Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/L-9w8HzEgD-rR3A9hb_VRtBn0ZU.roa
File: L-9w8HzEgD-rR3A9hb_VRtBn0ZU.roa (raw, json)
Hash identifier: jyRnN5MSp1UUGo/2k0emRmlxt8Z1ucefE1SClgWvJzc=
Subject key identifier: 2F:EF:70:F0:7C:C4:80:3F:AB:47:70:3D:85:BF:D5:46:D0:67:D1:95
Certificate issuer: /CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Certificate serial: 0187222B4EFE83CF027A0CBDEB8F3246CD98
Authority key identifier: 05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/L-9w8HzEgD-rR3A9hb_VRtBn0ZU.roa
Signing time: Mon 27 Mar 2023 08:24:36 +0000
ROA not before: Mon 27 Mar 2023 08:24:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8240
IP address blocks: 185.172.24.0/22 maxlen: 22
195.80.96.0/19 maxlen: 19
185.161.84.0/22 maxlen: 22
213.184.32.0/19 maxlen: 19
2a0b:6c00::/29 maxlen: 29
2a02:88::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:2b:4e:fe:83:cf:02:7a:0c:bd:eb:8f:32:46:cd:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05881f357ea6680dde52a2a9bfbbb6ed4385d8d9
Validity
Not Before: Mar 27 08:24:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fef70f07cc4803fab47703d85bfd546d067d195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bb:90:98:76:c6:4a:43:8c:d3:0c:bf:58:d8:
c4:3a:0e:39:ef:b8:d7:f4:5e:fc:35:c5:8c:da:5b:
ca:c1:55:f5:e1:5d:03:17:95:1b:bb:bb:2b:be:53:
ab:21:11:29:39:7b:9b:fd:25:d8:13:ab:a3:38:cd:
d3:2e:72:4f:a0:ec:74:66:5a:ee:fc:1d:13:31:98:
d3:ce:28:14:28:b2:8d:91:90:31:c4:07:4b:e2:83:
d9:7e:de:73:00:38:39:de:a4:43:3b:b6:0c:d4:42:
cf:10:0f:b7:ca:a9:43:8e:af:58:bf:f6:b7:01:0b:
9d:65:19:88:41:93:f2:70:bb:2d:89:72:c3:c4:e1:
89:93:c5:11:f0:52:0d:8d:c1:1a:a3:0e:e6:81:1d:
ed:bb:1c:07:eb:6b:15:c8:20:b6:3e:bd:2c:ff:84:
50:59:9d:1e:af:4b:5b:58:5c:49:1c:8c:25:ae:63:
d0:c1:5e:bf:25:d1:55:ff:cd:e0:2e:38:f1:25:63:
12:1e:e3:a4:82:77:6a:84:a2:1d:10:dd:e2:5d:79:
09:a9:9e:15:b4:6f:dd:79:cc:60:1a:d8:8b:32:ab:
7b:0e:78:8d:da:e6:9d:58:31:19:4d:21:4b:5f:c6:
4b:ab:ad:7e:3c:ce:1d:f0:46:b3:7d:73:0e:cc:bd:
37:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EF:70:F0:7C:C4:80:3F:AB:47:70:3D:85:BF:D5:46:D0:67:D1:95
X509v3 Authority Key Identifier:
keyid:05:88:1F:35:7E:A6:68:0D:DE:52:A2:A9:BF:BB:B6:ED:43:85:D8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BYgfNX6maA3eUqKpv7u27UOF2Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/L-9w8HzEgD-rR3A9hb_VRtBn0ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/abc103-ce66-4fcc-8fe1-3c91ad4b3e08/1/BYgfNX6maA3eUqKpv7u27UOF2Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.84.0/22
185.172.24.0/22
195.80.96.0/19
