Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/FIhWUXkTnVLg-YhKQMg2f5w0FXI.roa
File: FIhWUXkTnVLg-YhKQMg2f5w0FXI.roa (raw, json)
Hash identifier: 9sGrqK3KqGd5QQI2b1Gul6k2PzfsH1wLrwLo5i39j4k=
Subject key identifier: 14:88:56:51:79:13:9D:52:E0:F9:88:4A:40:C8:36:7F:9C:34:15:72
Certificate issuer: /CN=a3e6e823f6dda67d283a9f41a72909906ac9a837
Certificate serial: 01889EF1E499C4F2FB4C1160A65A96382EC9
Authority key identifier: A3:E6:E8:23:F6:DD:A6:7D:28:3A:9F:41:A7:29:09:90:6A:C9:A8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/FIhWUXkTnVLg-YhKQMg2f5w0FXI.roa
Signing time: Fri 09 Jun 2023 06:57:12 +0000
ROA not before: Fri 09 Jun 2023 06:57:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44124
IP address blocks: 195.20.218.0/23 maxlen: 23
195.225.244.0/22 maxlen: 22
78.31.136.0/21 maxlen: 21
193.189.116.0/23 maxlen: 23
185.34.236.0/22 maxlen: 24
81.161.104.0/22 maxlen: 22
79.124.96.0/19 maxlen: 24
2a03:6600::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9e:f1:e4:99:c4:f2:fb:4c:11:60:a6:5a:96:38:2e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e6e823f6dda67d283a9f41a72909906ac9a837
Validity
Not Before: Jun 9 06:57:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1488565179139d52e0f9884a40c8367f9c341572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8a:cf:89:30:4b:a5:b9:b6:f2:7b:e2:a1:0d:
1d:4e:b8:ff:77:92:a2:7d:6d:45:04:a2:c5:e9:80:
2a:00:27:11:87:0a:6f:99:d5:52:74:43:9e:fb:b6:
a8:9e:a3:b9:ac:9f:cb:9c:0f:df:24:ea:e0:95:ae:
ce:89:aa:f3:0d:1e:d2:4e:93:56:86:ad:d4:27:7a:
5b:13:e6:7f:96:a3:04:a1:ee:91:9a:7a:5c:f0:02:
14:a8:ee:65:f4:3d:ea:ed:31:62:6f:fd:23:ea:82:
e5:50:83:e9:c2:95:94:b1:51:1c:23:8f:0a:3c:39:
4b:31:f6:8f:f4:3c:99:69:9d:02:f2:30:b5:fa:22:
32:cd:9f:fe:35:a9:7c:ce:98:00:72:24:dd:37:a9:
03:74:df:a3:3a:69:d9:d9:5b:70:a2:90:ac:1f:27:
d7:44:d3:52:f3:3a:13:83:32:50:14:d4:2e:1f:27:
a6:4a:77:6a:5b:3b:7f:91:0d:05:ef:6c:b9:e6:4a:
57:07:de:1d:20:e3:49:e9:20:38:47:48:d5:b1:3d:
00:c6:02:a3:8c:b1:a6:92:03:a3:75:e5:5c:05:1a:
4b:14:d5:53:fc:9a:1d:48:b3:5e:e4:02:bc:7e:24:
e4:c8:90:62:52:e9:34:a1:9e:7c:45:a1:d7:8e:6a:
ec:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:88:56:51:79:13:9D:52:E0:F9:88:4A:40:C8:36:7F:9C:34:15:72
X509v3 Authority Key Identifier:
keyid:A3:E6:E8:23:F6:DD:A6:7D:28:3A:9F:41:A7:29:09:90:6A:C9:A8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-boI_bdpn0oOp9BpykJkGrJqDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/FIhWUXkTnVLg-YhKQMg2f5w0FXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/18a1bc-967c-4931-85b5-00f00af1c8d7/1/o-boI_bdpn0oOp9BpykJkGrJqDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.136.0/21
79.124.96.0/19
81.161.104.0/22
185.34.236.0/22
193.189.116.0/23
