Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/9lOpqxiL_az4vRSwrC2ziFSlfEM.roa
File: 9lOpqxiL_az4vRSwrC2ziFSlfEM.roa (raw, json)
Hash identifier: CuRYAfAiMNyeg/VhgtkGBp9nKq+toWFkBd13xBHiq8s=
Subject key identifier: F6:53:A9:AB:18:8B:FD:AC:F8:BD:14:B0:AC:2D:B3:88:54:A5:7C:43
Certificate issuer: /CN=06defa1311f53f6c441463da8fab3403ad688011
Certificate serial: 01857079C501D05A92D7512376EAA55FAB53
Authority key identifier: 06:DE:FA:13:11:F5:3F:6C:44:14:63:DA:8F:AB:34:03:AD:68:80:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bt76ExH1P2xEFGPaj6s0A61ogBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/9lOpqxiL_az4vRSwrC2ziFSlfEM.roa
Signing time: Mon 02 Jan 2023 03:15:06 +0000
ROA not before: Mon 02 Jan 2023 03:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8661
IP address blocks: 213.163.96.0/19 maxlen: 19
213.163.96.0/22 maxlen: 22
213.163.97.0/24 maxlen: 24
213.163.96.0/24 maxlen: 24
213.163.98.0/24 maxlen: 24
213.163.99.0/24 maxlen: 24
213.163.100.0/22 maxlen: 22
213.163.104.0/21 maxlen: 21
213.163.112.0/20 maxlen: 20
178.175.64.0/18 maxlen: 18
213.163.121.0/24 maxlen: 24
178.175.0.0/17 maxlen: 17
178.175.0.0/18 maxlen: 18
185.47.188.0/22 maxlen: 22
2a02:e540::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:c5:01:d0:5a:92:d7:51:23:76:ea:a5:5f:ab:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06defa1311f53f6c441463da8fab3403ad688011
Validity
Not Before: Jan 2 03:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f653a9ab188bfdacf8bd14b0ac2db38854a57c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9c:c3:7b:1c:c6:ce:5e:dd:f1:59:88:ad:7e:
53:eb:6b:46:72:0a:68:b7:1e:1f:f4:ca:31:95:f4:
90:7c:6c:ea:00:db:2e:5f:80:05:03:00:26:a9:a1:
5b:2e:78:11:53:40:47:70:46:66:1a:3e:19:04:a2:
48:2c:74:7a:84:8d:05:21:fe:85:bb:08:b0:ee:06:
3c:55:08:4f:89:e8:ba:17:31:86:14:42:4d:66:7d:
bd:c1:03:4a:d4:e7:bf:71:8c:e2:bc:8d:23:9a:03:
8b:6c:0f:bc:10:8f:e8:e3:de:1c:1f:da:7d:e4:b4:
91:70:fc:67:c3:75:a1:87:b5:72:82:d6:25:9e:10:
38:24:4e:ec:a0:6d:3b:a1:5d:5c:5e:97:17:8e:5b:
97:82:a7:1a:56:ab:52:98:0d:4f:5c:c4:5e:0c:7b:
a2:94:48:49:a3:7f:a7:67:eb:03:b0:d7:62:58:c4:
d0:91:68:fb:88:ea:7a:66:fc:b9:fd:25:cb:d2:75:
d7:e8:2d:25:94:cd:9d:b3:74:53:2c:b7:1a:41:8a:
54:ee:36:c6:1f:2d:b1:a3:53:df:a9:9a:1e:d4:66:
e1:58:ae:66:d9:35:ff:b8:aa:d8:cd:f9:02:cd:d1:
d4:9b:52:00:5f:ef:e5:4b:18:5c:17:87:5c:51:7b:
7b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:53:A9:AB:18:8B:FD:AC:F8:BD:14:B0:AC:2D:B3:88:54:A5:7C:43
X509v3 Authority Key Identifier:
keyid:06:DE:FA:13:11:F5:3F:6C:44:14:63:DA:8F:AB:34:03:AD:68:80:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bt76ExH1P2xEFGPaj6s0A61ogBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/9lOpqxiL_az4vRSwrC2ziFSlfEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b70c-18bf-4502-bf9f-4f8913a915d3/1/Bt76ExH1P2xEFGPaj6s0A61ogBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.0.0/17
