Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/0w9h6Qj01IxUFN702_9Hr0UpTeo.roa
File: 0w9h6Qj01IxUFN702_9Hr0UpTeo.roa (raw, json)
Hash identifier: EQ7AyHVZGQpmx2cTSXxF1iN1F85rFQzOMk6vMb9srbE=
Subject key identifier: D3:0F:61:E9:08:F4:D4:8C:54:14:DE:F4:DB:FF:47:AF:45:29:4D:EA
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0190BB4FE7A4F9C9C823C3279F65DA7CDF16
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/0w9h6Qj01IxUFN702_9Hr0UpTeo.roa
Signing time: Tue 16 Jul 2024 11:31:34 +0000
ROA not before: Tue 16 Jul 2024 11:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34450
IP address blocks: 85.204.125.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.113.203.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jul 2024 07:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bb:4f:e7:a4:f9:c9:c8:23:c3:27:9f:65:da:7c:df:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jul 16 11:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d30f61e908f4d48c5414def4dbff47af45294dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:66:17:00:b9:81:37:9f:96:2b:7b:19:e7:40:
16:c4:2b:32:06:a6:56:2d:6a:43:06:78:d6:5b:47:
1c:27:bc:bf:f4:11:6f:aa:2a:b9:3f:87:16:f4:05:
eb:69:b4:25:91:0c:9d:97:ec:1d:a8:b5:e4:fb:75:
e1:80:5a:3e:03:d3:ca:f1:ad:b4:05:b1:40:21:3b:
96:1f:aa:9c:85:b2:3a:fc:9d:78:63:80:9a:da:ee:
87:a8:45:84:c1:24:01:de:b1:24:5f:6c:c2:55:e2:
41:d2:85:95:c2:9a:51:f1:e7:87:92:ed:c3:d2:d9:
bc:20:fa:2e:77:4e:03:87:ee:50:19:71:48:d5:31:
30:d0:b0:c3:98:6d:37:c9:d9:25:e1:cc:16:80:e0:
c7:3b:c8:20:a7:2c:5e:ad:96:ee:4c:fe:d8:c1:7e:
66:95:68:87:76:33:c9:69:f1:31:f4:ff:fb:cc:45:
c5:de:11:fc:90:c6:8f:78:e4:9b:bc:10:1d:67:6b:
f8:81:bb:d1:26:9c:1e:c5:4e:96:b6:20:6a:d3:40:
48:eb:54:23:af:de:74:4d:e1:5a:25:cc:86:de:84:
cc:1e:81:d5:4d:6f:9d:35:4f:02:45:58:2a:86:de:
da:23:fe:35:f4:34:3d:6c:ab:8f:90:b0:f1:f4:75:
25:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:0F:61:E9:08:F4:D4:8C:54:14:DE:F4:DB:FF:47:AF:45:29:4D:EA
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/0w9h6Qj01IxUFN702_9Hr0UpTeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
86.106.80.0/24
86.106.104.0/24
89.34.8.0/21
89.43.45.0-89.43.46.255
89.44.209.0/24
93.113.158.0/24
93.113.203.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
a4:4b:d1:49:56:5e:7c:8c:a3:84:33:b8:e2:a6:86:53:14:36:
6e:e7:d8:9f:21:08:ad:1c:76:14:c2:28:ee:51:4f:49:30:dc:
a6:6e:4d:a3:bc:a1:e7:fd:76:52:cd:7b:7e:c8:08:a7:17:07:
44:62:84:e3:b1:24:0e:fc:0f:53:d5:06:46:f1:52:6e:96:ad:
ea:a3:3f:76:e9:83:d1:a9:c9:c4:22:a7:49:7e:d6:37:09:66:
22:24:11:a9:8f:05:b7:2b:ac:05:30:65:9b:cf:79:a5:70:99:
c5:9b:6c:32:a9:84:82:13:78:cf:92:53:12:86:67:4e:b5:c3:
7e:ce:f1:47:65:c0:49:01:9c:a7:de:5f:67:0a:aa:54:41:a6:
e0:3f:f3:1b:fd:cf:1e:3c:82:b7:4b:27:bd:55:45:3e:1c:65:
d8:34:2f:11:ae:68:e4:7f:a4:79:76:81:65:4e:d2:c2:a8:c1:
c1:f4:53:bb:1f:11:07:df:79:3a:40:19:2b:79:56:25:fa:f8:
f8:7a:b7:2d:21:0e:51:79:c4:4c:a5:4a:d4:43:81:37:0e:51:
3b:b3:a1:eb:36:3c:4d:f0:ed:f5:13:c3:7a:cc:8b:3f:4e:cb:
44:c5:c0:b5:30:d6:08:27:5c:23:e3:43:6c:db:c8:9c:a9:63:
89:40:2b:f7
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZC7T+ek+cnII8Mnn2XafN8WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwNzE2MTEzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzBmNjFlOTA4ZjRkNDhjNTQxNGRlZjRkYmZmNDdhZjQ1Mjk0ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WYXALmBN5+WK3sZ50AWxCsyBqZW
LWpDBnjWW0ccJ7y/9BFvqiq5P4cW9AXrabQlkQydl+wdqLXk+3XhgFo+A9PK8a20
BbFAITuWH6qchbI6/J14Y4Ca2u6HqEWEwSQB3rEkX2zCVeJB0oWVwppR8eeHku3D
0tm8IPoud04Dh+5QGXFI1TEw0LDDmG03ydkl4cwWgODHO8ggpyxerZbuTP7YwX5m
lWiHdjPJafEx9P/7zEXF3hH8kMaPeOSbvBAdZ2v4gbvRJpwexU6WtiBq00BI61Qj
r950TeFaJcyG3oTMHoHVTW+dNU8CRVgqht7aI/419DQ9bKuPkLDx9HUlVQIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFNMPYekI9NSMVBTe9Nv/R69FKU3qMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvMHc5aDZRajAxSXhVRk43MDJfOUhyMFVwVGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwYgQCAAEwXAMEAFXMfQME
AFZqUAMEAFZqaAMEA1kiCDAMAwQAWSstAwQAWSsuAwQAWSzRAwQAXXGeAwQAXXHL
AwQAXXI3AwQAXXJjAwQAXXKrAwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAq
BbaAAAEwDQYJKoZIhvcNAQELBQADggEBAKRL0UlWXnyMo4QzuOKmhlMUNm7n2J8h
CK0cdhTCKO5RT0kw3KZuTaO8oef9dlLNe37ICKcXB0RihOOxJA78D1PVBkbxUm6W
reqjP3bpg9GpycQip0l+1jcJZiIkEamPBbcrrAUwZZvPeaVwmcWbbDKphIITeM+S
UxKGZ061w37O8UdlwEkBnKfeX2cKqlRBpuA/8xv9zx48grdLJ71VRT4cZdg0LxGu
aOR/pHl2gWVO0sKowcH0U7sfEQffeTpAGSt5ViX6+Ph6ty0hDlF5xEylStRDgTcO
UTuzoes2PE3w7fUTw3rMiz9Oy0TFwLUw1ggnXCPjQ2zbyJypY4lAK/c=
-----END CERTIFICATE-----
Generated at Thu Jul 18 09:18:59 2024 by rpki-client on console-fra.rpki-client.org