Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/m6hul4EjZU7ROtrEa4APuRo6ohU.roa
File: m6hul4EjZU7ROtrEa4APuRo6ohU.roa (raw, json)
Hash identifier: S7xodgCUR2q+p+IF2suyHcWaZwv6X6qMEnaNb6yomNs=
Subject key identifier: 9B:A8:6E:97:81:23:65:4E:D1:3A:DA:C4:6B:80:0F:B9:1A:3A:A2:15
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01859B366E61702931D47B05F153D0E09AF7
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/m6hul4EjZU7ROtrEa4APuRo6ohU.roa
Signing time: Tue 10 Jan 2023 10:25:13 +0000
ROA not before: Tue 10 Jan 2023 10:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29262
IP address blocks: 185.254.54.0/24 maxlen: 24
185.254.55.0/24 maxlen: 24
139.28.35.0/24 maxlen: 24
139.28.34.0/24 maxlen: 24
139.28.33.0/24 maxlen: 24
139.28.32.0/24 maxlen: 24
141.98.50.0/24 maxlen: 24
188.119.68.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 16 Feb 2023 05:04:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:36:6e:61:70:29:31:d4:7b:05:f1:53:d0:e0:9a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Jan 10 10:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ba86e978123654ed13adac46b800fb91a3aa215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:cd:36:fc:88:83:7e:43:e1:92:00:22:7a:
0d:4c:78:7b:a3:43:cb:30:57:99:1d:19:09:bb:35:
1d:8c:de:6a:78:ec:54:ab:dd:78:a1:fc:30:9a:e3:
a5:ee:bf:73:6c:73:4a:c4:dd:7f:b4:37:ba:11:57:
12:14:e7:8b:7c:4b:b7:0a:e9:16:8f:23:b4:48:6e:
78:b6:80:cc:40:1a:ba:e2:cc:50:36:c3:aa:46:4a:
37:fa:49:c4:a8:39:ad:e8:1f:21:fa:46:c4:08:1d:
64:d6:7b:bb:6a:cc:25:5a:20:71:d4:88:76:f4:1c:
c8:0b:a2:11:73:f5:d8:da:7c:d6:8f:44:f6:74:49:
07:0b:30:27:5b:6c:6b:68:17:e9:d8:15:e8:e5:a5:
c2:59:18:7c:2c:73:92:da:37:62:bd:d3:3c:3a:2e:
a1:b5:aa:5a:9a:92:e1:52:5c:59:16:29:7e:15:c4:
05:c0:6b:04:85:cb:29:3b:cc:cd:32:7a:60:fe:11:
fd:7f:0c:b4:21:5c:5b:fe:54:47:f4:61:8e:02:fb:
5a:8f:d3:3b:1a:2d:a8:b0:f6:b1:2b:ec:b6:0c:1c:
60:ab:26:22:99:39:2b:49:29:bd:17:c9:64:13:58:
85:63:ef:fd:27:7e:b6:80:2a:40:bf:c1:51:39:c8:
97:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A8:6E:97:81:23:65:4E:D1:3A:DA:C4:6B:80:0F:B9:1A:3A:A2:15
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/m6hul4EjZU7ROtrEa4APuRo6ohU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.244.0/22
139.28.32.0/22
141.98.50.0/24
185.254.54.0/23
188.119.68.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
62:ed:e0:8b:19:6c:d7:f3:79:32:83:30:54:c4:07:3f:c6:36:
88:45:0b:92:94:91:c0:a3:6b:ba:6c:aa:97:22:78:1e:9a:b2:
f1:8a:fc:66:e6:10:2a:cb:e3:70:f8:91:70:39:96:9d:db:71:
4e:e1:71:c9:2e:13:69:ea:48:cd:b1:bd:60:25:45:88:88:1d:
86:59:45:6c:c8:79:87:78:5a:79:cb:4c:50:16:8e:a8:fc:d7:
6e:47:f6:f7:b8:e4:24:0c:b9:8d:a5:a7:92:78:0d:ec:fd:61:
a4:57:35:0c:f7:90:5d:f8:26:95:f8:1a:d6:b2:16:ac:3e:f3:
ec:fc:86:1a:4c:31:5c:b7:fb:9e:a9:c7:de:73:fa:2f:30:c4:
5d:3b:47:54:52:cb:00:75:53:12:91:65:c9:f8:43:22:02:e7:
bc:58:39:5a:67:db:cd:99:d1:69:bf:75:53:01:be:0f:4e:b2:
d9:45:15:cb:80:48:99:cb:a5:5b:31:7b:ca:c7:ff:16:03:86:
5d:49:2d:81:bf:81:27:98:6e:67:2d:25:a8:05:9b:99:92:ea:
e7:b1:f5:a1:a9:a7:5f:bb:c0:1a:b6:50:f2:a4:dd:6f:5e:2f:
1a:7f:40:1c:55:58:d2:f5:4a:f8:bf:51:56:bf:31:1d:15:09:
33:62:cb:b7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWbNm5hcCkx1HsF8VPQ4Jr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMTEwMTAyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmE4NmU5NzgxMjM2NTRlZDEzYWRhYzQ2YjgwMGZiOTFhM2FhMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7TNNvyIg35D4ZIAInoNTHh7o0PL
MFeZHRkJuzUdjN5qeOxUq914ofwwmuOl7r9zbHNKxN1/tDe6EVcSFOeLfEu3CukW
jyO0SG54toDMQBq64sxQNsOqRko3+knEqDmt6B8h+kbECB1k1nu7aswlWiBx1Ih2
9BzIC6IRc/XY2nzWj0T2dEkHCzAnW2xraBfp2BXo5aXCWRh8LHOS2jdivdM8Oi6h
tapampLhUlxZFil+FcQFwGsEhcspO8zNMnpg/hH9fwy0IVxb/lRH9GGOAvtaj9M7
Gi2osPaxK+y2DBxgqyYimTkrSSm9F8lkE1iFY+/9J362gCpAv8FROciX9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJuobpeBI2VO0TraxGuAD7kaOqIVMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvbTZodWw0RWpaVTdST3RyRWE0QVB1Um82b2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCU6v0AwQC
ixwgAwQAjWIyAwQBuf42AwQCvHdEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQBi
7eCLGWzX83kygzBUxAc/xjaIRQuSlJHAo2u6bKqXIngemrLxivxm5hAqy+Nw+JFw
OZad23FO4XHJLhNp6kjNsb1gJUWIiB2GWUVsyHmHeFp5y0xQFo6o/NduR/b3uOQk
DLmNpaeSeA3s/WGkVzUM95Bd+CaV+BrWshasPvPs/IYaTDFct/ueqcfec/ovMMRd
O0dUUssAdVMSkWXJ+EMiAue8WDlaZ9vNmdFpv3VTAb4PTrLZRRXLgEiZy6VbMXvK
x/8WA4ZdSS2Bv4EnmG5nLSWoBZuZkurnsfWhqadfu8AatlDypN1vXi8af0AcVVjS
9Ur4v1FWvzEdFQkzYsu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org