Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/oPohCGkkf69Cr87o1ciJ9Luv_xs.roa
File: oPohCGkkf69Cr87o1ciJ9Luv_xs.roa (raw, json)
Hash identifier: Gg07ZtdfdKnRnZnc74QrxE/lDHGd3mKfG4YF/pRUjHk=
Subject key identifier: A0:FA:21:08:69:24:7F:AF:42:AF:CE:E8:D5:C8:89:F4:BB:AF:FF:1B
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 0185714C259297D525EDE1858DA122DFC698
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/oPohCGkkf69Cr87o1ciJ9Luv_xs.roa
Signing time: Mon 02 Jan 2023 07:04:53 +0000
ROA not before: Mon 02 Jan 2023 07:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8821
IP address blocks: 82.136.64.0/18 maxlen: 18
158.181.96.0/19 maxlen: 19
185.42.244.0/22 maxlen: 22
212.4.64.0/19 maxlen: 19
62.171.0.0/17 maxlen: 17
151.248.128.0/17 maxlen: 17
2a01:8b80::/29 maxlen: 29
2a01:8b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:25:92:97:d5:25:ed:e1:85:8d:a1:22:df:c6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: Jan 2 07:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0fa210869247faf42afcee8d5c889f4bbafff1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:07:76:b8:ce:6d:f9:09:56:e3:49:d1:e5:86:
7d:56:b1:02:60:ed:64:35:b3:d5:ba:73:1d:fd:23:
31:ae:09:a3:95:19:1f:6c:96:5b:c5:3f:2f:08:18:
d4:27:7e:17:8a:19:5d:6e:1f:8d:cf:2a:b6:35:e3:
70:cd:2f:23:69:a5:5a:92:80:0b:c3:90:8d:d6:ed:
6d:b0:3b:0d:51:1c:cf:5a:65:86:b2:28:cf:ec:f9:
26:b0:90:f0:d6:3f:0f:d7:e8:2c:25:81:2f:d4:23:
71:f7:3b:42:f7:b5:11:68:4f:a9:fe:c7:1a:8b:4e:
13:87:bc:e5:11:66:0b:d3:21:52:79:d2:7f:1b:75:
df:40:01:0a:01:b3:42:ef:dc:aa:41:32:25:db:5c:
cc:88:2d:51:46:77:8f:4c:84:66:fb:4b:94:d4:69:
1e:c9:97:f8:3c:4d:4e:35:d3:db:36:1f:18:b1:f0:
12:26:95:49:81:00:8f:e5:30:55:60:12:5d:33:9b:
bb:72:76:61:69:c2:b5:08:11:08:34:14:b3:cf:d1:
8f:55:42:72:c4:67:ce:bd:06:bd:fc:27:9d:e2:58:
f3:dc:8e:55:b8:9e:c7:b4:4a:ad:6f:c8:26:31:37:
2f:76:9d:b4:18:bc:67:29:d6:66:42:e2:32:35:52:
80:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FA:21:08:69:24:7F:AF:42:AF:CE:E8:D5:C8:89:F4:BB:AF:FF:1B
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/oPohCGkkf69Cr87o1ciJ9Luv_xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.0.0/17
82.136.64.0/18
151.248.128.0/17
158.181.96.0/19
185.42.244.0/22
212.4.64.0/19
IPv6:
2a01:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
7b:60:c7:1b:83:1d:af:d2:ea:15:98:00:83:11:3a:a9:fc:71:
