Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/81hG1gjp_9Gio0pbNhq2-2t4TLI.roa
File: 81hG1gjp_9Gio0pbNhq2-2t4TLI.roa (raw, json)
Hash identifier: R2hopMcr+Bb+Ph4Vo8tBGuY7EowN/q0pmia8ncM3sJQ=
Subject key identifier: F3:58:46:D6:08:E9:FF:D1:A2:A3:4A:5B:36:1A:B6:FB:6B:78:4C:B2
Certificate issuer: /CN=aed6ef17e6f95181890e54d000a2ac8ff2d2499b
Certificate serial: 01856CF833278106FE7ED59BD6CE95114616
Authority key identifier: AE:D6:EF:17:E6:F9:51:81:89:0E:54:D0:00:A2:AC:8F:F2:D2:49:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rtbvF-b5UYGJDlTQAKKsj_LSSZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/81hG1gjp_9Gio0pbNhq2-2t4TLI.roa
Signing time: Sun 01 Jan 2023 10:54:43 +0000
ROA not before: Sun 01 Jan 2023 10:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28792
IP address blocks: 195.46.60.0/22 maxlen: 24
80.82.240.0/20 maxlen: 24
195.85.245.0/24 maxlen: 24
185.58.176.0/22 maxlen: 24
2a01:248::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:33:27:81:06:fe:7e:d5:9b:d6:ce:95:11:46:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aed6ef17e6f95181890e54d000a2ac8ff2d2499b
Validity
Not Before: Jan 1 10:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f35846d608e9ffd1a2a34a5b361ab6fb6b784cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b1:57:7b:18:f2:b1:e6:11:6f:9d:79:a9:36:
dd:6b:ff:0a:f5:b7:a7:33:2e:f6:4e:ac:bb:e6:ba:
6a:a3:6f:a4:d9:69:8b:cf:4c:a3:a1:3a:10:b6:28:
e9:38:ad:44:cd:42:29:55:df:f5:e5:97:aa:60:fd:
6a:b5:f9:65:ac:ee:7c:81:51:8a:a5:87:27:4f:c6:
ba:0f:d5:30:84:36:e1:6a:2b:9c:de:5c:cd:f0:5a:
71:24:fe:5f:10:33:b2:44:f9:e8:43:38:7f:2c:a9:
b4:15:41:56:71:cb:86:2f:31:27:e6:26:1b:12:eb:
41:4e:4d:59:7c:a2:4e:2a:77:ca:47:d0:ca:3e:72:
f7:35:cf:f9:f0:b5:65:bf:e0:81:9f:2c:d4:d9:4f:
ed:41:67:d0:47:e8:00:48:9e:64:0b:c9:d1:51:f2:
01:a4:ae:7d:fb:16:83:5a:49:1a:9a:c4:b6:f3:8d:
25:eb:05:2d:92:3f:25:77:ab:69:26:df:10:21:69:
4a:a2:0c:6e:dd:b7:55:a5:14:ef:6a:4f:68:ec:96:
ae:9e:80:dc:af:7d:95:91:a0:33:fb:79:6d:7b:54:
aa:ad:15:d7:78:65:63:05:0b:c8:37:36:2b:a3:09:
79:88:d5:34:3c:07:0c:c2:4e:fd:4f:c0:2e:ab:70:
88:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:58:46:D6:08:E9:FF:D1:A2:A3:4A:5B:36:1A:B6:FB:6B:78:4C:B2
X509v3 Authority Key Identifier:
keyid:AE:D6:EF:17:E6:F9:51:81:89:0E:54:D0:00:A2:AC:8F:F2:D2:49:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rtbvF-b5UYGJDlTQAKKsj_LSSZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/81hG1gjp_9Gio0pbNhq2-2t4TLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/c7ea1f-aa27-4ac8-8ca7-0ae0f1accda4/1/rtbvF-b5UYGJDlTQAKKsj_LSSZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.240.0/20
185.58.176.0/22
