Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/2ww3Bk30rMSHBB6N2ufgSqFJRzc.roa
File: 2ww3Bk30rMSHBB6N2ufgSqFJRzc.roa (raw, json)
Hash identifier: h8kymVPIHMefNTNtOMgPT7gYOytYM13L5E4+MLEpPH0=
Subject key identifier: DB:0C:37:06:4D:F4:AC:C4:87:04:1E:8D:DA:E7:E0:4A:A1:49:47:37
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018C40D64DAB3EE081C4F782F5F996A1601C
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/2ww3Bk30rMSHBB6N2ufgSqFJRzc.roa
Signing time: Wed 06 Dec 2023 20:33:55 +0000
ROA not before: Wed 06 Dec 2023 20:33:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41209
IP address blocks: 195.34.18.0/24 maxlen: 24
195.34.18.0/23 maxlen: 23
195.34.19.0/24 maxlen: 24
85.140.63.0/24 maxlen: 24
85.140.61.0/24 maxlen: 24
85.140.60.0/22 maxlen: 22
85.140.62.0/24 maxlen: 24
85.140.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:40:d6:4d:ab:3e:e0:81:c4:f7:82:f5:f9:96:a1:60:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Dec 6 20:33:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db0c37064df4acc487041e8ddae7e04aa1494737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:9f:16:83:59:ba:10:72:c0:26:15:39:6e:
17:fa:26:e9:e8:77:b6:4e:35:02:f7:76:42:5f:ae:
d1:c6:58:a6:5b:45:80:0f:bf:5f:c7:2e:d8:2e:34:
a1:ad:12:3d:47:31:55:8d:33:6f:12:18:d6:29:de:
ec:27:62:ec:20:8b:59:73:74:69:3a:05:96:c7:92:
4b:52:29:a1:21:a6:6a:b5:e8:59:36:ed:9a:ac:ea:
98:f7:95:04:f4:29:35:3f:7f:3b:50:4d:7f:8f:0a:
a4:a5:2d:4b:2f:8d:4e:bd:44:1e:61:6c:89:82:b2:
ac:63:23:de:a6:20:75:a7:4e:ea:80:ab:81:7a:dd:
25:c9:3a:4c:1a:af:33:cb:53:49:1c:c7:f3:88:47:
56:ea:24:8a:49:1d:8c:e0:47:c5:ae:9f:73:46:c3:
c0:23:c4:48:96:1f:ec:5c:33:ba:f7:20:71:0b:36:
f2:c9:a7:81:ba:b9:bd:02:37:ab:a4:97:3d:10:82:
12:03:4c:da:27:98:6e:62:01:d0:a4:66:44:1d:a2:
a5:78:1b:1c:d9:9f:3c:f9:11:3d:15:8c:0d:c9:34:
45:d8:8b:32:f4:85:29:59:e7:07:9d:04:66:e6:52:
1b:5f:d7:ac:32:66:7b:b8:75:9e:a5:8a:0b:12:67:
22:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0C:37:06:4D:F4:AC:C4:87:04:1E:8D:DA:E7:E0:4A:A1:49:47:37
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/2ww3Bk30rMSHBB6N2ufgSqFJRzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.60.0/22
195.34.18.0/23
Signature Algorithm: sha256WithRSAEncryption
09:8a:86:65:d0:48:6a:3a:4b:45:6d:46:3a:77:bc:a0:9e:0e:
42:85:64:69:8b:fb:57:f6:9b:b3:b3:42:9e:d6:be:43:37:1d:
47:cb:fe:d2:a2:e2:e8:c3:63:4d:e9:1d:60:7e:f6:ee:9b:d3:
5f:e3:de:1e:4f:36:69:77:0b:e0:4c:fd:14:d8:d9:a7:b0:3b:
8d:83:ba:8b:b4:d1:ab:bc:0d:27:ed:96:8b:2c:3f:64:b2:9a:
31:c3:75:5e:e1:f5:14:4c:52:d9:ba:dd:bc:39:30:98:93:d6:
0f:f5:7d:38:a9:c7:20:16:fc:09:62:7b:4d:f4:60:37:7c:fd:
33:26:bc:e2:bb:ec:1f:5d:b5:90:13:3f:83:76:39:1a:c8:52:
f7:bc:b1:3d:74:d8:f9:9c:80:c3:39:97:f1:b2:32:9b:88:b0:
72:25:73:47:9e:a0:f3:e5:1b:bd:99:75:8e:10:31:c6:92:09:
91:76:e1:6e:86:53:88:d8:70:61:4b:54:93:db:12:be:84:6d:
00:cc:29:c5:6a:9b:36:d4:36:7d:00:bd:8c:98:21:5f:69:bd:
dd:a6:26:e0:eb:85:d3:31:55:c4:c2:74:90:9e:c5:8c:e2:b6:
17:27:6e:d0:9b:37:4d:e1:12:b9:ec:ab:8f:8b:8c:75:88:fe:
9e:39:09:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxA1k2rPuCBxPeC9fmWoWAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMjA2MjAzMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBjMzcwNjRkZjRhY2M0ODcwNDFlOGRkYWU3ZTA0YWExNDk0NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp06fFoNZuhBywCYVOW4X+ibp6He2
TjUC93ZCX67RxlimW0WAD79fxy7YLjShrRI9RzFVjTNvEhjWKd7sJ2LsIItZc3Rp
OgWWx5JLUimhIaZqtehZNu2arOqY95UE9Ck1P387UE1/jwqkpS1LL41OvUQeYWyJ
grKsYyPepiB1p07qgKuBet0lyTpMGq8zy1NJHMfziEdW6iSKSR2M4EfFrp9zRsPA
I8RIlh/sXDO69yBxCzbyyaeBurm9AjerpJc9EIISA0zaJ5huYgHQpGZEHaKleBsc
2Z88+RE9FYwNyTRF2Isy9IUpWecHnQRm5lIbX9esMmZ7uHWepYoLEmciBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsMNwZN9KzEhwQejdrn4EqhSUc3MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvMnd3M0JrMzByTVNIQkI2TjJ1ZmdTcUZKUnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVYw8AwQB
wyISMA0GCSqGSIb3DQEBCwUAA4IBAQAJioZl0EhqOktFbUY6d7ygng5ChWRpi/tX
9puzs0Ke1r5DNx1Hy/7SouLow2NN6R1gfvbum9Nf494eTzZpdwvgTP0U2NmnsDuN
g7qLtNGrvA0n7ZaLLD9kspoxw3Ve4fUUTFLZut28OTCYk9YP9X04qccgFvwJYntN
9GA3fP0zJrziu+wfXbWQEz+DdjkayFL3vLE9dNj5nIDDOZfxsjKbiLByJXNHnqDz
5Ru9mXWOEDHGkgmRduFuhlOI2HBhS1ST2xK+hG0AzCnFaps21DZ9AL2MmCFfab3d
pibg64XTMVXEwnSQnsWM4rYXJ27QmzdN4RK57KuPi4x1iP6eOQkA
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:41 2024 by rpki-client on console-ams.rpki-client.org