Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/aOyHOwrTdYBAgalD4oK7tQiSrjA.roa
File: aOyHOwrTdYBAgalD4oK7tQiSrjA.roa (raw, json)
Hash identifier: f81ZCXC6C66xfxiMqwcU9r2A9Dfr59W729H+5MqwrSE=
Subject key identifier: 68:EC:87:3B:0A:D3:75:80:40:81:A9:43:E2:82:BB:B5:08:92:AE:30
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018CC94DB7F33E0F2037E55477190FC1738E
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/aOyHOwrTdYBAgalD4oK7tQiSrjA.roa
Signing time: Tue 02 Jan 2024 08:32:42 +0000
ROA not before: Tue 02 Jan 2024 08:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210423
IP address blocks: 217.61.80.0/24 maxlen: 24
217.61.81.0/24 maxlen: 24
84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
95.178.112.0/23 maxlen: 23
95.178.114.0/23 maxlen: 23
84.232.35.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 16 Jan 2024 10:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:b7:f3:3e:0f:20:37:e5:54:77:19:0f:c1:73:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 2 08:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68ec873b0ad375804081a943e282bbb50892ae30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:40:c4:21:15:46:30:30:21:64:63:b0:d9:d6:
70:d0:2d:18:85:0b:60:4e:b1:37:2a:9a:c3:16:67:
0c:7a:fd:2b:54:91:39:ea:f9:b3:7d:48:1a:1d:ca:
87:4a:da:d6:05:98:27:69:c7:95:f1:35:62:b0:e0:
ae:52:6b:0e:2e:6c:20:43:50:aa:d8:8d:b2:f1:d7:
9c:47:c1:7a:74:58:25:97:97:3f:ee:b0:f2:c7:92:
b6:ae:df:e7:91:ef:84:df:99:be:4b:57:9b:b6:8a:
33:69:c4:cc:6d:fb:a5:6a:de:83:cf:7c:11:a9:b9:
a8:db:69:af:8a:49:6b:b5:0c:d7:2c:e0:96:43:5e:
10:1a:3b:16:67:9d:a3:3e:96:76:0b:05:36:29:bb:
9b:44:c6:d1:01:03:5a:6c:34:f4:2a:c6:ce:40:c7:
fd:62:4a:b6:bf:7c:0d:93:72:a5:71:ef:5f:46:86:
13:ce:c5:e1:e7:13:d7:d6:f1:c8:4e:2b:b5:2e:ec:
5d:2a:57:e3:5e:d9:b4:ca:4a:97:8a:e1:4e:9e:f4:
6a:ae:20:5d:3b:b4:f7:87:94:06:fe:50:67:9f:c4:
9f:54:9b:c1:0d:8f:4e:c6:14:a3:23:0a:b4:17:4f:
c5:d7:6c:37:73:e5:d4:8c:e6:7b:18:83:60:e4:93:
c7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EC:87:3B:0A:D3:75:80:40:81:A9:43:E2:82:BB:B5:08:92:AE:30
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/aOyHOwrTdYBAgalD4oK7tQiSrjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0/24
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
217.61.80.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:c3:ad:3d:ba:e8:8f:05:4b:d2:0f:d3:e5:82:50:cc:60:ee:
57:1a:ad:16:96:5f:e3:7e:e6:d8:ec:18:da:fb:91:af:6e:44:
8b:ab:18:d4:fe:04:7c:cc:a1:11:53:ae:4f:b2:3d:78:35:0c:
57:f9:0d:ac:20:ac:30:74:f5:57:f0:0b:6f:35:b7:13:98:13:
db:cb:a0:2d:d8:f3:5a:2c:0b:37:9b:17:6f:99:d4:02:ca:51:
a4:41:17:93:6e:d3:2b:ac:e5:82:4a:5c:6c:2d:5d:f3:0f:07:
a1:eb:d0:35:9c:9c:82:e0:72:69:6c:1f:c4:b8:1b:cd:97:32:
e9:6b:1f:18:95:dc:11:76:1c:e2:2d:6e:cc:13:7d:c3:f8:a8:
aa:a2:4c:ac:88:74:f3:4c:ef:2f:90:33:d1:ce:44:40:48:fb:
3a:ee:1f:eb:a4:00:74:d3:ca:89:ce:c1:ec:05:1e:12:65:b8:
03:09:c2:10:44:9b:f7:5e:9a:68:93:18:fc:23:b8:8f:d8:92:
57:d2:6b:89:bd:1d:c7:79:0e:a1:2f:e3:5c:ad:3c:f0:c6:b5:
3e:9a:0a:05:6d:61:8e:b8:89:c5:24:4e:9d:ff:c3:6a:18:ee:
31:06:0f:2a:01:e8:3e:18:b7:7f:84:72:0f:10:24:fb:5d:c9:
b0:82:af:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTbfzPg8gN+VUdxkPwXOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwMTAyMDgzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGVjODczYjBhZDM3NTgwNDA4MWE5NDNlMjgyYmJiNTA4OTJhZTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kDEIRVGMDAhZGOw2dZw0C0YhQtg
TrE3KprDFmcMev0rVJE56vmzfUgaHcqHStrWBZgnaceV8TVisOCuUmsOLmwgQ1Cq
2I2y8decR8F6dFgll5c/7rDyx5K2rt/nke+E35m+S1ebtoozacTMbfulat6Dz3wR
qbmo22mviklrtQzXLOCWQ14QGjsWZ52jPpZ2CwU2KbubRMbRAQNabDT0KsbOQMf9
Ykq2v3wNk3Klce9fRoYTzsXh5xPX1vHITiu1LuxdKlfjXtm0ykqXiuFOnvRqriBd
O7T3h5QG/lBnn8SfVJvBDY9OxhSjIwq0F0/F12w3c+XUjOZ7GINg5JPHbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGjshzsK03WAQIGpQ+KCu7UIkq4wMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvYU95SE93clRkWUJBZ2FsRDRvSzd0UWlTcmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVOgjAwQB
VOzqAwQBXhguAwQCX7JwAwQB2T1QMA0GCSqGSIb3DQEBCwUAA4IBAQCiw609uuiP
BUvSD9PlglDMYO5XGq0Wll/jfubY7Bja+5GvbkSLqxjU/gR8zKERU65Psj14NQxX
+Q2sIKwwdPVX8AtvNbcTmBPby6At2PNaLAs3mxdvmdQCylGkQReTbtMrrOWCSlxs
LV3zDweh69A1nJyC4HJpbB/EuBvNlzLpax8YldwRdhziLW7ME33D+KiqokysiHTz
TO8vkDPRzkRASPs67h/rpAB008qJzsHsBR4SZbgDCcIQRJv3Xppokxj8I7iP2JJX
0muJvR3HeQ6hL+NcrTzwxrU+mgoFbWGOuInFJE6d/8NqGO4xBg8qAeg+GLd/hHIP
ECT7Xcmwgq/R
-----END CERTIFICATE-----
Generated at Tue Jan 16 13:17:13 2024 by rpki-client on console-fra.rpki-client.org