185.47.188.0/22
213.163.96.0/19
IPv6:
2a02:e540::/29
Signature Algorithm: sha256WithRSAEncryption
d1:12:99:21:8b:91:87:c2:26:0e:9e:c9:b7:91:22:e0:03:13:
5c:5c:75:c7:65:6c:b6:e3:fd:ee:50:6b:82:e4:34:aa:ca:4e:
6d:11:b7:ba:ef:a0:35:3b:dc:d6:98:4b:2e:73:d5:75:d4:46:
94:43:5c:cb:82:16:0d:61:7d:ed:e7:dc:5b:b3:77:6e:a5:f1:
71:d7:71:b0:21:86:a5:34:d3:c7:a8:57:0e:e9:36:54:56:ff:
79:96:21:b4:d9:8f:ad:f5:7e:ed:e6:20:9c:ea:34:b5:a3:a2:
34:7c:fd:ea:9f:8e:a8:46:88:9a:1d:01:a3:92:16:72:15:aa:
e6:80:1d:4e:5e:cf:a5:bd:d9:8e:3a:e6:39:e2:de:41:1e:7f:
5e:bd:39:4e:f6:c8:87:58:2e:ba:44:f0:97:d1:24:ff:5e:3a:
92:9d:62:81:5b:7d:90:56:90:1b:92:8f:9c:dc:fc:b9:4a:93:
8a:d5:09:da:bb:b2:96:ae:a0:1f:e3:03:c2:d0:2e:c7:da:63:
db:5c:1f:0a:7a:ed:21:76:09:5a:3f:ef:43:8e:59:b1:12:9f:
a3:26:08:19:24:ac:75:ea:21:2d:99:57:63:17:3c:f0:f0:3d:
d6:7c:48:f6:8a:9f:41:6e:60:02:cf:a6:33:4e:4b:ee:7a:f9:
97:37:f2:60
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwecUB0FqS11EjduqlX6tTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZGVmYTEzMTFmNTNmNmM0NDE0NjNkYThmYWIzNDAzYWQ2
ODgwMTEwHhcNMjMwMTAyMDMxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjUzYTlhYjE4OGJmZGFjZjhiZDE0YjBhYzJkYjM4ODU0YTU3YzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJzDexzGzl7d8VmIrX5T62tGcgpo
tx4f9MoxlfSQfGzqANsuX4AFAwAmqaFbLngRU0BHcEZmGj4ZBKJILHR6hI0FIf6F
uwiw7gY8VQhPiei6FzGGFEJNZn29wQNK1Oe/cYzivI0jmgOLbA+8EI/o494cH9p9
5LSRcPxnw3Whh7VygtYlnhA4JE7soG07oV1cXpcXjluXgqcaVqtSmA1PXMReDHui
lEhJo3+nZ+sDsNdiWMTQkWj7iOp6Zvy5/SXL0nXX6C0llM2ds3RTLLcaQYpU7jbG
Hy2xo1PfqZoe1GbhWK5m2TX/uKrYzfkCzdHUm1IAX+/lSxhcF4dcUXt7WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPZTqasYi/2s+L0UsKwts4hUpXxDMB8GA1UdIwQY
MBaAFAbe+hMR9T9sRBRj2o+rNAOtaIARMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnQ3NkV4SDFQMnhFRkdQYWo2czBBNjFvZ0JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI3MGMtMThiZi00NTAyLWJmOWYt
NGY4OTEzYTkxNWQzLzEvOWxPcHF4aUxfYXo0dlJTd3JDMnppRlNsZkVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI3MGMtMThiZi00NTAyLWJmOWYtNGY4OTEzYTkxNWQz
LzEvQnQ3NkV4SDFQMnhFRkdQYWo2czBBNjFvZ0JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHsq8AAwQC
uS+8AwQF1aNgMA0EAgACMAcDBQMqAuVAMA0GCSqGSIb3DQEBCwUAA4IBAQDREpkh
i5GHwiYOnsm3kSLgAxNcXHXHZWy24/3uUGuC5DSqyk5tEbe676A1O9zWmEsuc9V1
1EaUQ1zLghYNYX3t59xbs3dupfFx13GwIYalNNPHqFcO6TZUVv95liG02Y+t9X7t
5iCc6jS1o6I0fP3qn46oRoiaHQGjkhZyFarmgB1OXs+lvdmOOuY54t5BHn9evTlO
9siHWC66RPCX0ST/XjqSnWKBW32QVpAbko+c3Py5SpOK1Qnau7KWrqAf4wPC0C7H
2mPbXB8Keu0hdglaP+9DjlmxEp+jJggZJKx16iEtmVdjFzzw8D3WfEj2ip9BbmAC
z6YzTkvuevmXN/Jg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:26 2024 by rpki-client on console-fra.rpki-client.org