Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/diH3VVT5nhjG6rhCLBqjsnuIH14.roa
File: diH3VVT5nhjG6rhCLBqjsnuIH14.roa (raw, json)
Hash identifier: 2kdMLTaI7ukLlrN6UWnF/TzIUQkJpEo9TSOLt0y4Muw=
Subject key identifier: 76:21:F7:55:54:F9:9E:18:C6:EA:B8:42:2C:1A:A3:B2:7B:88:1F:5E
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018FE836F956D2000B92A867B1441BD52473
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/diH3VVT5nhjG6rhCLBqjsnuIH14.roa
Signing time: Wed 05 Jun 2024 11:44:27 +0000
ROA not before: Wed 05 Jun 2024 11:44:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8474
IP address blocks: 194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.96.0/19 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 13:55:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:36:f9:56:d2:00:0b:92:a8:67:b1:44:1b:d5:24:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 5 11:44:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7621f75554f99e18c6eab8422c1aa3b27b881f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a0:a2:d7:21:76:33:92:d8:9e:2d:c3:64:a6:
26:08:80:a3:b6:40:06:28:4e:a0:b3:6a:7a:b4:98:
5b:a7:5e:8e:fc:c3:ce:3f:d2:66:5d:f0:d9:cb:83:
11:2a:50:72:c1:71:56:b1:d9:06:bf:ed:aa:32:1c:
89:d1:ca:fd:4b:73:03:8f:44:45:18:9d:b2:b5:bf:
1e:16:cd:25:a6:3a:dc:97:e5:2e:a7:73:6d:5d:35:
8b:98:f8:5d:f9:37:e6:50:3a:60:78:fe:b6:a6:c5:
fe:d7:50:97:3c:a1:bd:18:97:00:3a:aa:e9:1d:9a:
92:42:95:c2:73:c8:fc:b0:bc:3b:e9:71:47:da:06:
0f:98:41:2d:ad:38:ac:58:82:46:0c:13:5f:c2:21:
1c:eb:5d:e5:89:3b:2b:aa:c9:da:bf:c6:dc:ce:8e:
ea:fe:31:ed:f8:8b:59:00:65:6d:03:fc:0d:37:54:
99:98:9c:06:72:8a:42:19:c5:59:38:e6:80:ac:43:
a4:44:dd:f6:82:ee:bc:1b:b5:01:8e:39:3e:51:2b:
4f:a4:fd:31:8a:6a:58:c9:98:7c:1a:5c:57:76:e8:
51:97:58:a2:0c:5e:0c:d8:19:fe:64:74:9f:75:f8:
79:48:62:66:cc:3f:46:2f:a3:e7:85:ff:13:4a:70:
89:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:21:F7:55:54:F9:9E:18:C6:EA:B8:42:2C:1A:A3:B2:7B:88:1F:5E
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/diH3VVT5nhjG6rhCLBqjsnuIH14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
59:70:77:69:c4:2e:d4:21:71:b6:f3:40:f4:36:0a:cb:30:a7:
9a:55:8c:8f:5f:03:fd:64:c9:be:9f:ba:25:46:6f:ab:8c:6c:
c9:7f:5b:55:4a:a2:d2:f9:62:56:c7:55:a9:21:95:c4:af:0a:
65:4d:29:8b:0c:85:d5:72:74:5b:be:74:24:d5:45:9e:4e:a0:
cd:07:a0:e2:a6:6f:35:81:4d:11:50:2f:1d:98:c5:55:2a:6b:
23:f4:8d:c3:f5:4a:47:29:c7:89:84:ce:b3:28:9a:83:c3:46:
c9:31:01:0d:69:05:61:bd:10:a1:f8:33:22:45:26:d5:11:c4:
5b:fa:0b:0b:11:ac:33:45:57:61:32:b2:68:e9:e9:82:9f:04:
22:9a:3d:6e:41:b9:d7:56:d1:0a:6d:05:2e:0b:37:46:b6:1d:
ea:17:a2:0b:b7:82:97:35:e8:a1:d5:7a:3c:7c:fa:42:63:3a:
af:b0:b1:9e:4e:b1:15:f1:5a:33:55:ad:33:40:da:28:8b:df:
10:6f:74:a5:d4:0a:06:7e:3f:53:c6:70:af:36:27:6a:03:8a:
71:81:97:ee:78:18:06:50:b1:3d:ec:18:2c:58:c7:9f:18:f5:
9e:d2:b4:cb:ae:9b:65:4d:f2:f2:c4:98:31:09:22:aa:e4:fc:
4b:1b:e4:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/oNvlW0gALkqhnsUQb1SRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjA1MTE0NDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIxZjc1NTU0Zjk5ZTE4YzZlYWI4NDIyYzFhYTNiMjdiODgxZjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKCi1yF2M5LYni3DZKYmCICjtkAG
KE6gs2p6tJhbp16O/MPOP9JmXfDZy4MRKlBywXFWsdkGv+2qMhyJ0cr9S3MDj0RF
GJ2ytb8eFs0lpjrcl+Uup3NtXTWLmPhd+TfmUDpgeP62psX+11CXPKG9GJcAOqrp
HZqSQpXCc8j8sLw76XFH2gYPmEEtrTisWIJGDBNfwiEc613liTsrqsnav8bczo7q
/jHt+ItZAGVtA/wNN1SZmJwGcopCGcVZOOaArEOkRN32gu68G7UBjjk+UStPpP0x
impYyZh8GlxXduhRl1iiDF4M2Bn+ZHSfdfh5SGJmzD9GL6Pnhf8TSnCJdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHYh91VU+Z4Yxuq4Qiwao7J7iB9eMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZGlIM1ZWVDVuaGpHNnJoQ0xCcWpzbnVJSDE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwjLIAwQB
wjLOAwQFw4pgMA0GCSqGSIb3DQEBCwUAA4IBAQBZcHdpxC7UIXG280D0NgrLMKea
VYyPXwP9ZMm+n7olRm+rjGzJf1tVSqLS+WJWx1WpIZXErwplTSmLDIXVcnRbvnQk
1UWeTqDNB6Dipm81gU0RUC8dmMVVKmsj9I3D9UpHKceJhM6zKJqDw0bJMQENaQVh
vRCh+DMiRSbVEcRb+gsLEawzRVdhMrJo6emCnwQimj1uQbnXVtEKbQUuCzdGth3q
F6ILt4KXNeih1Xo8fPpCYzqvsLGeTrEV8VozVa0zQNooi98Qb3Sl1AoGfj9TxnCv
NidqA4pxgZfueBgGULE97BgsWMefGPWe0rTLrptlTfLyxJgxCSKq5PxLG+TX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org