Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/ku7kVg8Qj5XcBTl4uTsDifct2PM.roa
File: ku7kVg8Qj5XcBTl4uTsDifct2PM.roa (raw, json)
Hash identifier: Zjpb8rfdYqmOPRZqHV5ZMqWdcrfI6zZSRqMxTAX6I04=
Subject key identifier: 92:EE:E4:56:0F:10:8F:95:DC:05:39:78:B9:3B:03:89:F7:2D:D8:F3
Certificate issuer: /CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Certificate serial: 01856C4A5578EC16BC13F78E3D29BA6A66A3
Authority key identifier: 13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/ku7kVg8Qj5XcBTl4uTsDifct2PM.roa
Signing time: Sun 01 Jan 2023 07:44:48 +0000
ROA not before: Sun 01 Jan 2023 07:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12835
IP address blocks: 185.38.252.0/22 maxlen: 22
46.226.200.0/21 maxlen: 21
77.72.192.0/21 maxlen: 21
194.105.48.0/21 maxlen: 21
109.205.104.0/21 maxlen: 21
37.128.136.0/21 maxlen: 21
2a00:10c8::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Oct 2023 12:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:55:78:ec:16:bc:13:f7:8e:3d:29:ba:6a:66:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Validity
Not Before: Jan 1 07:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92eee4560f108f95dc053978b93b0389f72dd8f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a2:65:4b:49:1d:0c:c9:80:e7:79:5f:37:ab:
e1:76:7b:d3:7f:8b:49:8d:32:9a:23:bd:f9:b5:40:
13:70:09:52:b5:46:ab:3a:b0:a4:b5:50:9d:23:ec:
15:99:29:20:8a:cb:a3:3a:bc:91:81:d9:ec:ee:a8:
09:f8:93:96:fc:af:f8:a9:2a:cd:df:92:ca:f5:47:
c6:de:72:39:14:78:57:b9:8e:15:26:54:21:96:c8:
d6:47:e8:38:38:d9:bb:1a:cc:5b:39:5f:9e:7f:4c:
3c:01:d4:5e:40:3c:8e:9a:c7:1e:15:cd:66:56:27:
42:5c:5a:d1:c0:7d:d1:ce:ff:71:44:96:9d:de:0d:
8f:27:d2:12:f4:77:77:20:91:4f:28:b1:3c:67:3e:
39:0e:d5:a2:1f:c2:eb:b8:34:7d:aa:a5:14:ae:9e:
78:90:3d:71:52:41:53:5c:cf:a6:c4:d7:fd:41:15:
30:9d:45:69:fd:24:bb:97:d9:0e:08:89:cf:d8:79:
a3:11:12:e9:40:dd:aa:44:7d:f9:89:3b:6d:84:b6:
dc:c4:da:b8:29:f3:b3:b8:43:a2:66:b7:51:f1:0d:
d4:88:fd:81:1f:18:ca:22:c1:6d:6e:40:22:b5:ce:
e8:2d:63:4b:25:cc:44:ed:63:10:e7:6c:87:09:bc:
78:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EE:E4:56:0F:10:8F:95:DC:05:39:78:B9:3B:03:89:F7:2D:D8:F3
X509v3 Authority Key Identifier:
keyid:13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/ku7kVg8Qj5XcBTl4uTsDifct2PM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.136.0/21
46.226.200.0/21
77.72.192.0/21
109.205.104.0/21
185.38.252.0/22
194.105.48.0/21
IPv6:
2a00:10c8::/32