195.20.218.0/23
195.225.244.0/22
IPv6:
2a03:6600::/32
Signature Algorithm: sha256WithRSAEncryption
ad:d5:97:8d:80:14:89:f8:3e:87:04:72:1d:62:12:0b:e9:81:
f9:91:a9:48:2e:91:06:c1:ab:a8:f3:d1:60:3f:95:52:07:60:
a5:69:52:ea:ab:85:20:14:1b:8c:f6:7f:d8:72:c6:d2:f4:08:
0a:cb:2a:02:99:f0:fe:ba:1f:d8:d9:29:09:2d:b7:02:4f:f0:
f5:ec:dd:82:12:af:cc:36:61:e4:6a:49:02:27:4e:04:7c:ea:
29:04:08:26:80:07:ea:1a:71:3d:18:ee:88:dc:b0:df:42:69:
ac:38:9b:26:f2:2d:8b:d0:96:b0:c0:2c:ee:25:83:a2:6f:fa:
ea:89:a2:10:6b:8e:15:cf:6f:13:9f:b4:37:5f:0b:68:2d:f9:
43:a5:e6:b2:7e:1b:55:3c:eb:38:8a:70:5f:8f:92:5c:0c:95:
8b:3a:08:bb:cb:2a:3d:1c:67:a5:72:ad:48:11:43:fa:06:b4:
76:b4:94:3e:5e:19:79:3a:e9:d1:97:43:0e:c0:26:7b:a3:a2:
89:2d:9f:3c:8d:95:1c:6d:be:f6:f6:ad:ac:73:d2:1e:89:81:
34:85:50:4d:2e:f8:fc:c6:be:5a:1c:c7:d1:55:21:4b:79:ca:
6d:f9:29:a0:60:2d:3a:26:d3:67:3c:48:02:09:95:db:cd:0b:
e6:d1:48:16
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYie8eSZxPL7TBFgplqWOC7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTZlODIzZjZkZGE2N2QyODNhOWY0MWE3MjkwOTkwNmFj
OWE4MzcwHhcNMjMwNjA5MDY1NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg4NTY1MTc5MTM5ZDUyZTBmOTg4NGE0MGM4MzY3ZjljMzQxNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvorPiTBLpbm28nvioQ0dTrj/d5Ki
fW1FBKLF6YAqACcRhwpvmdVSdEOe+7aonqO5rJ/LnA/fJOrgla7OiarzDR7STpNW
hq3UJ3pbE+Z/lqMEoe6Rmnpc8AIUqO5l9D3q7TFib/0j6oLlUIPpwpWUsVEcI48K
PDlLMfaP9DyZaZ0C8jC1+iIyzZ/+Nal8zpgAciTdN6kDdN+jOmnZ2VtwopCsHyfX
RNNS8zoTgzJQFNQuHyemSndqWzt/kQ0F72y55kpXB94dIONJ6SA4R0jVsT0AxgKj
jLGmkgOjdeVcBRpLFNVT/JodSLNe5AK8fiTkyJBiUuk0oZ58RaHXjmrsNwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBSIVlF5E51S4PmISkDINn+cNBVyMB8GA1UdIwQY
MBaAFKPm6CP23aZ9KDqfQacpCZBqyag3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1ib0lfYmRwbjBvT3A5QnB5a0prR3JKcURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8xOGExYmMtOTY3Yy00OTMxLTg1YjUt
MDBmMDBhZjFjOGQ3LzEvRkloV1VYa1RuVkxnLVloS1FNZzJmNXcwRlhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8xOGExYmMtOTY3Yy00OTMxLTg1YjUtMDBmMDBhZjFjOGQ3
LzEvby1ib0lfYmRwbjBvT3A5QnB5a0prR3JKcURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDTh+IAwQF
T3xgAwQCUaFoAwQCuSLsAwQBwb10AwQBwxTaAwQCw+H0MA0EAgACMAcDBQAqA2YA
MA0GCSqGSIb3DQEBCwUAA4IBAQCt1ZeNgBSJ+D6HBHIdYhIL6YH5kalILpEGwauo
89FgP5VSB2ClaVLqq4UgFBuM9n/YcsbS9AgKyyoCmfD+uh/Y2SkJLbcCT/D17N2C
Eq/MNmHkakkCJ04EfOopBAgmgAfqGnE9GO6I3LDfQmmsOJsm8i2L0JawwCzuJYOi
b/rqiaIQa44Vz28Tn7Q3XwtoLflDpeayfhtVPOs4inBfj5JcDJWLOgi7yyo9HGel
cq1IEUP6BrR2tJQ+Xhl5OunRl0MOwCZ7o6KJLZ88jZUcbb729q2sc9IeiYE0hVBN
Lvj8xr5aHMfRVSFLecpt+SmgYC06JtNnPEgCCZXbzQvm0UgW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:07 2024 by rpki-client on console-ams.rpki-client.org