82:51:8e:d9:48:13:7b:50:95:cc:1f:ea:4f:03:03:2b:b0:50:
37:d7:1e:0f:9a:dd:9c:74:c7:a8:42:9b:2d:c1:b3:2c:f6:8b:
63:37:50:d6:81:a5:e5:72:b6:2d:b6:e9:bd:b7:5c:2c:fb:bb:
ab:e5:40:c8:2a:5a:4e:e6:0c:d7:5f:00:b8:7a:55:62:2c:0e:
df:a5:4c:4d:a1:50:3e:f6:22:10:d1:e5:df:22:0a:32:b0:af:
2c:84:69:e7:07:75:6b:ba:bb:b2:f6:bf:45:aa:5a:d8:c9:2e:
ba:32:a6:6d:a2:a1:bb:ab:1b:60:08:8a:50:65:47:cc:3e:55:
a1:96:27:68:7e:ba:61:40:31:70:15:67:f3:bf:f1:3a:8f:db:
fd:c4:60:25:50:76:31:2e:f9:31:d0:a4:4f:f6:ab:8e:33:00:
5a:d1:31:3f:cb:19:2f:dc:e9:cf:9a:0f:94:79:9f:f4:89:77:
e1:23:60:97:02:38:97:35:67:ea:a8:36:4d:58:c7:fd:13:04:
ea:ba:38:13:53:d2:63:e0:ff:9e:2a:88:b9:56:2d:b3:d0:90:
29:31:e8:91:ae:01:6d:e7:b0:c7:a5:3e:e1:e1:85:fb:8f:9e:
3c:a9:fb:bc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVxTCWSl9Ul7eGFjaEi38aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYzJiYzBlM2U1OTMzMmY0YmUyYzU4ZmYyNWExODYxZjVm
ZGU4MTkwHhcNMjMwMTAyMDcwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZhMjEwODY5MjQ3ZmFmNDJhZmNlZThkNWM4ODlmNGJiYWZmZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQd2uM5t+QlW40nR5YZ9VrECYO1k
NbPVunMd/SMxrgmjlRkfbJZbxT8vCBjUJ34Xihldbh+Nzyq2NeNwzS8jaaVakoAL
w5CN1u1tsDsNURzPWmWGsijP7PkmsJDw1j8P1+gsJYEv1CNx9ztC97URaE+p/sca
i04Th7zlEWYL0yFSedJ/G3XfQAEKAbNC79yqQTIl21zMiC1RRnePTIRm+0uU1Gke
yZf4PE1ONdPbNh8YsfASJpVJgQCP5TBVYBJdM5u7cnZhacK1CBEINBSzz9GPVUJy
xGfOvQa9/Ced4ljz3I5VuJ7HtEqtb8gmMTcvdp20GLxnKdZmQuIyNVKAbQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKD6IQhpJH+vQq/O6NXIifS7r/8bMB8GA1UdIwQY
MBaAFErCvA4+WTMvS+LFj/JaGGH1/egZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYt
ODA3M2RjZTA5NjI4LzEvb1BvaENHa2tmNjlDcjg3bzFjaUo5THV2X3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYtODA3M2RjZTA5NjI4
LzEvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQHPqsAAwQG
UohAAwQHl/iAAwQFnrVgAwQCuSr0AwQF1ARAMA0EAgACMAcDBQMqAYuAMA0GCSqG
SIb3DQEBCwUAA4IBAQB7YMcbgx2v0uoVmACDETqp/HGCUY7ZSBN7UJXMH+pPAwMr
sFA31x4Pmt2cdMeoQpstwbMs9otjN1DWgaXlcrYttum9t1ws+7ur5UDIKlpO5gzX
XwC4elViLA7fpUxNoVA+9iIQ0eXfIgoysK8shGnnB3Vruruy9r9FqlrYyS66MqZt
oqG7qxtgCIpQZUfMPlWhlidofrphQDFwFWfzv/E6j9v9xGAlUHYxLvkx0KRP9quO
MwBa0TE/yxkv3OnPmg+UeZ/0iXfhI2CXAjiXNWfqqDZNWMf9EwTqujgTU9Jj4P+e
Koi5Vi2z0JApMeiRrgFt57DHpT7h4YX7j548qfu8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:25 2024 by rpki-client on console-fra.rpki-client.org