Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/9fP3NJUs1xOmaZCs9JeyW2YW5l0.roa
File: 9fP3NJUs1xOmaZCs9JeyW2YW5l0.roa (raw, json)
Hash identifier: EqTeKw5qSnsLPF9LTNySYaUc1umtb3HcmoUgcFrUPQo=
Subject key identifier: F5:F3:F7:34:95:2C:D7:13:A6:69:90:AC:F4:97:B2:5B:66:16:E6:5D
Certificate issuer: /CN=8f368feb9e553bdd131562584a3353b1d7555c50
Certificate serial: 018CCA2B92AAC7F08C6446E74D4EE29E3798
Authority key identifier: 8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/9fP3NJUs1xOmaZCs9JeyW2YW5l0.roa
Signing time: Tue 02 Jan 2024 12:35:02 +0000
ROA not before: Tue 02 Jan 2024 12:35:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201565
IP address blocks: 185.11.232.0/22 maxlen: 22
185.91.151.0/24 maxlen: 24
185.91.150.0/24 maxlen: 24
185.91.149.0/24 maxlen: 24
185.91.148.0/24 maxlen: 24
94.176.185.0/24 maxlen: 24
94.176.184.0/24 maxlen: 24
185.59.96.0/22 maxlen: 22
89.35.206.0/24 maxlen: 24
89.35.207.0/24 maxlen: 24
2a03:7e40::/36 maxlen: 36
2a03:7e40:1000::/36 maxlen: 36
2a03:7e40:3000::/36 maxlen: 36
2a03:7e40:2000::/36 maxlen: 36
2a03:7e40:4000::/36 maxlen: 36
2a03:7e40:5000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 13 May 2024 08:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:92:aa:c7:f0:8c:64:46:e7:4d:4e:e2:9e:37:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f368feb9e553bdd131562584a3353b1d7555c50
Validity
Not Before: Jan 2 12:35:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5f3f734952cd713a66990acf497b25b6616e65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:43:3a:8a:ad:81:ca:53:1c:f5:89:4b:70:a4:
02:d0:1e:4b:3d:72:ca:80:c8:9e:b2:47:91:87:8f:
60:f9:a7:55:69:55:9f:74:47:31:ef:8b:75:f9:7f:
74:32:a8:9f:67:cf:d1:80:2e:84:e7:2c:9e:b7:6b:
5e:96:53:c8:70:b0:af:37:72:78:45:9a:7f:12:12:
ef:35:27:24:e9:c3:45:c6:ee:9b:1c:1d:c5:fb:e3:
fa:5f:03:d7:12:df:72:ed:2d:0b:3a:73:e7:77:6a:
87:ba:c7:ff:39:dd:cd:05:ae:58:59:9b:8f:00:54:
e8:88:fa:59:ee:89:fa:55:05:92:e1:f8:1b:b0:c9:
05:ef:ed:96:0e:76:ee:42:6b:8d:46:4e:a1:af:73:
24:b4:e6:87:d3:f2:e9:ae:47:f7:4e:3d:db:5b:36:
1b:af:ff:d3:da:3c:50:f2:33:9a:23:20:03:68:26:
ab:d1:55:01:6e:eb:a2:34:d1:46:b7:43:a7:90:ea:
a9:9d:16:a2:b0:c3:cd:3f:1b:31:0d:08:bf:f5:1d:
17:38:8d:83:96:4e:b9:23:71:d7:88:c9:e3:44:42:
f6:8d:b7:ee:97:7a:47:30:b0:8c:b3:f1:02:d4:d7:
7d:44:1b:31:08:76:30:d9:a3:ca:74:65:b2:31:3b:
44:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:F3:F7:34:95:2C:D7:13:A6:69:90:AC:F4:97:B2:5B:66:16:E6:5D
X509v3 Authority Key Identifier:
keyid:8F:36:8F:EB:9E:55:3B:DD:13:15:62:58:4A:33:53:B1:D7:55:5C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzaP655VO90TFWJYSjNTsddVXFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/9fP3NJUs1xOmaZCs9JeyW2YW5l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/0547cb-c5dc-4e2f-aff7-3eca7df2ae57/1/jzaP655VO90TFWJYSjNTsddVXFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.206.0/23
