Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/1-EPYyUP0-ZvF2tzY24SseSsRYWA.roa
File: 1-EPYyUP0-ZvF2tzY24SseSsRYWA.roa (raw, json)
Hash identifier: aVDXKFxBybuq3RK6aAjC8Oj5djotCmeC8JnLv3YRFtE=
Subject key identifier: F8:43:D8:C9:43:F4:F9:9B:C5:DA:DC:D8:DB:84:AC:79:2B:11:61:60
Certificate issuer: /CN=bbd932f7064b1fde9a1225f332779fc22e673239
Certificate serial: 0185729EE9601094B1965B4C1E38E1779516
Authority key identifier: BB:D9:32:F7:06:4B:1F:DE:9A:12:25:F3:32:77:9F:C2:2E:67:32:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/1-EPYyUP0-ZvF2tzY24SseSsRYWA.roa
Signing time: Mon 02 Jan 2023 13:14:55 +0000
ROA not before: Mon 02 Jan 2023 13:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12605
IP address blocks: 212.33.32.0/19 maxlen: 19
90.146.0.0/17 maxlen: 17
90.146.0.0/16 maxlen: 16
185.196.156.0/22 maxlen: 22
81.10.128.0/17 maxlen: 17
90.146.128.0/17 maxlen: 17
212.241.64.0/18 maxlen: 18
86.56.128.0/17 maxlen: 17
2a00:cf8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:e9:60:10:94:b1:96:5b:4c:1e:38:e1:77:95:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd932f7064b1fde9a1225f332779fc22e673239
Validity
Not Before: Jan 2 13:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f843d8c943f4f99bc5dadcd8db84ac792b116160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:71:f9:fc:de:32:e5:a1:de:09:fd:55:37:16:
17:86:8e:0d:ce:0e:09:0e:24:8b:8a:9f:fd:07:6b:
51:a4:32:dd:79:93:a8:5b:12:7f:51:76:9d:2c:5c:
a6:24:0d:7b:e4:f5:ab:70:58:44:fc:f4:74:fa:95:
1a:38:cf:cf:21:00:8b:76:71:c7:8c:22:65:80:98:
5b:16:6d:54:24:91:9c:4f:9f:00:78:2d:cc:c9:c9:
20:e7:a5:aa:b3:ad:94:24:7f:ed:27:3b:39:85:23:
2b:fc:52:07:f6:65:54:74:07:67:8f:c8:ad:74:73:
7a:5a:87:09:28:60:43:44:a1:94:e5:26:43:5f:ac:
7f:18:f3:a9:4c:45:3d:58:59:e0:f9:90:54:84:53:
5f:a6:52:18:37:25:63:5b:d6:f9:70:e6:52:43:59:
8e:8b:8e:31:ac:72:7b:fc:da:fe:ff:bc:00:22:c0:
53:fc:5c:48:bd:80:02:11:91:23:ea:c2:7d:ea:3c:
4e:c9:2a:b3:12:d3:f9:aa:13:2f:41:45:1d:02:41:
75:5e:61:97:24:49:5a:b0:94:16:91:41:40:a9:d3:
b8:e3:d3:aa:e6:89:1c:ab:55:c1:66:3d:06:b0:b8:
b3:da:38:c6:8e:bb:4c:e4:85:f4:73:7a:94:37:20:
85:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:43:D8:C9:43:F4:F9:9B:C5:DA:DC:D8:DB:84:AC:79:2B:11:61:60
X509v3 Authority Key Identifier:
keyid:BB:D9:32:F7:06:4B:1F:DE:9A:12:25:F3:32:77:9F:C2:2E:67:32:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/1-EPYyUP0-ZvF2tzY24SseSsRYWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/u9ky9wZLH96aEiXzMnefwi5nMjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.10.128.0/17
86.56.128.0/17
90.146.0.0/16
185.196.156.0/22
212.33.32.0/19
212.241.64.0/18
IPv6:
2a00:cf8::/32
