Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/r8S3JyjE-VjBG0v1blirBK7oQ5c.roa
File: r8S3JyjE-VjBG0v1blirBK7oQ5c.roa (raw, json)
Hash identifier: m2SPyH93roa0EbtOWj8FFlonM+20kPTxiPRzMz39/LY=
Subject key identifier: AF:C4:B7:27:28:C4:F9:58:C1:1B:4B:F5:6E:58:AB:04:AE:E8:43:97
Certificate issuer: /CN=26a98b6125f5243e3ed835015967cddb97148df1
Certificate serial: 0185729ED2A0A5D92FB69CA2029D00160300
Authority key identifier: 26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/r8S3JyjE-VjBG0v1blirBK7oQ5c.roa
Signing time: Mon 02 Jan 2023 13:14:49 +0000
ROA not before: Mon 02 Jan 2023 13:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59595
IP address blocks: 81.161.16.0/22 maxlen: 22
81.161.20.0/23 maxlen: 23
81.161.24.0/24 maxlen: 24
81.161.22.0/23 maxlen: 23
81.161.30.0/23 maxlen: 23
81.161.25.0/24 maxlen: 24
81.161.28.0/23 maxlen: 23
81.161.26.0/23 maxlen: 23
91.227.210.0/23 maxlen: 23
91.227.210.0/24 maxlen: 24
91.227.211.0/24 maxlen: 24
91.227.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:d2:a0:a5:d9:2f:b6:9c:a2:02:9d:00:16:03:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a98b6125f5243e3ed835015967cddb97148df1
Validity
Not Before: Jan 2 13:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afc4b72728c4f958c11b4bf56e58ab04aee84397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:69:d1:98:d4:a8:f7:fb:a2:92:f5:05:6c:a6:
1b:e0:88:9e:79:bc:7c:78:5e:b6:cc:7c:7c:96:10:
f9:bb:d5:e4:d5:45:41:16:75:e0:c6:b9:2b:bb:6b:
01:f4:70:54:a8:9d:d3:32:75:62:35:70:81:42:62:
5c:a9:ae:58:3c:c2:32:92:60:7a:0c:f9:a0:86:0b:
3b:85:d4:9a:bd:e5:e5:9b:34:fa:f9:59:81:64:d0:
56:6c:76:80:d1:47:92:6e:86:77:cd:ee:08:78:3c:
41:df:14:a9:29:8c:be:25:07:d1:70:96:66:a6:98:
dd:52:e5:a5:c4:57:a4:8f:9a:05:3f:b8:5e:c0:f1:
7d:f5:14:38:4b:81:57:b4:b2:6b:db:53:26:19:3a:
fc:5e:fd:38:b8:52:7a:07:82:b0:3e:2c:88:fa:c0:
c1:54:04:0e:be:ea:b0:52:f6:b3:95:3a:d7:f6:58:
45:c3:35:8b:9d:5b:b4:8f:ae:d3:52:8a:f1:63:76:
23:57:75:75:25:08:72:01:91:bd:9d:8b:4d:13:6b:
20:5e:77:57:14:86:a2:a2:f9:f3:f3:bb:25:cc:98:
eb:dd:10:62:46:44:39:bb:13:12:24:67:b1:32:29:
0e:fb:47:80:3f:d2:9a:c3:38:5d:40:e5:d8:57:88:
31:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C4:B7:27:28:C4:F9:58:C1:1B:4B:F5:6E:58:AB:04:AE:E8:43:97
X509v3 Authority Key Identifier:
keyid:26:A9:8B:61:25:F5:24:3E:3E:D8:35:01:59:67:CD:DB:97:14:8D:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqmLYSX1JD4-2DUBWWfN25cUjfE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/r8S3JyjE-VjBG0v1blirBK7oQ5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bdbfb0-f914-40d3-b2e2-b913e596707e/1/JqmLYSX1JD4-2DUBWWfN25cUjfE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.16.0/20
