Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/o8ZKFlqJ-J7Eu4BRX4vwz2VyB4g.roa
File: o8ZKFlqJ-J7Eu4BRX4vwz2VyB4g.roa (raw, json)
Hash identifier: SMN+m3wJ4K3D7iL8IB5pNQQzAXLjGmqsPC+rCVLdKn4=
Subject key identifier: A3:C6:4A:16:5A:89:F8:9E:C4:BB:80:51:5F:8B:F0:CF:65:72:07:88
Certificate issuer: /CN=1746948856a2b0adf304a16d0d3ad66857f7fd39
Certificate serial: 01857295CB3598873F0CCC90C49B57D077B8
Authority key identifier: 17:46:94:88:56:A2:B0:AD:F3:04:A1:6D:0D:3A:D6:68:57:F7:FD:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0aUiFaisK3zBKFtDTrWaFf3_Tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/o8ZKFlqJ-J7Eu4BRX4vwz2VyB4g.roa
Signing time: Mon 02 Jan 2023 13:04:57 +0000
ROA not before: Mon 02 Jan 2023 13:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15699
IP address blocks: 87.236.216.0/21 maxlen: 32
88.151.212.0/23 maxlen: 32
88.151.208.0/22 maxlen: 32
88.151.214.0/23 maxlen: 32
185.11.200.0/22 maxlen: 32
94.24.114.0/24 maxlen: 32
94.24.112.0/20 maxlen: 32
212.36.64.0/19 maxlen: 32
109.235.128.0/21 maxlen: 32
2a01:1c8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:95:cb:35:98:87:3f:0c:cc:90:c4:9b:57:d0:77:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1746948856a2b0adf304a16d0d3ad66857f7fd39
Validity
Not Before: Jan 2 13:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3c64a165a89f89ec4bb80515f8bf0cf65720788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2a:64:b6:65:00:67:1d:02:0b:4f:3f:1b:06:
48:fc:4c:97:34:65:16:55:bf:2c:46:68:88:a1:d6:
9c:d7:d9:54:8b:ff:a3:2e:47:47:93:ca:dc:31:ed:
9d:a0:b3:ec:69:b3:3d:22:5f:d3:81:52:b4:e4:af:
2d:40:db:08:bd:80:d3:f5:3e:86:fd:0c:48:1d:f6:
d6:a9:21:4e:03:83:c7:97:c5:cd:42:56:6d:f5:46:
96:3a:3f:57:4a:bc:85:cb:7a:20:5b:65:ed:38:26:
af:ee:9a:90:e1:5d:38:ce:4a:3b:de:63:a5:29:7d:
ed:52:38:b3:30:3f:b2:d7:3b:89:ff:50:a2:1d:3f:
53:33:4a:ab:6b:95:14:32:b8:6b:77:81:ba:a9:ca:
6c:f9:fc:9f:58:71:b7:47:ce:f7:4b:09:9f:82:5e:
6e:f8:99:2f:63:50:52:65:32:74:7e:14:12:a3:19:
08:7e:88:a3:72:af:51:b1:9c:c6:88:94:01:92:84:
21:f2:de:68:7a:27:bb:c5:66:56:fb:ab:9c:ab:12:
a0:25:ea:aa:9b:8a:8a:24:61:6b:d0:42:2a:87:08:
62:a7:53:6c:20:a4:dc:87:f4:82:d1:69:6e:14:c4:
5a:fc:6b:bc:53:f4:86:c3:63:9b:98:ad:fa:20:e0:
70:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C6:4A:16:5A:89:F8:9E:C4:BB:80:51:5F:8B:F0:CF:65:72:07:88
X509v3 Authority Key Identifier:
keyid:17:46:94:88:56:A2:B0:AD:F3:04:A1:6D:0D:3A:D6:68:57:F7:FD:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0aUiFaisK3zBKFtDTrWaFf3_Tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/o8ZKFlqJ-J7Eu4BRX4vwz2VyB4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/086277-821c-405a-9e75-9ba719f259cb/1/F0aUiFaisK3zBKFtDTrWaFf3_Tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.216.0/21