Signature Algorithm: sha256WithRSAEncryption
33:81:c4:23:6e:9b:ea:ad:99:c8:90:82:dc:60:0f:13:00:f4:
88:4d:56:67:15:ab:88:ac:b3:96:a6:2c:52:c4:c6:23:a8:31:
93:f5:06:7e:b6:29:4d:8e:d9:b4:5a:b7:3e:2e:eb:e4:9b:77:
6a:1c:8f:ed:2d:c7:e3:9b:63:84:33:06:22:18:89:3a:8f:ec:
6f:06:09:2c:53:0d:11:bf:1b:f5:4c:57:20:30:48:e2:54:34:
7b:54:32:06:3c:e8:43:46:1b:8a:e6:ce:66:49:74:3d:0d:2a:
32:1e:f3:b4:46:0d:83:90:8a:2d:c2:92:63:e8:d5:ee:f7:d7:
84:cc:f4:1f:66:8e:25:82:ba:3b:25:bc:55:76:9d:51:8a:b7:
54:f8:03:8e:7f:17:bc:1e:59:96:2f:54:6f:ad:f4:ba:a6:39:
57:92:a6:ff:3c:67:ee:4d:21:80:e9:fb:00:f3:29:61:0a:a0:
4a:88:57:e3:35:a7:9d:84:df:42:a5:17:3d:6f:00:8d:24:db:
43:20:ee:3c:5d:fc:51:41:9e:f0:2b:5b:d8:59:fb:af:30:22:
01:1e:1e:8d:0a:db:c5:2e:2e:97:bd:b7:7f:9c:95:a3:81:d1:
d1:9e:e7:ac:4b:f6:1a:d2:2b:66:aa:58:59:95:e4:b0:71:67:
b9:c2:a7:cf
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVynulgEJSxlltMHjjhd5UWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDkzMmY3MDY0YjFmZGU5YTEyMjVmMzMyNzc5ZmMyMmU2
NzMyMzkwHhcNMjMwMTAyMTMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODQzZDhjOTQzZjRmOTliYzVkYWRjZDhkYjg0YWM3OTJiMTE2MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnH5/N4y5aHeCf1VNxYXho4Nzg4J
DiSLip/9B2tRpDLdeZOoWxJ/UXadLFymJA175PWrcFhE/PR0+pUaOM/PIQCLdnHH
jCJlgJhbFm1UJJGcT58AeC3Myckg56Wqs62UJH/tJzs5hSMr/FIH9mVUdAdnj8it
dHN6WocJKGBDRKGU5SZDX6x/GPOpTEU9WFng+ZBUhFNfplIYNyVjW9b5cOZSQ1mO
i44xrHJ7/Nr+/7wAIsBT/FxIvYACEZEj6sJ96jxOySqzEtP5qhMvQUUdAkF1XmGX
JElasJQWkUFAqdO449Oq5okcq1XBZj0GsLiz2jjGjrtM5IX0c3qUNyCFTQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPhD2MlD9Pmbxdrc2NuErHkrEWFgMB8GA1UdIwQY
MBaAFLvZMvcGSx/emhIl8zJ3n8IuZzI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlreTl3WkxIOTZhRWlYek1uZWZ3aTVuTWprLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNThiZGUtYzQ2MS00ODNmLTkxMWIt
ZDE3OTg4MWQwNjE4LzEvMS1FUFl5VVAwLVp2RjJ0elkyNFNzZVNzUllXQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvYTU4YmRlLWM0NjEtNDgzZi05MTFiLWQxNzk4ODFkMDYx
OC8xL3U5a3k5d1pMSDk2YUVpWHpNbmVmd2k1bk1qay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBLBggrBgEFBQcBBwEB/wQ8MDowKQQCAAEwIwMEB1EKgAME
B1Y4gAMDAFqSAwQCucScAwQF1CEgAwQG1PFAMA0EAgACMAcDBQAqAAz4MA0GCSqG
SIb3DQEBCwUAA4IBAQAzgcQjbpvqrZnIkILcYA8TAPSITVZnFauIrLOWpixSxMYj
qDGT9QZ+tilNjtm0Wrc+Luvkm3dqHI/tLcfjm2OEMwYiGIk6j+xvBgksUw0Rvxv1
TFcgMEjiVDR7VDIGPOhDRhuK5s5mSXQ9DSoyHvO0Rg2DkIotwpJj6NXu99eEzPQf
Zo4lgro7JbxVdp1RirdU+AOOfxe8HlmWL1RvrfS6pjlXkqb/PGfuTSGA6fsA8ylh
CqBKiFfjNaedhN9CpRc9bwCNJNtDIO48XfxRQZ7wK1vYWfuvMCIBHh6NCtvFLi6X
vbd/nJWjgdHRnuesS/Ya0itmqlhZleSwcWe5wqfP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:57 2024 by rpki-client on console-ams.rpki-client.org