Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/o8pTHkEgom39P6I9iKfeErt6ZoQ.roa
File: o8pTHkEgom39P6I9iKfeErt6ZoQ.roa (raw, json)
Hash identifier: Oy+FBGB2GYXERmLXzVUhi1aMceunwn5WIu+QpMBqzUk=
Subject key identifier: A3:CA:53:1E:41:20:A2:6D:FD:3F:A2:3D:88:A7:DE:12:BB:7A:66:84
Certificate issuer: /CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Certificate serial: 018AE14CC8F45B86D15E04AF1354A995F199
Authority key identifier: 5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/o8pTHkEgom39P6I9iKfeErt6ZoQ.roa
Signing time: Fri 29 Sep 2023 14:16:59 +0000
ROA not before: Fri 29 Sep 2023 14:16:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50986
IP address blocks: 193.34.202.0/24 maxlen: 24
31.170.24.0/24 maxlen: 24
31.170.24.0/21 maxlen: 21
185.27.96.0/22 maxlen: 22
178.236.64.0/22 maxlen: 22
178.236.64.0/20 maxlen: 20
178.236.70.0/23 maxlen: 23
178.236.76.0/22 maxlen: 22
2a02:1610::/32 maxlen: 32
2a02:1610::/56 maxlen: 56
2a02:1610:1:1000::/56 maxlen: 56
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:4c:c8:f4:5b:86:d1:5e:04:af:13:54:a9:95:f1:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fa06d5dbada43de44f4e4b1dc9492bb287c9d
Validity
Not Before: Sep 29 14:16:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ca531e4120a26dfd3fa23d88a7de12bb7a6684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bc:76:f7:9f:76:e5:5b:4e:ac:ff:71:83:cc:
d0:24:89:1e:f8:3e:6f:98:a8:16:93:19:00:f8:84:
83:d7:d5:ef:1d:eb:44:33:50:cb:bc:83:b0:a8:71:
c4:1c:d7:51:1b:b3:88:ac:1d:b5:72:28:bb:7e:58:
25:56:fa:12:3b:4b:71:95:3c:7f:d8:b8:1d:39:09:
a2:37:4d:ef:05:40:96:7f:fe:be:f9:32:e0:77:43:
b9:41:da:8f:6c:4c:4c:9d:90:f9:25:17:19:90:3c:
67:9d:84:d9:41:f8:01:2c:4e:8b:dc:1e:55:73:cf:
b8:9c:f6:63:b1:d9:59:04:91:b8:a3:15:89:58:32:
c9:71:4f:a3:90:03:e7:6c:7b:9d:21:ed:bb:9f:3b:
42:f1:d6:7d:af:62:f8:02:44:ab:cc:9c:5e:c6:c5:
d1:5f:fd:ac:31:8d:06:e2:6b:9c:86:ba:59:7e:86:
f6:a3:7f:94:c2:c0:7f:3d:0c:ea:64:96:1d:fc:13:
fc:3c:79:7e:ee:20:b0:a6:bb:37:74:72:90:cc:2d:
87:54:ea:16:ad:d2:37:78:a2:47:de:3a:db:3f:c5:
1a:df:08:61:8c:c7:78:24:d0:85:2e:c8:7d:e2:69:
70:7a:e0:e4:97:e5:ab:ef:60:1c:9d:8f:45:72:7a:
60:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CA:53:1E:41:20:A2:6D:FD:3F:A2:3D:88:A7:DE:12:BB:7A:66:84
X509v3 Authority Key Identifier:
keyid:5F:1F:A0:6D:5D:BA:DA:43:DE:44:F4:E4:B1:DC:94:92:BB:28:7C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx-gbV262kPeRPTksdyUkrsofJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/o8pTHkEgom39P6I9iKfeErt6ZoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/847d17-ba7c-4eae-9d55-25846d59fd60/1/Xx-gbV262kPeRPTksdyUkrsofJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.24.0/21
