Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/JIfCpQDEJb7AtNDZq0y0kmRhaHQ.roa
File: JIfCpQDEJb7AtNDZq0y0kmRhaHQ.roa (raw, json)
Hash identifier: HGN7nqLodvZKkSAnwvL4PnA1ehE7rkr0SR5Ly2rvhOA=
Subject key identifier: 24:87:C2:A5:00:C4:25:BE:C0:B4:D0:D9:AB:4C:B4:92:64:61:68:74
Certificate issuer: /CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Certificate serial: 018570CBED1C4B160AB51716FFEAFCB1E23F
Authority key identifier: 3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/JIfCpQDEJb7AtNDZq0y0kmRhaHQ.roa
Signing time: Mon 02 Jan 2023 04:44:50 +0000
ROA not before: Mon 02 Jan 2023 04:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61102
IP address blocks: 81.218.219.0/24 maxlen: 24
81.218.109.0/24 maxlen: 24
81.218.235.0/24 maxlen: 24
81.218.238.0/24 maxlen: 24
82.80.245.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:ed:1c:4b:16:0a:b5:17:16:ff:ea:fc:b1:e2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fedd85c1eccb5ff4ba930117a7329099c0ff2eb
Validity
Not Before: Jan 2 04:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2487c2a500c425bec0b4d0d9ab4cb49264616874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c6:9e:0b:7f:a8:94:f4:ce:1f:15:48:2d:85:
90:98:12:81:18:63:6c:f6:34:e1:85:ea:59:df:da:
07:f3:48:28:14:5f:2c:ac:8f:4c:40:85:67:1c:66:
da:b4:48:87:79:cf:48:c0:5d:cd:2a:ef:77:af:da:
63:fd:fa:9e:f4:71:39:43:56:bd:87:ef:ba:21:d3:
3b:25:f7:e6:f1:2a:66:b6:a2:61:71:98:e7:82:09:
84:d0:cd:11:2a:d0:51:e7:44:3c:1d:7f:53:9d:66:
57:91:13:de:3a:3d:98:bd:e1:99:fa:27:6f:76:8d:
6d:7e:d1:5d:2a:b0:e2:26:1b:19:79:c5:7a:2c:ed:
cc:91:f7:af:e7:ea:6d:a6:25:89:82:9a:08:c7:2a:
6c:2d:04:37:93:f3:f7:44:7c:b8:16:72:de:9d:74:
fb:fd:2f:ac:5f:52:1c:55:4e:99:37:a5:02:74:1c:
79:2f:f9:e7:cd:d0:97:8e:de:fa:6b:72:26:f0:51:
92:f6:da:fb:cb:3e:98:60:a6:6e:fb:d9:22:e8:4f:
c2:32:0d:10:b0:99:c3:4c:69:cd:5c:80:74:28:3f:
fa:c0:6f:7f:1c:bf:1d:fe:f0:e2:94:39:eb:9b:2d:
4d:7d:1e:6c:c8:2f:bc:ae:cb:0f:d2:14:ec:05:37:
4f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:87:C2:A5:00:C4:25:BE:C0:B4:D0:D9:AB:4C:B4:92:64:61:68:74
X509v3 Authority Key Identifier:
keyid:3F:ED:D8:5C:1E:CC:B5:FF:4B:A9:30:11:7A:73:29:09:9C:0F:F2:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-3YXB7Mtf9LqTARenMpCZwP8us.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/JIfCpQDEJb7AtNDZq0y0kmRhaHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/41c321-347e-4c3e-affd-e2b527728e96/1/P-3YXB7Mtf9LqTARenMpCZwP8us.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.218.109.0/24
81.218.219.0/24