88.151.208.0/21
94.24.112.0/20
109.235.128.0/21
185.11.200.0/22
212.36.64.0/19
IPv6:
2a01:1c8::/32
Signature Algorithm: sha256WithRSAEncryption
6e:67:dd:9a:c7:d6:24:6e:81:5f:c5:9d:83:2c:5d:f0:2f:b4:
32:6d:e9:13:00:4e:e3:fd:af:d7:ad:0d:7a:30:cb:20:61:67:
44:24:7e:87:89:0a:3f:46:f1:20:42:f7:a0:bd:22:ae:56:2b:
99:c4:5e:70:27:69:09:bf:d5:a5:ed:0b:b1:3c:e9:fe:30:84:
5a:9c:9a:22:5b:d8:9c:28:93:10:ba:1e:a4:34:f5:90:63:28:
d0:df:f6:1f:de:f5:02:2c:a3:02:a0:0d:ec:3f:e5:00:c6:6b:
ff:bf:ce:9a:5b:f6:09:78:76:bd:03:ab:7d:0f:d0:cf:db:1a:
93:17:e2:5b:f6:47:de:ac:3a:62:02:74:42:39:97:70:d4:f0:
b9:c1:bf:a8:b0:dc:2f:c1:e2:90:64:02:23:7a:a7:49:5b:a4:
c1:3b:f3:92:6f:88:62:76:fb:60:0d:51:58:55:72:60:93:88:
52:97:01:62:05:e7:41:43:bc:d8:5d:60:5d:7e:83:4a:02:f6:
1a:77:d2:f0:0b:a5:4f:84:1d:c8:72:81:55:43:3a:7c:07:2d:
35:f0:63:1f:7a:ef:13:94:a9:99:c3:e7:23:ba:62:27:ab:15:
08:50:63:2c:b4:e1:c6:5e:2a:1e:b5:91:e8:ba:99:9a:f1:17:
64:39:5a:e6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVylcs1mIc/DMyQxJtX0He4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDY5NDg4NTZhMmIwYWRmMzA0YTE2ZDBkM2FkNjY4NTdm
N2ZkMzkwHhcNMjMwMTAyMTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M2NGExNjVhODlmODllYzRiYjgwNTE1ZjhiZjBjZjY1NzIwNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSpktmUAZx0CC08/GwZI/EyXNGUW
Vb8sRmiIodac19lUi/+jLkdHk8rcMe2doLPsabM9Il/TgVK05K8tQNsIvYDT9T6G
/QxIHfbWqSFOA4PHl8XNQlZt9UaWOj9XSryFy3ogW2XtOCav7pqQ4V04zko73mOl
KX3tUjizMD+y1zuJ/1CiHT9TM0qra5UUMrhrd4G6qcps+fyfWHG3R873Swmfgl5u
+JkvY1BSZTJ0fhQSoxkIfoijcq9RsZzGiJQBkoQh8t5oeie7xWZW+6ucqxKgJeqq
m4qKJGFr0EIqhwhip1NsIKTch/SC0WluFMRa/Gu8U/SGw2ObmK36IOBw3QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKPGShZaifiexLuAUV+L8M9lcgeIMB8GA1UdIwQY
MBaAFBdGlIhWorCt8wShbQ061mhX9/05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBhVWlGYWlzSzN6QktGdERUcldhRmYzX1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wODYyNzctODIxYy00MDVhLTllNzUt
OWJhNzE5ZjI1OWNiLzEvbzhaS0ZscUotSjdFdTRCUlg0dnd6MlZ5QjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wODYyNzctODIxYy00MDVhLTllNzUtOWJhNzE5ZjI1OWNi
LzEvRjBhVWlGYWlzSzN6QktGdERUcldhRmYzX1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV+zYAwQD
WJfQAwQEXhhwAwQDbeuAAwQCuQvIAwQF1CRAMA0EAgACMAcDBQAqAQHIMA0GCSqG
SIb3DQEBCwUAA4IBAQBuZ92ax9YkboFfxZ2DLF3wL7QybekTAE7j/a/XrQ16MMsg
YWdEJH6HiQo/RvEgQvegvSKuViuZxF5wJ2kJv9Wl7QuxPOn+MIRanJoiW9icKJMQ
uh6kNPWQYyjQ3/Yf3vUCLKMCoA3sP+UAxmv/v86aW/YJeHa9A6t9D9DP2xqTF+Jb
9kferDpiAnRCOZdw1PC5wb+osNwvweKQZAIjeqdJW6TBO/OSb4hidvtgDVFYVXJg
k4hSlwFiBedBQ7zYXWBdfoNKAvYad9LwC6VPhB3IcoFVQzp8By018GMfeu8TlKmZ
w+cjumInqxUIUGMstOHGXioetZHoupma8RdkOVrm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:29 2024 by rpki-client on console-ams.rpki-client.org