213.184.32.0/19
IPv6:
2a02:88::/32
2a0b:6c00::/29
Signature Algorithm: sha256WithRSAEncryption
d0:5b:5a:16:5d:01:3e:a2:98:c4:4f:79:f6:94:29:b1:e6:0c:
e1:e1:01:09:32:88:92:ba:83:39:27:af:cb:1c:ee:ce:a7:e4:
96:15:8d:31:f3:78:b2:0e:44:9d:85:d2:79:0e:36:e6:dd:05:
0e:e8:7c:f2:cf:26:06:18:83:1c:f0:9f:1c:3c:51:55:4d:f1:
b7:b1:29:32:12:b1:1c:47:9d:32:ae:91:90:53:74:55:e2:0e:
f8:ba:27:4d:78:1c:9c:5a:37:49:47:c8:44:a6:91:c3:46:4a:
af:f0:a1:40:ad:55:4a:d4:23:31:92:c6:c9:1b:62:1d:16:44:
81:a8:25:69:3d:a4:24:da:17:36:b9:1f:05:7d:e4:ab:99:a6:
74:d3:c5:1c:f5:35:66:5c:62:f0:94:a2:20:32:5c:96:bb:52:
6f:81:9a:38:05:6e:e8:d9:cf:a2:84:b5:77:2a:7a:5b:8c:76:
ec:d6:76:60:4e:9b:28:34:c5:b6:72:08:9a:7c:1b:5e:5b:5b:
bb:21:13:2d:7f:41:ae:6c:1e:20:a2:14:ca:f5:3a:ee:b6:1d:
93:02:c4:a7:e2:2c:bc:b6:d7:fc:be:55:fc:26:f8:bb:5c:be:
a2:28:90:70:26:00:52:1b:a7:48:0b:f1:e7:bf:7e:dc:62:89:
72:ed:35:ad
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYciK07+g88Cegy9648yRs2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ODgxZjM1N2VhNjY4MGRkZTUyYTJhOWJmYmJiNmVkNDM4
NWQ4ZDkwHhcNMjMwMzI3MDgyNDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVmNzBmMDdjYzQ4MDNmYWI0NzcwM2Q4NWJmZDU0NmQwNjdkMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbuQmHbGSkOM0wy/WNjEOg4577jX
9F78NcWM2lvKwVX14V0DF5Ubu7srvlOrIREpOXub/SXYE6ujOM3TLnJPoOx0Zlru
/B0TMZjTzigUKLKNkZAxxAdL4oPZft5zADg53qRDO7YM1ELPEA+3yqlDjq9Yv/a3
AQudZRmIQZPycLstiXLDxOGJk8UR8FINjcEaow7mgR3tuxwH62sVyCC2Pr0s/4RQ
WZ0er0tbWFxJHIwlrmPQwV6/JdFV/83gLjjxJWMSHuOkgndqhKIdEN3iXXkJqZ4V
tG/decxgGtiLMqt7DniN2uadWDEZTSFLX8ZLq61+PM4d8EazfXMOzL03nQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFC/vcPB8xIA/q0dwPYW/1UbQZ9GVMB8GA1UdIwQY
MBaAFAWIHzV+pmgN3lKiqb+7tu1DhdjZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEt
M2M5MWFkNGIzZTA4LzEvTC05dzhIekVnRC1yUjNBOWhiX1ZSdEJuMFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9hYmMxMDMtY2U2Ni00ZmNjLThmZTEtM2M5MWFkNGIzZTA4
LzEvQllnZk5YNm1hQTNlVXFLcHY3dTI3VU9GMk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCuaFUAwQC
uawYAwQFw1BgAwQF1bggMBQEAgACMA4DBQAqAgCIAwUDKgtsADANBgkqhkiG9w0B
AQsFAAOCAQEA0FtaFl0BPqKYxE959pQpseYM4eEBCTKIkrqDOSevyxzuzqfklhWN
MfN4sg5EnYXSeQ425t0FDuh88s8mBhiDHPCfHDxRVU3xt7EpMhKxHEedMq6RkFN0
VeIO+LonTXgcnFo3SUfIRKaRw0ZKr/ChQK1VStQjMZLGyRtiHRZEgaglaT2kJNoX
NrkfBX3kq5mmdNPFHPU1Zlxi8JSiIDJclrtSb4GaOAVu6NnPooS1dyp6W4x27NZ2
YE6bKDTFtnIImnwbXltbuyETLX9BrmweIKIUyvU67rYdkwLEp+IsvLbX/L5V/Cb4
u1y+oiiQcCYAUhunSAvx579+3GKJcu01rQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:10 2024 by rpki-client on console-fra.rpki-client.org