:75:83:89
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4AwUXElXPqUTd1zXxi8RdHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjQwMzAyMjAwMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ4MDY2MDRiODE5YjJiMTkxZjk1MzAwZTRhOGJkNDJhNTgwYmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgALNnz/9qjHHV1Ob+sEpL/vrHohm
VNiSP+AlNhLvj2jC+xA3kiDIsJW6ZZiMeCaCsv6CA1DLrILpuRtqXrYEA6zH6hpu
oJ8Yip27oo18J2aBg0Kx7oSykcwvO/ICZ2lQlwFDyxswsq/Q/IeNCjRnmy4/j7f8
sDV8YfPP9FT9zLAmHqtvmU3x6pCVNjrxTN12g2+I8PVo5IU+fg3NRQgAZ7EoDakj
VkBm7NJQhNbJxDYLxVtUr16PiMs5usiZOTgEEN9ICIiEo170XlMXRpiXgS/PRulc
phV5McHAbRsCwi7aNgz5uqkU8gOJSGY6hU/NmtGvVeorE0ibB5e5crlj3QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA/YBmBLgZsrGR+VMA5Ki9QqWAv7MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvRDlnR1lFdUJteXNaSDVVd0RrcUwxQ3BZQ19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCU6v0AwQC
VQigAwQCXPk8AwQCvHdEAwQCwl08AwQC1FfEAwQC1GsEMA0GCSqGSIb3DQEBCwUA
A4IBAQBILRIfC2FpBLP2nlDUVmtnEUzciXqTk/YiSNtaFF7E9rv3hQssygC5QwBJ
fRe9KfyewbGxFnc7x2iSd4VkAOaqvRfr+Db2XYl9Hopt3nY+84fA0ipx8qi7WqLx
wFinQa0AnsM88ug8ajwzz3dJ5EpuaqmcMajQdpH3HiV2PTrQmSr30yZhDcGnA/r8
vwmIOLRm0PxjWsMOgRxicEd9kdGIyaVMD+y4xD4Mh3wemituTN5vJGklqtcJFax6
4OO6JA9Jl/f54sFjV1nbs71zcf/Ng0bc9sQSiduAB/kK7Ngnz1zIftk98Ig/rqg2
qzqPeZTMoGw8h9CJQp75T+s7dYOJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org