Signature Algorithm: sha256WithRSAEncryption
ac:ba:48:f0:00:82:f4:3f:48:4b:74:42:74:ea:72:51:bd:0b:
37:24:af:06:a6:64:f8:2f:ca:25:e8:e5:0b:41:68:c0:06:41:
cc:cc:64:6c:4a:5b:ce:da:1e:9c:52:21:d0:19:ef:9b:81:d6:
d6:7a:e9:24:b8:01:f3:02:50:98:c4:63:dd:1e:46:8b:06:2c:
2a:4d:6d:7d:8f:40:bc:83:13:7e:e9:90:bf:fd:ea:21:03:5b:
c4:e9:e1:cb:87:e2:51:ff:ee:8f:c3:3f:bb:5c:9b:c6:98:74:
73:90:64:0a:3c:6e:cc:db:1c:b2:20:0c:ab:f6:c4:b7:7b:d1:
eb:6a:f6:95:ff:f5:14:b4:eb:e6:8d:18:02:74:de:6b:e2:11:
7f:97:cb:21:e5:dc:b1:ef:5f:ec:fd:fd:4e:ac:0b:9c:d5:bf:
d4:8f:37:c8:e0:fa:13:c7:a9:8a:1e:4a:00:cd:26:1e:8c:8e:
00:1b:e2:9e:ab:52:c2:cc:8e:51:c9:a8:08:d6:e8:bb:fd:63:
a3:29:64:66:de:6b:1c:a9:7a:01:8e:ff:84:c0:81:eb:a5:cf:
3b:f8:e6:d7:93:ae:0f:6f:0c:58:d8:65:9c:66:a0:15:f4:e0:
ea:bf:a1:ba:a4:bd:fc:a4:a3:61:7c:1e:f1:f5:05:f6:54:24:
5d:b2:b3:96
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVsSlV47Ba8E/eOPSm6amajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYzlmZDM3Yzc0MzFjZTZhYTNjOTNhNjk1MmM2N2YwZjBj
OTg0NmUwHhcNMjMwMTAxMDc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVlZTQ1NjBmMTA4Zjk1ZGMwNTM5NzhiOTNiMDM4OWY3MmRkOGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKJlS0kdDMmA53lfN6vhdnvTf4tJ
jTKaI735tUATcAlStUarOrCktVCdI+wVmSkgisujOryRgdns7qgJ+JOW/K/4qSrN
35LK9UfG3nI5FHhXuY4VJlQhlsjWR+g4ONm7GsxbOV+ef0w8AdReQDyOmsceFc1m
VidCXFrRwH3Rzv9xRJad3g2PJ9IS9Hd3IJFPKLE8Zz45DtWiH8LruDR9qqUUrp54
kD1xUkFTXM+mxNf9QRUwnUVp/SS7l9kOCInP2HmjERLpQN2qRH35iTtthLbcxNq4
KfOzuEOiZrdR8Q3UiP2BHxjKIsFtbkAitc7oLWNLJcxE7WMQ52yHCbx4RwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJLu5FYPEI+V3AU5eLk7A4n3LdjzMB8GA1UdIwQY
MBaAFBPJ/TfHQxzmqjyTppUsZ/DwyYRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUt
NmEzZGZiNDdmOGM0LzEva3U3a1ZnOFFqNVhjQlRsNHVUc0RpZmN0MlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUtNmEzZGZiNDdmOGM0
LzEvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJYCIAwQD
LuLIAwQDTUjAAwQDbc1oAwQCuSb8AwQDwmkwMA0EAgACMAcDBQAqABDIMA0GCSqG
SIb3DQEBCwUAA4IBAQCsukjwAIL0P0hLdEJ06nJRvQs3JK8GpmT4L8ol6OULQWjA
BkHMzGRsSlvO2h6cUiHQGe+bgdbWeukkuAHzAlCYxGPdHkaLBiwqTW19j0C8gxN+
6ZC//eohA1vE6eHLh+JR/+6Pwz+7XJvGmHRzkGQKPG7M2xyyIAyr9sS3e9HravaV
//UUtOvmjRgCdN5r4hF/l8sh5dyx71/s/f1OrAuc1b/UjzfI4PoTx6mKHkoAzSYe
jI4AG+Keq1LCzI5RyagI1ui7/WOjKWRm3mscqXoBjv+EwIHrpc87+ObXk64PbwxY
2GWcZqAV9ODqv6G6pL38pKNhfB7x9QX2VCRdsrOW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:28 2024 by rpki-client on console-fra.rpki-client.org