Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_6PdWfCzWb0KO5AwUlU8m0A8KOk.roa
File: _6PdWfCzWb0KO5AwUlU8m0A8KOk.roa (raw, json)
Hash identifier: 4ciVsVhmdnbjcMlIeDEPW/rrAzZz756kCABSvX/O5fo=
Subject key identifier: FF:A3:DD:59:F0:B3:59:BD:0A:3B:90:30:52:55:3C:9B:40:3C:28:E9
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01871E8A35FD1D012C8D6253C5C76919EF13
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_6PdWfCzWb0KO5AwUlU8m0A8KOk.roa
Signing time: Sun 26 Mar 2023 15:29:46 +0000
ROA not before: Sun 26 Mar 2023 15:29:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29262
IP address blocks: 193.38.44.0/23 maxlen: 23
194.56.186.0/23 maxlen: 23
193.38.46.0/23 maxlen: 23
85.235.74.0/23 maxlen: 23
85.235.72.0/23 maxlen: 23
139.28.35.0/24 maxlen: 24
139.28.34.0/24 maxlen: 24
139.28.33.0/24 maxlen: 24
139.28.32.0/24 maxlen: 24
194.169.94.0/23 maxlen: 23
194.169.92.0/23 maxlen: 23
37.221.78.0/23 maxlen: 23
185.254.54.0/24 maxlen: 24
185.254.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 13:57:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1e:8a:35:fd:1d:01:2c:8d:62:53:c5:c7:69:19:ef:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Mar 26 15:29:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffa3dd59f0b359bd0a3b903052553c9b403c28e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:e5:14:9e:1d:e5:c9:c0:68:80:31:83:18:
fd:80:a8:5f:0d:20:48:17:2f:f0:76:bb:cb:78:36:
fa:6a:06:0b:2a:6d:d3:b4:bf:08:14:4d:e6:b8:60:
8f:c4:89:5c:20:c7:6d:a2:82:ea:02:6d:de:58:69:
69:0e:3d:fc:d0:5b:4e:41:df:28:62:94:bc:71:e3:
48:35:d5:17:8b:bc:a4:e3:97:bb:eb:11:58:48:fb:
98:ec:2b:f9:22:79:b1:e9:60:dd:cb:f5:0e:9a:b5:
a8:70:9b:c3:f6:5a:75:d8:cb:36:08:95:db:5a:1c:
5f:5e:5c:2f:e5:18:37:06:0e:a2:83:cd:8b:09:66:
7b:7d:98:7d:3c:d9:c3:cf:d6:fc:27:77:73:66:a2:
2c:74:d7:9e:90:98:c0:ff:92:2d:fe:76:90:0e:69:
8b:cc:79:ca:bf:96:56:2b:1f:9b:e4:53:e4:11:50:
b6:d7:69:4b:e5:58:3a:55:42:d2:fa:f0:06:07:09:
85:5c:86:58:6e:85:02:89:98:a0:96:72:73:89:cd:
1f:a2:38:63:61:12:1f:88:ad:8f:3b:ad:4f:23:c7:
d5:a3:ce:df:d1:02:57:c4:e8:1d:56:5b:9a:26:09:
73:1a:df:ec:f5:73:5d:f6:79:a7:66:b8:26:ea:c6:
00:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A3:DD:59:F0:B3:59:BD:0A:3B:90:30:52:55:3C:9B:40:3C:28:E9
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/_6PdWfCzWb0KO5AwUlU8m0A8KOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.78.0/23
85.235.72.0/22
139.28.32.0/22
185.254.54.0/23
193.38.44.0/22
194.56.186.0/23
194.169.92.0/22
Signature Algorithm: sha256WithRSAEncryption
48:3c:b7:7c:e9:d5:53:fa:04:a9:aa:cc:6c:08:0c:c5:7d:ab:
ae:80:94:3e:a6:95:1e:71:0c:eb:a8:7d:ad:5d:84:43:89:5b:
e7:d2:fd:bd:52:45:7e:73:6c:1f:e2:3e:b1:fb:d9:68:fb:61:
68:24:d2:e5:ca:99:60:ee:97:d2:ad:78:99:6c:69:5b:5d:bf:
76:51:cc:29:31:ec:d5:da:97:bc:45:63:d1:04:13:32:df:6b:
47:6f:24:47:2f:5e:16:c3:df:f3:b1:0d:e7:ed:7a:6d:89:99:
86:ff:23:a7:3b:ae:29:81:37:8b:82:58:c6:4d:d8:0a:bb:13:
c2:d0:bc:ea:3d:63:e5:a5:d7:c9:3b:14:fe:60:e3:c4:47:f7:
80:e6:25:4a:99:3a:91:44:05:62:38:3c:5c:56:a2:38:b3:40:
6e:d9:26:88:9c:05:91:51:ad:9d:54:76:ac:79:2c:15:19:72:
6a:79:7b:77:fa:27:e3:49:7c:54:a7:39:6c:b1:15:82:0c:9e:
11:0e:46:b7:97:53:63:9c:58:95:5f:b9:6a:9c:57:6f:d2:93:
b6:36:ac:53:b8:83:d9:00:7c:3c:98:98:c8:96:b7:f6:bb:b8:
a8:4b:73:b3:8f:44:e7:07:81:ed:da:36:6c:0f:ed:9a:d1:c8:
a9:0f:65:ed
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYceijX9HQEsjWJTxcdpGe8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMzI2MTUyOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmEzZGQ1OWYwYjM1OWJkMGEzYjkwMzA1MjU1M2M5YjQwM2MyOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBHlFJ4d5cnAaIAxgxj9gKhfDSBI
Fy/wdrvLeDb6agYLKm3TtL8IFE3muGCPxIlcIMdtooLqAm3eWGlpDj380FtOQd8o
YpS8ceNINdUXi7yk45e76xFYSPuY7Cv5Inmx6WDdy/UOmrWocJvD9lp12Ms2CJXb
WhxfXlwv5Rg3Bg6ig82LCWZ7fZh9PNnDz9b8J3dzZqIsdNeekJjA/5It/naQDmmL
zHnKv5ZWKx+b5FPkEVC212lL5Vg6VULS+vAGBwmFXIZYboUCiZiglnJzic0fojhj
YRIfiK2PO61PI8fVo87f0QJXxOgdVluaJglzGt/s9XNd9nmnZrgm6sYApQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFP+j3Vnws1m9CjuQMFJVPJtAPCjpMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvXzZQZFdmQ3pXYjBLTzVBd1VsVThtMEE4S09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBJd1OAwQC
VetIAwQCixwgAwQBuf42AwQCwSYsAwQBwji6AwQCwqlcMA0GCSqGSIb3DQEBCwUA
A4IBAQBIPLd86dVT+gSpqsxsCAzFfauugJQ+ppUecQzrqH2tXYRDiVvn0v29UkV+
c2wf4j6x+9lo+2FoJNLlyplg7pfSrXiZbGlbXb92UcwpMezV2pe8RWPRBBMy32tH
byRHL14Ww9/zsQ3n7XptiZmG/yOnO64pgTeLgljGTdgKuxPC0LzqPWPlpdfJOxT+
YOPER/eA5iVKmTqRRAViODxcVqI4s0Bu2SaInAWRUa2dVHaseSwVGXJqeXt3+ifj
SXxUpzlssRWCDJ4RDka3l1NjnFiVX7lqnFdv0pO2NqxTuIPZAHw8mJjIlrf2u7io
S3Ozj0TnB4Ht2jZsD+2a0cipD2Xt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org