Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/h8OwEh2rYOucz6qPNHd0IYLCeiQ.roa
File: h8OwEh2rYOucz6qPNHd0IYLCeiQ.roa (raw, json)
Hash identifier: o/v+QvfFPpf5qa7JP4w/W+4rxsSKLDX6ScmPsL18ZaM=
Subject key identifier: 87:C3:B0:12:1D:AB:60:EB:9C:CF:AA:8F:34:77:74:21:82:C2:7A:24
Certificate issuer: /CN=4bf3d18336642b6a9ac8aedffbf7aee6e5e629f4
Certificate serial: 01857102E810B41ED14097570631B9DF6563
Authority key identifier: 4B:F3:D1:83:36:64:2B:6A:9A:C8:AE:DF:FB:F7:AE:E6:E5:E6:29:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S_PRgzZkK2qayK7f-_eu5uXmKfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/h8OwEh2rYOucz6qPNHd0IYLCeiQ.roa
Signing time: Mon 02 Jan 2023 05:44:53 +0000
ROA not before: Mon 02 Jan 2023 05:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43989
IP address blocks: 185.181.136.0/22 maxlen: 22
79.98.40.0/21 maxlen: 21
109.234.56.0/21 maxlen: 21
93.188.96.0/21 maxlen: 21
2a01:b600::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 16 Jun 2023 13:05:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:e8:10:b4:1e:d1:40:97:57:06:31:b9:df:65:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4bf3d18336642b6a9ac8aedffbf7aee6e5e629f4
Validity
Not Before: Jan 2 05:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87c3b0121dab60eb9ccfaa8f3477742182c27a24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:de:bd:44:ba:a3:80:13:57:bf:7b:59:34:e7:
78:d0:b1:79:e3:0b:56:ef:7a:bc:c3:81:bc:e7:b1:
a1:ff:4f:ec:c6:c2:45:1d:1d:dc:f4:97:64:91:59:
2e:92:59:b2:a2:ae:51:40:38:43:c4:c4:af:be:fc:
9d:fd:76:e6:27:76:c1:93:ec:77:66:24:07:c6:e8:
b8:29:87:2b:dd:81:ac:6e:64:db:10:4c:1d:89:69:
89:57:67:b8:b2:d0:f7:9f:10:09:d0:e4:42:44:dc:
1b:d5:a8:97:1e:f0:46:c6:37:0f:74:b9:4d:c5:10:
5a:0c:62:95:10:a8:f3:0c:d9:03:32:49:3c:fe:5c:
13:1e:24:37:b4:33:e7:f8:25:f7:a2:5a:cd:c6:c6:
5f:c2:6f:bb:f8:5a:6b:ab:99:ae:c9:0f:17:25:38:
e3:d2:7f:4d:8b:6f:d1:36:84:e9:7a:6d:0d:70:f8:
bf:b5:06:79:e3:c7:8a:73:bd:8b:35:16:5c:d1:d6:
3b:2e:a5:36:29:c2:06:da:48:5d:a2:e7:fe:44:04:
c4:fd:53:ee:56:1f:18:73:cd:d2:65:c7:cd:16:c1:
0d:d8:cd:b9:4a:9e:aa:71:23:fa:23:57:0c:f3:1f:
27:24:cf:7d:7f:73:93:15:e1:c7:94:ac:5e:b9:af:
a1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C3:B0:12:1D:AB:60:EB:9C:CF:AA:8F:34:77:74:21:82:C2:7A:24
X509v3 Authority Key Identifier:
keyid:4B:F3:D1:83:36:64:2B:6A:9A:C8:AE:DF:FB:F7:AE:E6:E5:E6:29:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S_PRgzZkK2qayK7f-_eu5uXmKfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/h8OwEh2rYOucz6qPNHd0IYLCeiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/642897-530e-4613-af84-0da300c7c63d/1/S_PRgzZkK2qayK7f-_eu5uXmKfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.40.0/21