195.46.60.0/22
195.85.245.0/24
IPv6:
2a01:248::/32
Signature Algorithm: sha256WithRSAEncryption
5d:48:18:3e:6d:7b:f0:e2:27:e6:e8:4d:08:57:6e:19:5f:4f:
88:4a:49:08:a8:9b:c8:dd:0a:8b:e8:90:ef:4e:fd:04:d7:83:
15:cf:66:f9:39:78:8b:52:f6:41:5a:a4:44:66:54:33:ab:4c:
1a:b7:bc:8e:9c:90:c4:ea:5b:8a:92:20:a3:94:90:b3:25:a5:
32:9a:0e:a9:e9:cc:1d:8c:42:6a:04:5a:5b:1a:58:33:fc:ea:
16:15:43:c5:6b:16:08:17:1d:d5:08:4b:b4:6d:9a:0a:0a:b4:
1a:73:a9:e4:b7:9e:3c:c3:18:66:4c:ed:2b:d5:4b:f4:4a:bb:
f6:6b:87:81:6f:62:dd:44:73:59:5c:6d:25:cd:25:8c:4f:33:
a7:c5:ac:e2:ab:7e:36:8f:44:19:69:d1:59:42:f6:fd:d4:7d:
41:c7:ca:1e:40:1e:c8:d0:ed:78:e7:49:b0:94:ff:45:66:93:
d0:f2:47:08:e2:3e:24:6a:98:e4:9c:82:b0:b2:fe:48:44:72:
4e:1f:1f:8e:2d:5e:78:1a:3e:5e:54:e3:de:a5:f2:6d:b8:3f:
92:89:ce:3c:09:c4:80:31:88:55:6d:ad:ae:e8:f7:23:d9:d6:
93:0b:46:25:5f:28:ec:5a:83:bc:ff:1c:27:51:7c:93:23:43:
2d:6d:3d:ea
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVs+DMngQb+ftWb1s6VEUYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZDZlZjE3ZTZmOTUxODE4OTBlNTRkMDAwYTJhYzhmZjJk
MjQ5OWIwHhcNMjMwMTAxMTA1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzU4NDZkNjA4ZTlmZmQxYTJhMzRhNWIzNjFhYjZmYjZiNzg0Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbFXexjyseYRb515qTbda/8K9ben
My72Tqy75rpqo2+k2WmLz0yjoToQtijpOK1EzUIpVd/15ZeqYP1qtfllrO58gVGK
pYcnT8a6D9UwhDbhaiuc3lzN8FpxJP5fEDOyRPnoQzh/LKm0FUFWccuGLzEn5iYb
EutBTk1ZfKJOKnfKR9DKPnL3Nc/58LVlv+CBnyzU2U/tQWfQR+gASJ5kC8nRUfIB
pK59+xaDWkkamsS2840l6wUtkj8ld6tpJt8QIWlKogxu3bdVpRTvak9o7JaunoDc
r32VkaAz+3lte1SqrRXXeGVjBQvINzYrowl5iNU0PAcMwk79T8Auq3CIJQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPNYRtYI6f/RoqNKWzYatvtreEyyMB8GA1UdIwQY
MBaAFK7W7xfm+VGBiQ5U0ACirI/y0kmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnRidkYtYjVVWUdKRGxUUUFLS3NqX0xTU1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9jN2VhMWYtYWEyNy00YWM4LThjYTct
MGFlMGYxYWNjZGE0LzEvODFoRzFnanBfOUdpbzBwYk5ocTItMnQ0VExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9jN2VhMWYtYWEyNy00YWM4LThjYTctMGFlMGYxYWNjZGE0
LzEvcnRidkYtYjVVWUdKRGxUUUFLS3NqX0xTU1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFLwAwQC
uTqwAwQCwy48AwQAw1X1MA0EAgACMAcDBQAqAQJIMA0GCSqGSIb3DQEBCwUAA4IB
AQBdSBg+bXvw4ifm6E0IV24ZX0+ISkkIqJvI3QqL6JDvTv0E14MVz2b5OXiLUvZB
WqREZlQzq0wat7yOnJDE6luKkiCjlJCzJaUymg6p6cwdjEJqBFpbGlgz/OoWFUPF
axYIFx3VCEu0bZoKCrQac6nkt548wxhmTO0r1Uv0Srv2a4eBb2LdRHNZXG0lzSWM
TzOnxaziq342j0QZadFZQvb91H1Bx8oeQB7I0O1450mwlP9FZpPQ8kcI4j4kapjk
nIKwsv5IRHJOHx+OLV54Gj5eVOPepfJtuD+Sic48CcSAMYhVba2u6Pcj2daTC0Yl
XyjsWoO8/xwnUXyTI0MtbT3q
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:25 2024 by rpki-client on console-ams.rpki-client.org