94.176.184.0/23
185.11.232.0/22
185.59.96.0/22
185.91.148.0/22
IPv6:
2a03:7e40::-2a03:7e40:5fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:2c:17:e9:ef:b3:8f:22:a6:4a:bc:89:11:64:fc:ee:7a:0f:
74:b8:24:68:8a:b4:9d:1e:16:21:e3:13:bd:11:be:80:26:9e:
f2:4e:02:24:00:e7:87:f8:6d:47:34:5b:8d:0f:ac:37:50:6a:
9b:08:2e:a4:94:4a:84:a6:4c:9e:57:d9:c6:ac:f2:c0:de:dd:
67:8b:9f:0d:4a:73:45:8a:20:db:8f:8f:21:87:bc:ac:ae:a0:
21:4a:b0:5e:79:88:61:e4:a2:0c:68:07:6f:6f:71:f1:37:1e:
37:11:98:99:48:08:8e:b5:d3:e8:fc:b4:92:f3:62:b8:bf:5b:
48:d1:0b:e1:d8:73:30:a8:b1:65:33:e1:52:46:1a:bd:f0:b6:
28:9b:29:fc:c4:8d:8e:ea:f7:dd:12:bf:38:fc:4b:1e:69:94:
3f:34:be:b9:e5:f3:aa:8b:99:15:f1:ce:59:43:fd:d6:f6:f9:
e4:1d:60:d8:85:e9:a4:41:4d:18:b3:48:76:cc:ca:24:74:4e:
ad:93:6f:28:ed:05:15:91:a7:30:66:a6:b9:d3:e6:df:09:32:
16:a3:c4:7b:ef:87:31:d7:36:51:37:16:f3:81:a8:5c:43:99:
f5:4f:86:59:ee:df:0d:f1:72:53:1a:9a:0a:72:bf:75:43:59:
48:e0:f4:18
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzKK5Kqx/CMZEbnTU7injeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzY4ZmViOWU1NTNiZGQxMzE1NjI1ODRhMzM1M2IxZDc1
NTVjNTAwHhcNMjQwMTAyMTIzNTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWYzZjczNDk1MmNkNzEzYTY2OTkwYWNmNDk3YjI1YjY2MTZlNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6UM6iq2BylMc9YlLcKQC0B5LPXLK
gMieskeRh49g+adVaVWfdEcx74t1+X90MqifZ8/RgC6E5yyet2tellPIcLCvN3J4
RZp/EhLvNSck6cNFxu6bHB3F++P6XwPXEt9y7S0LOnPnd2qHusf/Od3NBa5YWZuP
AFToiPpZ7on6VQWS4fgbsMkF7+2WDnbuQmuNRk6hr3MktOaH0/Lprkf3Tj3bWzYb
r//T2jxQ8jOaIyADaCar0VUBbuuiNNFGt0OnkOqpnRaisMPNPxsxDQi/9R0XOI2D
lk65I3HXiMnjREL2jbful3pHMLCMs/EC1Nd9RBsxCHYw2aPKdGWyMTtE+wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPXz9zSVLNcTpmmQrPSXsltmFuZdMB8GA1UdIwQY
MBaAFI82j+ueVTvdExViWEozU7HXVVxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjct
M2VjYTdkZjJhZTU3LzEvOWZQM05KVXMxeE9tYVpDczlKZXlXMllXNWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8wNTQ3Y2ItYzVkYy00ZTJmLWFmZjctM2VjYTdkZjJhZTU3
LzEvanphUDY1NVZPOTBURldKWVNqTlRzZGRWWEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAkBAIAATAeAwQBWSPOAwQB
XrC4AwQCuQvoAwQCuTtgAwQCuVuUMBcEAgACMBEwDwMFBioDfkADBgUqA35AQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXywX6e+zjyKmSryJEWT87noPdLgkaIq0nR4WIeMT
vRG+gCae8k4CJADnh/htRzRbjQ+sN1BqmwgupJRKhKZMnlfZxqzywN7dZ4ufDUpz
RYog24+PIYe8rK6gIUqwXnmIYeSiDGgHb29x8TceNxGYmUgIjrXT6Py0kvNiuL9b
SNEL4dhzMKixZTPhUkYavfC2KJsp/MSNjur33RK/OPxLHmmUPzS+ueXzqouZFfHO
WUP91vb55B1g2IXppEFNGLNIdszKJHROrZNvKO0FFZGnMGamudPm3wkyFqPEe++H
Mdc2UTcW84GoXEOZ9U+GWe7fDfFyUxqaCnK/dUNZSOD0GA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:51 2024 by rpki-client on console-fra.rpki-client.org