Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oW5BHSFaGrqi5rHhu98TgsJRBRw.roa
File: oW5BHSFaGrqi5rHhu98TgsJRBRw.roa (raw, json)
Hash identifier: Vwo0jHr2L/O0Nahi00iXR1UXEdgXf/y1tGtXy+EOOes=
Subject key identifier: A1:6E:41:1D:21:5A:1A:BA:A2:E6:B1:E1:BB:DF:13:82:C2:51:05:1C
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018E74B297F41A9E9649A7D43BF93EF8CD31
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oW5BHSFaGrqi5rHhu98TgsJRBRw.roa
Signing time: Mon 25 Mar 2024 08:20:45 +0000
ROA not before: Mon 25 Mar 2024 08:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 93.186.69.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
185.47.91.0/24 maxlen: 24
188.255.128.0/24 maxlen: 24
188.255.200.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
212.69.14.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Mar 2024 09:28:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:b2:97:f4:1a:9e:96:49:a7:d4:3b:f9:3e:f8:cd:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 25 08:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a16e411d215a1abaa2e6b1e1bbdf1382c251051c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:63:94:be:d4:1f:6a:c9:bc:7d:3b:7c:f1:
3a:28:b6:1f:d4:53:ce:6d:95:b3:dc:f4:b1:b2:ae:
3e:05:c1:49:fd:10:18:50:bf:85:8f:1b:fe:bc:14:
e7:2e:10:c0:f5:25:f9:4b:04:83:1a:8d:f3:7f:4f:
dd:79:d9:1f:27:cb:bf:be:9f:62:d8:0c:6c:2b:e4:
75:1a:a7:ca:b5:3a:ef:65:98:fb:d3:94:2a:f3:70:
f7:83:dd:b3:04:20:80:8f:fb:3e:60:cf:e4:ca:af:
d7:76:df:8b:e9:38:87:8f:0e:79:f6:d2:1f:ba:9d:
b2:db:0f:82:41:20:d7:bc:83:f7:a9:52:00:34:41:
f5:83:e0:f5:f1:19:67:7f:6c:fd:10:61:7b:86:49:
c0:2f:6e:63:77:26:0d:0f:76:cf:12:5f:ad:37:69:
ac:2d:83:c5:4e:dd:44:56:03:ab:ce:8e:a0:97:75:
a0:80:78:15:e9:05:54:c5:ab:8b:11:ad:26:a2:1e:
0b:a4:b2:5c:ea:78:d8:bb:6e:ec:db:1d:ad:2d:77:
90:d6:30:ce:ff:8a:db:5b:00:9c:5f:25:49:80:df:
a4:8c:6f:47:a7:82:62:39:56:df:99:3b:9e:22:ab:
d7:f3:d2:c2:7d:d8:b5:21:3d:71:92:3f:5b:f7:01:
7c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6E:41:1D:21:5A:1A:BA:A2:E6:B1:E1:BB:DF:13:82:C2:51:05:1C
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/oW5BHSFaGrqi5rHhu98TgsJRBRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.186.69.0/24
109.121.43.0/24
185.47.91.0/24
188.255.128.0/24
188.255.200.0/24
212.69.13.0-212.69.14.255
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
96:d4:84:80:2e:e1:fa:6e:58:dd:a3:64:9e:fd:3c:fa:7f:86:
d6:73:bd:64:e2:e4:9c:d7:ca:58:bd:1b:9e:4d:80:e5:d4:d9:
0a:ae:03:b7:2f:de:96:44:6a:25:8c:1b:8f:a7:6d:7e:5a:ee:
56:bc:0c:89:95:ae:42:13:04:1b:0f:1a:9b:0c:de:10:16:be:
fa:33:cb:4b:83:84:6d:10:fa:2b:56:f4:f7:7b:1f:65:57:37:
8f:79:6a:87:cd:5e:68:d5:20:b3:78:1a:76:d8:34:35:40:3c:
57:f8:ba:e3:b7:07:f3:0d:0e:f1:9c:5e:03:40:9d:95:c3:84:
ac:e8:10:73:63:25:6a:fa:f9:20:f7:48:f9:b3:13:bf:65:64:
04:9c:48:56:f1:65:94:bb:e5:2a:e7:3c:e8:24:32:ab:72:94:
3f:3c:64:42:fa:18:c6:4f:b5:47:42:58:63:47:9e:fa:a6:bd:
40:c1:1d:1f:0b:11:d7:51:72:08:50:26:41:54:91:f6:23:20:
6e:88:8c:52:7c:3a:ca:7c:00:67:f3:c7:65:38:26:1a:eb:76:
88:39:e8:44:e4:31:64:9f:c8:d8:36:cc:04:3f:ce:8c:d6:d4:
a9:1f:8c:79:17:58:bd:5b:94:b2:c0:25:9a:8c:c7:4a:83:9b:
2a:7f:2c:3d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY50spf0Gp6WSafUO/k++M0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMzI1MDgyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZlNDExZDIxNWExYWJhYTJlNmIxZTFiYmRmMTM4MmMyNTEwNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCdjlL7UH2rJvH07fPE6KLYf1FPO
bZWz3PSxsq4+BcFJ/RAYUL+Fjxv+vBTnLhDA9SX5SwSDGo3zf0/dedkfJ8u/vp9i
2AxsK+R1GqfKtTrvZZj705Qq83D3g92zBCCAj/s+YM/kyq/Xdt+L6TiHjw559tIf
up2y2w+CQSDXvIP3qVIANEH1g+D18Rlnf2z9EGF7hknAL25jdyYND3bPEl+tN2ms
LYPFTt1EVgOrzo6gl3WggHgV6QVUxauLEa0moh4LpLJc6njYu27s2x2tLXeQ1jDO
/4rbWwCcXyVJgN+kjG9Hp4JiOVbfmTueIqvX89LCfdi1IT1xkj9b9wF8jQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKFuQR0hWhq6ouax4bvfE4LCUQUcMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvb1c1QkhTRmFHcnFpNXJIaHU5OFRnc0pSQlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAXbpFAwQA
bXkrAwQAuS9bAwQAvP+AAwQAvP/IMAwDBADURQ0DBADURQ4DBADURRIwDQYJKoZI
hvcNAQELBQADggEBAJbUhIAu4fpuWN2jZJ79PPp/htZzvWTi5JzXyli9G55NgOXU
2QquA7cv3pZEaiWMG4+nbX5a7la8DImVrkITBBsPGpsM3hAWvvozy0uDhG0Q+itW
9Pd7H2VXN495aofNXmjVILN4GnbYNDVAPFf4uuO3B/MNDvGcXgNAnZXDhKzoEHNj
JWr6+SD3SPmzE79lZAScSFbxZZS75SrnPOgkMqtylD88ZEL6GMZPtUdCWGNHnvqm
vUDBHR8LEddRcghQJkFUkfYjIG6IjFJ8Osp8AGfzx2U4Jhrrdog56ETkMWSfyNg2
zAQ/zozW1KkfjHkXWL1blLLAJZqMx0qDmyp/LD0=
-----END CERTIFICATE-----
Generated at Tue Mar 26 11:55:49 2024 by rpki-client on console-ams.rpki-client.org