91.227.210.0/23
91.227.228.0/24
Signature Algorithm: sha256WithRSAEncryption
30:48:f9:95:b3:ef:76:ce:e6:84:32:4e:4d:5c:b1:4c:de:01:
29:ba:4a:d2:cf:af:25:41:fb:24:52:c3:ed:2d:d1:ef:b5:df:
36:04:2a:55:03:1d:b8:cb:e6:52:dd:1a:d4:8d:3a:83:6a:79:
11:5f:e0:cd:27:51:0e:eb:c3:e9:93:38:29:47:68:0f:32:c2:
61:cb:73:8b:7b:d5:96:61:b9:40:05:e1:5f:7b:d0:db:76:49:
13:05:53:cd:72:f0:af:08:50:e6:34:f5:0b:7d:24:27:6c:83:
bc:c8:c0:ed:23:d1:29:9d:c5:61:18:f2:3a:ee:b6:cb:a3:34:
60:b0:69:88:d1:6e:ae:5c:ad:50:94:d6:64:cf:b7:d4:de:f1:
e1:c9:3c:fd:ac:15:3a:7c:b4:75:f6:27:ba:9f:d7:01:8d:9b:
fc:8f:2a:de:4e:81:58:3c:e4:0f:1e:ce:2b:04:64:75:88:54:
4d:c8:82:40:51:51:b4:d9:63:14:81:1c:2b:02:ff:02:82:8d:
c6:a4:cc:4c:42:31:29:b7:5b:ea:6d:a7:63:cb:78:10:85:0a:
55:c0:89:d4:f1:32:1e:8b:de:2e:f2:41:c1:59:b6:13:15:f4:
6e:fb:07:3b:57:f0:11:88:51:5d:a7:03:2f:58:46:e8:4a:b8:
ad:cd:e0:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVyntKgpdkvtpyiAp0AFgMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTk4YjYxMjVmNTI0M2UzZWQ4MzUwMTU5NjdjZGRiOTcx
NDhkZjEwHhcNMjMwMTAyMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmM0YjcyNzI4YzRmOTU4YzExYjRiZjU2ZTU4YWIwNGFlZTg0Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62nRmNSo9/uikvUFbKYb4Iieebx8
eF62zHx8lhD5u9Xk1UVBFnXgxrkru2sB9HBUqJ3TMnViNXCBQmJcqa5YPMIykmB6
DPmghgs7hdSaveXlmzT6+VmBZNBWbHaA0UeSboZ3ze4IeDxB3xSpKYy+JQfRcJZm
ppjdUuWlxFekj5oFP7hewPF99RQ4S4FXtLJr21MmGTr8Xv04uFJ6B4KwPiyI+sDB
VAQOvuqwUvazlTrX9lhFwzWLnVu0j67TUorxY3YjV3V1JQhyAZG9nYtNE2sgXndX
FIaiovnz87slzJjr3RBiRkQ5uxMSJGexMikO+0eAP9KawzhdQOXYV4gxkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK/EtycoxPlYwRtL9W5YqwSu6EOXMB8GA1UdIwQY
MBaAFCapi2El9SQ+Ptg1AVlnzduXFI3xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFtTFlTWDFKRDQtMkRVQldXZk4yNWNVamZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZGJmYjAtZjkxNC00MGQzLWIyZTIt
YjkxM2U1OTY3MDdlLzEvcjhTM0p5akUtVmpCRzB2MWJsaXJCSzdvUTVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZGJmYjAtZjkxNC00MGQzLWIyZTItYjkxM2U1OTY3MDdl
LzEvSnFtTFlTWDFKRDQtMkRVQldXZk4yNWNVamZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUaEQAwQB
W+PSAwQAW+PkMA0GCSqGSIb3DQEBCwUAA4IBAQAwSPmVs+92zuaEMk5NXLFM3gEp
ukrSz68lQfskUsPtLdHvtd82BCpVAx24y+ZS3RrUjTqDankRX+DNJ1EO68Ppkzgp
R2gPMsJhy3OLe9WWYblABeFfe9DbdkkTBVPNcvCvCFDmNPULfSQnbIO8yMDtI9Ep
ncVhGPI67rbLozRgsGmI0W6uXK1QlNZkz7fU3vHhyTz9rBU6fLR19ie6n9cBjZv8
jyreToFYPOQPHs4rBGR1iFRNyIJAUVG02WMUgRwrAv8Cgo3GpMxMQjEpt1vqbadj
y3gQhQpVwInU8TIei94u8kHBWbYTFfRu+wc7V/ARiFFdpwMvWEboSritzeBB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:42 2024 by rpki-client on console-fra.rpki-client.org