178.236.64.0/20
185.27.96.0/22
193.34.202.0/24
IPv6:
2a02:1610::/32
Signature Algorithm: sha256WithRSAEncryption
a5:5a:ad:b8:69:f4:49:3f:02:0e:dd:a9:61:0c:f4:33:27:b8:
98:c9:e0:89:34:72:d7:55:ee:0b:49:a9:54:14:92:f0:e6:0c:
31:14:31:ef:e1:ef:8b:de:5a:b6:0f:32:00:2b:88:dd:bc:7c:
54:08:d4:7d:31:25:d2:26:00:1b:1e:f5:49:72:88:ed:8a:6e:
a1:cf:06:aa:e7:1b:59:b1:3e:8f:0d:aa:3e:a9:39:a6:37:e6:
ef:09:68:e7:22:51:11:9d:69:46:c4:4f:6c:b9:6a:ae:0f:9d:
6b:e7:b3:f3:29:31:58:be:2e:14:ab:97:73:3e:3a:4a:d1:78:
0b:c2:07:95:48:cb:79:2c:9d:80:a3:fc:7c:f3:0d:13:af:90:
2a:a9:05:58:07:fe:0a:2e:00:01:38:44:11:4b:78:a6:54:24:
0b:77:4c:02:52:db:ff:c4:d5:38:7a:58:49:9f:a2:16:2d:f7:
ab:16:f2:9f:ed:2e:ee:71:7c:45:da:72:32:37:47:a4:06:65:
01:9a:ca:02:61:30:fb:8b:22:5a:ea:67:fc:ae:11:ca:47:27:
8b:50:1f:b7:a1:a5:d6:ea:6d:b5:b8:39:19:dc:3e:a3:31:3f:
17:58:ed:46:a4:7b:7f:7d:2c:25:a2:e5:29:d0:9d:27:44:bf:
31:0b:6a:96
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYrhTMj0W4bRXgSvE1SplfGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZhMDZkNWRiYWRhNDNkZTQ0ZjRlNGIxZGM5NDkyYmIy
ODdjOWQwHhcNMjMwOTI5MTQxNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NhNTMxZTQxMjBhMjZkZmQzZmEyM2Q4OGE3ZGUxMmJiN2E2Njg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbx295925VtOrP9xg8zQJIke+D5v
mKgWkxkA+ISD19XvHetEM1DLvIOwqHHEHNdRG7OIrB21cii7flglVvoSO0txlTx/
2LgdOQmiN03vBUCWf/6++TLgd0O5QdqPbExMnZD5JRcZkDxnnYTZQfgBLE6L3B5V
c8+4nPZjsdlZBJG4oxWJWDLJcU+jkAPnbHudIe27nztC8dZ9r2L4AkSrzJxexsXR
X/2sMY0G4muchrpZfob2o3+UwsB/PQzqZJYd/BP8PHl+7iCwprs3dHKQzC2HVOoW
rdI3eKJH3jrbP8Ua3whhjMd4JNCFLsh94mlweuDkl+Wr72AcnY9FcnpgrwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKPKUx5BIKJt/T+iPYin3hK7emaEMB8GA1UdIwQY
MBaAFF8foG1dutpD3kT05LHclJK7KHydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUt
MjU4NDZkNTlmZDYwLzEvbzhwVEhrRWdvbTM5UDZJOWlLZmVFcnQ2Wm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84NDdkMTctYmE3Yy00ZWFlLTlkNTUtMjU4NDZkNTlmZDYw
LzEvWHgtZ2JWMjYya1BlUlBUa3NkeVVrcnNvZkowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH6oYAwQE
suxAAwQCuRtgAwQAwSLKMA0EAgACMAcDBQAqAhYQMA0GCSqGSIb3DQEBCwUAA4IB
AQClWq24afRJPwIO3alhDPQzJ7iYyeCJNHLXVe4LSalUFJLw5gwxFDHv4e+L3lq2
DzIAK4jdvHxUCNR9MSXSJgAbHvVJcojtim6hzwaq5xtZsT6PDao+qTmmN+bvCWjn
IlERnWlGxE9suWquD51r57PzKTFYvi4Uq5dzPjpK0XgLwgeVSMt5LJ2Ao/x88w0T
r5AqqQVYB/4KLgABOEQRS3imVCQLd0wCUtv/xNU4elhJn6IWLferFvKf7S7ucXxF
2nIyN0ekBmUBmsoCYTD7iyJa6mf8rhHKRyeLUB+3oaXW6m21uDkZ3D6jMT8XWO1G
pHt/fSwlouUp0J0nRL8xC2qW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:15 2024 by rpki-client on console-fra.rpki-client.org