Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/A8FiTOytNARbUfbTzC1Ysbd0RQg.roa
File: A8FiTOytNARbUfbTzC1Ysbd0RQg.roa (raw, json)
Hash identifier: uZkQUw26JfKvK1fDPM/8UmdJqhSRD0p3je1apwvMPxw=
Subject key identifier: 03:C1:62:4C:EC:AD:34:04:5B:51:F6:D3:CC:2D:58:B1:B7:74:45:08
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018D11C5040857320E5C8EDD308250CEF5B0
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/A8FiTOytNARbUfbTzC1Ysbd0RQg.roa
Signing time: Tue 16 Jan 2024 10:15:40 +0000
ROA not before: Tue 16 Jan 2024 10:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210423
IP address blocks: 217.61.82.0/24 maxlen: 24
217.61.80.0/24 maxlen: 24
217.61.81.0/24 maxlen: 24
84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
95.178.112.0/23 maxlen: 23
95.178.114.0/23 maxlen: 23
84.232.35.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 12 Apr 2024 11:34:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:11:c5:04:08:57:32:0e:5c:8e:dd:30:82:50:ce:f5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 16 10:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03c1624cecad34045b51f6d3cc2d58b1b7744508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:cb:fb:a7:a7:c4:ad:dc:cd:3d:13:a6:39:cd:
25:79:18:26:f9:82:cb:63:70:17:dc:0c:b4:ab:2e:
0f:71:f6:a4:19:58:c6:7f:e0:2f:0e:78:9f:f2:c9:
1a:0e:e0:eb:04:10:30:d7:82:7c:51:1c:8f:ef:7e:
57:c0:99:8d:c8:e1:7a:51:6c:70:93:4f:27:2d:89:
7e:6a:f9:00:3f:39:29:41:d5:48:56:81:c4:2a:a2:
6f:3f:8f:3c:60:5e:3c:20:ae:13:d7:57:72:06:10:
f8:95:c4:02:66:86:ca:93:3c:54:0a:98:55:27:a9:
aa:a3:bd:01:eb:8c:67:5f:56:eb:a6:f2:ba:49:27:
0d:32:22:1e:9f:92:60:42:0a:59:2f:89:ea:ce:05:
e6:19:35:99:ec:b7:fb:e8:f1:8f:e9:8b:dd:42:8d:
2f:e1:03:03:dc:5f:85:96:5b:a6:4b:c3:0a:c3:c3:
e3:d6:ec:4c:28:46:d6:19:ec:7c:39:7c:03:00:84:
d2:d8:51:bc:e7:00:fd:46:5b:0d:22:41:d9:b2:24:
35:db:43:a3:45:e3:f5:a0:8c:e9:f6:09:be:d7:7f:
08:3a:6f:91:e0:57:06:7a:ae:a0:43:2a:9b:48:f3:
d4:aa:1b:b8:22:e1:c3:95:be:0a:7b:83:d5:ce:93:
cf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:C1:62:4C:EC:AD:34:04:5B:51:F6:D3:CC:2D:58:B1:B7:74:45:08
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/A8FiTOytNARbUfbTzC1Ysbd0RQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0/24
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
217.61.80.0-217.61.82.255
Signature Algorithm: sha256WithRSAEncryption
d3:c7:14:7c:24:cd:f3:91:9d:da:12:95:6b:b8:7a:75:2d:47:
20:cd:8c:e7:1d:26:81:30:7b:2a:1c:77:34:ce:18:ca:ed:6a:
09:53:73:6a:99:80:ac:e0:9d:3d:4e:73:a9:5a:30:4e:9f:d3:
30:4e:cd:1f:a0:d1:9f:12:1a:d5:ff:e8:bb:44:46:a3:18:c2:
20:3d:15:11:d8:92:37:a9:12:ff:68:96:1c:69:21:20:42:85:
e7:fe:51:ac:da:67:92:1e:34:4a:6d:2b:6b:a7:7c:52:2d:0c:
e6:4c:64:d6:82:da:18:47:0a:20:b8:ef:96:87:cc:8c:43:50:
83:a9:d6:35:33:ce:a7:e5:49:91:a7:1b:79:f4:14:35:cd:9c:
18:fa:ee:6c:78:1c:30:12:ad:66:02:fb:96:0d:50:e9:2b:03:
38:76:f3:8d:a4:f3:82:54:8b:2d:d1:9f:98:eb:ed:b5:06:73:
50:44:44:ac:c4:fb:85:08:44:53:fe:a9:fb:56:ab:9e:99:00:
61:60:7e:25:d1:d9:79:4b:5e:b5:fb:a2:5a:8d:96:59:f3:8a:
e8:18:15:dd:b4:98:15:56:0e:0e:02:fd:cf:88:59:ac:b0:b6:
03:36:04:67:d8:be:99:71:fe:98:46:97:40:3b:78:15:de:ee:
1c:51:6f:dd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0RxQQIVzIOXI7dMIJQzvWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTE2MTAxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2MxNjI0Y2VjYWQzNDA0NWI1MWY2ZDNjYzJkNThiMWI3NzQ0NTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMv7p6fErdzNPROmOc0leRgm+YLL
Y3AX3Ay0qy4PcfakGVjGf+AvDnif8skaDuDrBBAw14J8URyP735XwJmNyOF6UWxw
k08nLYl+avkAPzkpQdVIVoHEKqJvP488YF48IK4T11dyBhD4lcQCZobKkzxUCphV
J6mqo70B64xnX1brpvK6SScNMiIen5JgQgpZL4nqzgXmGTWZ7Lf76PGP6YvdQo0v
4QMD3F+FllumS8MKw8Pj1uxMKEbWGex8OXwDAITS2FG85wD9RlsNIkHZsiQ120Oj
ReP1oIzp9gm+138IOm+R4FcGeq6gQyqbSPPUqhu4IuHDlb4Ke4PVzpPPHwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAPBYkzsrTQEW1H208wtWLG3dEUIMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvQThGaVRPeXROQVJiVWZiVHpDMVlzYmQwUlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVOgjAwQB
VOzqAwQBXhguAwQCX7JwMAwDBATZPVADBADZPVIwDQYJKoZIhvcNAQELBQADggEB
ANPHFHwkzfORndoSlWu4enUtRyDNjOcdJoEweyocdzTOGMrtaglTc2qZgKzgnT1O
c6laME6f0zBOzR+g0Z8SGtX/6LtERqMYwiA9FRHYkjepEv9olhxpISBChef+Uaza
Z5IeNEptK2unfFItDOZMZNaC2hhHCiC475aHzIxDUIOp1jUzzqflSZGnG3n0FDXN
nBj67mx4HDASrWYC+5YNUOkrAzh2842k84JUiy3Rn5jr7bUGc1BERKzE+4UIRFP+
qftWq56ZAGFgfiXR2XlLXrX7olqNllnziugYFd20mBVWDg4C/c+IWaywtgM2BGfY
vplx/phGl0A7eBXe7hxRb90=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org