81.218.235.0/24
81.218.238.0/24
82.80.245.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:02:26:5b:68:85:74:82:27:4e:49:47:30:0e:f3:67:0e:60:
62:17:5d:b3:91:ad:ed:74:3b:2f:db:19:e2:36:b3:49:53:85:
51:d0:3f:8a:a2:d5:2e:7d:05:a2:2e:7c:df:4a:7a:fa:dd:0b:
68:fd:50:02:33:cc:9b:70:a8:d9:30:3c:fb:57:2b:7d:74:6f:
0a:9c:fa:a1:68:aa:14:3a:0c:22:5b:50:f6:f2:71:13:e4:76:
30:a6:df:5b:92:d1:d7:4c:d6:1e:32:fc:1b:2d:3d:0c:78:fb:
10:cb:fc:71:fe:71:68:ee:b7:06:73:44:0c:a0:d8:17:00:7f:
66:26:7e:9e:de:79:1b:67:b3:cd:f4:2e:64:77:58:53:b0:f3:
8e:28:17:8e:9b:75:5e:e5:de:b1:bd:8d:09:08:24:34:0a:08:
3e:35:a3:c4:b3:31:95:79:8b:59:b5:86:d6:26:f0:65:74:eb:
ad:c1:55:77:ad:e7:31:61:81:ca:02:ea:cb:75:39:44:a4:6c:
2e:31:13:f5:4c:78:20:e0:80:9c:8b:e3:28:6b:b3:14:73:b4:
51:13:cf:24:60:10:9b:db:32:2a:82:fd:04:c5:c8:b7:97:f9:
68:4f:c5:bd:e4:07:0d:15:5b:82:ad:0b:27:28:0f:1a:db:ac:
49:76:fe:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwy+0cSxYKtRcW/+r8seI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZWRkODVjMWVjY2I1ZmY0YmE5MzAxMTdhNzMyOTA5OWMw
ZmYyZWIwHhcNMjMwMTAyMDQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDg3YzJhNTAwYzQyNWJlYzBiNGQwZDlhYjRjYjQ5MjY0NjE2ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6saeC3+olPTOHxVILYWQmBKBGGNs
9jThhepZ39oH80goFF8srI9MQIVnHGbatEiHec9IwF3NKu93r9pj/fqe9HE5Q1a9
h++6IdM7Jffm8SpmtqJhcZjnggmE0M0RKtBR50Q8HX9TnWZXkRPeOj2YveGZ+idv
do1tftFdKrDiJhsZecV6LO3Mkfev5+ptpiWJgpoIxypsLQQ3k/P3RHy4FnLenXT7
/S+sX1IcVU6ZN6UCdBx5L/nnzdCXjt76a3Im8FGS9tr7yz6YYKZu+9ki6E/CMg0Q
sJnDTGnNXIB0KD/6wG9/HL8d/vDilDnrmy1NfR5syC+8rssP0hTsBTdPKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCSHwqUAxCW+wLTQ2atMtJJkYWh0MB8GA1UdIwQY
MBaAFD/t2FwezLX/S6kwEXpzKQmcD/LrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQt
ZTJiNTI3NzI4ZTk2LzEvSklmQ3BRREVKYjdBdE5EWnEweTBrbVJoYUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80MWMzMjEtMzQ3ZS00YzNlLWFmZmQtZTJiNTI3NzI4ZTk2
LzEvUC0zWVhCN010ZjlMcVRBUmVuTXBDWndQOHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUdptAwQA
UdrbAwQAUdrrAwQAUdruAwQAUlD1MA0GCSqGSIb3DQEBCwUAA4IBAQA/AiZbaIV0
gidOSUcwDvNnDmBiF12zka3tdDsv2xniNrNJU4VR0D+KotUufQWiLnzfSnr63Qto
/VACM8ybcKjZMDz7Vyt9dG8KnPqhaKoUOgwiW1D28nET5HYwpt9bktHXTNYeMvwb
LT0MePsQy/xx/nFo7rcGc0QMoNgXAH9mJn6e3nkbZ7PN9C5kd1hTsPOOKBeOm3Ve
5d6xvY0JCCQ0Cgg+NaPEszGVeYtZtYbWJvBldOutwVV3recxYYHKAurLdTlEpGwu
MRP1THgg4ICci+Moa7MUc7RRE88kYBCb2zIqgv0Exci3l/loT8W95AcNFVuCrQsn
KA8a26xJdv5G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:16 2024 by rpki-client on console-ams.rpki-client.org