93.188.96.0/21
109.234.56.0/21
185.181.136.0/22
IPv6:
2a01:b600::/32
Signature Algorithm: sha256WithRSAEncryption
85:cc:77:7d:75:87:c4:85:e2:c9:3e:54:39:1b:f3:4f:75:76:
13:5c:6e:a6:0d:f0:89:54:a6:88:d8:42:dd:60:12:4f:a8:ed:
eb:52:ee:41:5d:85:b8:9e:12:d6:8a:dd:73:1b:24:c5:47:3f:
57:f9:28:e4:8c:50:c0:02:2f:b3:48:af:6d:cc:f0:35:95:4e:
2d:69:8e:94:31:6c:d1:7a:ab:aa:7d:40:54:18:34:15:9a:e3:
6f:12:59:1f:d0:e4:c5:65:69:bd:a9:85:3c:63:88:14:5c:49:
65:05:c2:b7:8c:04:41:56:8f:5a:44:d5:6e:6a:d9:2d:4a:ea:
49:6f:52:ce:99:1f:d1:66:a2:e5:5a:a2:48:5a:cc:f0:78:62:
de:7c:a7:4d:3f:9f:9d:73:16:4c:80:00:31:d0:71:1f:c3:29:
46:f9:54:a5:25:82:fa:a6:e1:90:6e:aa:b7:3b:ab:f8:65:fd:
ee:a7:ab:09:55:c1:29:4b:d0:e2:42:e2:44:d3:f0:31:d5:e5:
66:3f:d4:a8:92:5c:76:b7:e4:da:ea:c7:1b:2c:56:24:9e:28:
ea:b7:de:78:fa:71:ea:11:f6:d4:9f:c5:50:6e:f2:40:6b:d9:
4a:f1:ff:92:82:33:a0:67:46:b3:db:ed:70:3f:ef:8b:11:a0:
11:ee:96:d5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxAugQtB7RQJdXBjG532VjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiZjNkMTgzMzY2NDJiNmE5YWM4YWVkZmZiZjdhZWU2ZTVl
NjI5ZjQwHhcNMjMwMTAyMDU0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MzYjAxMjFkYWI2MGViOWNjZmFhOGYzNDc3NzQyMTgyYzI3YTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud69RLqjgBNXv3tZNOd40LF54wtW
73q8w4G857Gh/0/sxsJFHR3c9JdkkVkuklmyoq5RQDhDxMSvvvyd/XbmJ3bBk+x3
ZiQHxui4KYcr3YGsbmTbEEwdiWmJV2e4stD3nxAJ0ORCRNwb1aiXHvBGxjcPdLlN
xRBaDGKVEKjzDNkDMkk8/lwTHiQ3tDPn+CX3olrNxsZfwm+7+Fprq5muyQ8XJTjj
0n9Ni2/RNoTpem0NcPi/tQZ548eKc72LNRZc0dY7LqU2KcIG2khdouf+RATE/VPu
Vh8Yc83SZcfNFsEN2M25Sp6qcSP6I1cM8x8nJM99f3OTFeHHlKxeua+hRwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIfDsBIdq2DrnM+qjzR3dCGCwnokMB8GA1UdIwQY
MBaAFEvz0YM2ZCtqmsiu3/v3rubl5in0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU19QUmd6WmtLMnFheUs3Zi1fZXU1dVhtS2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi82NDI4OTctNTMwZS00NjEzLWFmODQt
MGRhMzAwYzdjNjNkLzEvaDhPd0VoMnJZT3VjejZxUE5IZDBJWUxDZWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi82NDI4OTctNTMwZS00NjEzLWFmODQtMGRhMzAwYzdjNjNk
LzEvU19QUmd6WmtLMnFheUs3Zi1fZXU1dVhtS2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDT2IoAwQD
XbxgAwQDbeo4AwQCubWIMA0EAgACMAcDBQAqAbYAMA0GCSqGSIb3DQEBCwUAA4IB
AQCFzHd9dYfEheLJPlQ5G/NPdXYTXG6mDfCJVKaI2ELdYBJPqO3rUu5BXYW4nhLW
it1zGyTFRz9X+SjkjFDAAi+zSK9tzPA1lU4taY6UMWzRequqfUBUGDQVmuNvElkf
0OTFZWm9qYU8Y4gUXEllBcK3jARBVo9aRNVuatktSupJb1LOmR/RZqLlWqJIWszw
eGLefKdNP5+dcxZMgAAx0HEfwylG+VSlJYL6puGQbqq3O6v4Zf3up6sJVcEpS9Di
QuJE0/Ax1eVmP9Soklx2t+Ta6scbLFYknijqt954+nHqEfbUn8VQbvJAa9lK8f+S
gjOgZ0az2+1wP++LEaAR7pbV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:20 2024 by rpki-client on console-fra.rpki-client.org