Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/iErLAjEtzpReI3Ni9G1_F2G8DMY.roa
File: iErLAjEtzpReI3Ni9G1_F2G8DMY.roa (raw, json)
Hash identifier: xVcUoPLQuoOEZmDfK6kr8FkumMPcQawgLC43cKEQp3M=
Subject key identifier: 88:4A:CB:02:31:2D:CE:94:5E:23:73:62:F4:6D:7F:17:61:BC:0C:C6
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018B1F2D2B225CD1FE65685E9C44E3178FB6
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/iErLAjEtzpReI3Ni9G1_F2G8DMY.roa
Signing time: Wed 11 Oct 2023 14:38:55 +0000
ROA not before: Wed 11 Oct 2023 14:38:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
193.38.44.0/22 maxlen: 22
139.28.240.0/22 maxlen: 22
185.231.224.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
139.28.48.0/22 maxlen: 22
213.139.224.0/22 maxlen: 22
176.96.128.0/22 maxlen: 22
194.93.48.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
176.53.168.0/22 maxlen: 22
85.8.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 22 Oct 2023 14:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:2d:2b:22:5c:d1:fe:65:68:5e:9c:44:e3:17:8f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Oct 11 14:38:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=884acb02312dce945e237362f46d7f1761bc0cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5a:44:b2:1b:b4:cd:a8:63:b3:90:be:59:3c:
3b:f0:74:23:a0:5f:9c:c7:fb:58:8d:2d:ff:1c:89:
a9:e1:5c:93:39:b6:73:2c:04:9c:b0:dd:c3:f7:b2:
f4:19:ba:71:a2:9a:dd:b2:e3:b7:e9:d6:3c:34:4a:
e1:39:62:56:b8:db:3d:f7:3e:bf:b1:13:86:30:13:
18:a5:88:70:9a:e2:aa:24:ee:26:19:eb:23:3e:c8:
de:42:48:0c:4b:34:f2:8f:e4:1b:7a:a4:5a:78:98:
3a:11:0d:83:bd:7b:e9:44:c9:c4:29:a0:ad:f8:3a:
4b:eb:e5:e9:c2:e8:70:93:8a:7a:92:0d:f7:38:03:
85:9a:27:dc:e0:b3:cf:4b:78:88:6e:ec:3f:d5:66:
43:43:be:c7:51:8d:fe:70:c3:de:5f:c6:ff:f2:fa:
25:41:52:7d:d5:58:2d:08:88:28:06:27:b5:c0:96:
20:12:1c:68:d4:2c:23:cc:c3:e4:e4:72:8c:21:6e:
9d:c9:1c:34:fd:a3:99:d8:48:29:dc:a5:fc:5f:f6:
c9:df:f4:26:c3:33:30:0b:6e:44:32:d0:b4:a1:ad:
eb:3e:1b:ba:a7:85:53:57:e1:5f:53:ae:dc:58:9e:
9c:b3:a7:1b:8e:99:df:2b:84:eb:4f:9f:9c:7f:74:
41:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4A:CB:02:31:2D:CE:94:5E:23:73:62:F4:6D:7F:17:61:BC:0C:C6
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/iErLAjEtzpReI3Ni9G1_F2G8DMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
85.8.156.0-85.8.163.255
92.249.60.0/22
139.28.48.0/22
139.28.240.0/22
176.53.168.0/22
176.96.128.0/22
185.231.224.0/22
193.38.44.0/22
194.93.48.0/22
213.139.224.0/22
Signature Algorithm: sha256WithRSAEncryption
78:7c:7d:46:29:f9:73:fb:94:57:b9:1a:d0:76:21:23:4c:5d:
26:79:35:26:9e:02:c0:90:31:13:e2:38:2c:b9:0e:65:d6:9a:
98:44:98:f8:dc:f7:8c:00:5e:c6:51:b2:24:61:12:9b:c6:f2:
a8:1e:8c:c0:5f:21:a6:cc:dc:d1:86:06:aa:34:64:2a:b8:02:
2b:d9:0a:b3:fc:10:2a:14:e1:95:57:1b:d5:a2:3b:19:af:f4:
e4:0c:7b:a4:b8:47:8f:04:8c:ae:09:e4:3b:dc:45:d8:36:c0:
eb:5b:3a:a3:61:e2:83:84:82:39:6f:90:f5:5d:28:18:12:6d:
cf:a0:26:c8:ba:bf:a2:c7:f0:3d:35:4d:62:77:bd:52:43:5a:
42:14:94:b1:81:14:cd:db:ca:af:28:df:9a:62:fe:ea:f1:57:
7e:f1:26:c0:d3:a6:2c:82:6f:06:29:8b:46:da:30:92:8a:b3:
d6:0e:75:e4:1d:6b:ec:00:e5:f0:6b:9d:4f:8c:16:8c:df:63:
2a:94:39:7a:43:c4:5f:44:d6:ff:8e:2a:74:9f:c4:7b:90:7d:
a5:ee:83:f9:a3:2b:63:b3:b2:bb:df:12:46:38:64:3a:cb:4b:
98:34:3f:a8:09:f5:b3:55:93:17:96:0c:01:6f:2a:4a:69:8b:
67:1d:60:3d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYsfLSsiXNH+ZWhenETjF4+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMDExMTQzODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRhY2IwMjMxMmRjZTk0NWUyMzczNjJmNDZkN2YxNzYxYmMwY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1pEshu0zahjs5C+WTw78HQjoF+c
x/tYjS3/HImp4VyTObZzLAScsN3D97L0GbpxoprdsuO36dY8NErhOWJWuNs99z6/
sROGMBMYpYhwmuKqJO4mGesjPsjeQkgMSzTyj+QbeqRaeJg6EQ2DvXvpRMnEKaCt
+DpL6+Xpwuhwk4p6kg33OAOFmifc4LPPS3iIbuw/1WZDQ77HUY3+cMPeX8b/8vol
QVJ91VgtCIgoBie1wJYgEhxo1CwjzMPk5HKMIW6dyRw0/aOZ2Egp3KX8X/bJ3/Qm
wzMwC25EMtC0oa3rPhu6p4VTV+FfU67cWJ6cs6cbjpnfK4TrT5+cf3RBkQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFIhKywIxLc6UXiNzYvRtfxdhvAzGMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvaUVyTEFqRXR6cFJlSTNOaTlHMV9GMkc4RE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCU6v0MAwD
BAJVCJwDBAJVCKADBAJc+TwDBAKLHDADBAKLHPADBAKwNagDBAKwYIADBAK55+AD
BALBJiwDBALCXTADBALVi+AwDQYJKoZIhvcNAQELBQADggEBAHh8fUYp+XP7lFe5
GtB2ISNMXSZ5NSaeAsCQMRPiOCy5DmXWmphEmPjc94wAXsZRsiRhEpvG8qgejMBf
IabM3NGGBqo0ZCq4AivZCrP8ECoU4ZVXG9WiOxmv9OQMe6S4R48EjK4J5DvcRdg2
wOtbOqNh4oOEgjlvkPVdKBgSbc+gJsi6v6LH8D01TWJ3vVJDWkIUlLGBFM3byq8o
35pi/urxV37xJsDTpiyCbwYpi0baMJKKs9YOdeQda+wA5fBrnU+MFozfYyqUOXpD
xF9E1v+OKnSfxHuQfaXug/mjK2OzsrvfEkY4ZDrLS5g0P6gJ9bNVkxeWDAFvKkpp
i2cdYD0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org