Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/bIEMEHay_Mtwj610y_QkMzrwuV0.roa
File: bIEMEHay_Mtwj610y_QkMzrwuV0.roa (raw, json)
Hash identifier: coet/R+WbEOH/yYctwwQfySd/pANemQw29Ludxg1b7I=
Subject key identifier: 6C:81:0C:10:76:B2:FC:CB:70:8F:AD:74:CB:F4:24:33:3A:F0:B9:5D
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018C83EBED4E2A5245930CE07265A05C3B70
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/bIEMEHay_Mtwj610y_QkMzrwuV0.roa
Signing time: Tue 19 Dec 2023 21:12:06 +0000
ROA not before: Tue 19 Dec 2023 21:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
109.248.41.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:83:eb:ed:4e:2a:52:45:93:0c:e0:72:65:a0:5c:3b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 19 21:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c810c1076b2fccb708fad74cbf424333af0b95d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ed:a6:d1:e6:dc:7e:5d:d0:0a:54:e0:5b:a3:
eb:d7:a7:7b:56:2e:31:88:f5:86:b9:b3:69:d7:3d:
83:9c:70:04:8d:c1:7f:39:51:91:fe:b2:b9:b0:05:
97:32:03:48:f3:b1:3e:fa:47:77:0f:fd:3c:4c:ee:
95:e2:02:f0:46:3e:34:52:64:fa:d9:90:07:0e:b1:
8b:5e:a5:db:3a:07:e8:ec:ae:38:2a:04:5b:51:5b:
70:76:1c:37:69:f8:9f:a8:51:94:57:f3:f5:30:80:
28:03:17:2b:b6:35:3c:6d:8c:e3:30:6f:99:5b:87:
4a:76:08:15:d7:12:60:17:79:29:93:8d:26:90:7c:
ad:68:a4:a9:4b:84:8f:32:5d:b1:84:33:c5:2b:24:
5e:6c:81:08:65:fc:47:54:cc:14:c3:7a:53:87:82:
46:5c:90:66:56:00:a1:4c:7c:22:79:54:bf:e8:36:
a1:6e:eb:92:93:c9:9a:9c:63:cc:84:1d:80:bf:e1:
75:3a:aa:6a:36:1d:d7:c1:d2:be:54:54:3d:39:1f:
3c:4d:69:ee:b3:f4:51:4b:a1:03:94:2d:5e:f0:42:
c6:df:1c:34:db:86:ce:31:6e:9f:fc:b2:1e:54:c5:
2f:90:7a:19:40:64:e5:8a:24:67:83:18:b6:c2:d1:
3f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:81:0C:10:76:B2:FC:CB:70:8F:AD:74:CB:F4:24:33:3A:F0:B9:5D
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/bIEMEHay_Mtwj610y_QkMzrwuV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.41.0/24
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
92:ce:47:61:56:62:7c:7c:29:3b:ff:e6:f1:0b:26:56:5e:04:
60:a9:d6:82:8f:62:23:49:3f:77:ae:9a:c1:f7:6b:a4:19:bf:
ed:0b:3e:a2:a7:c4:6b:f1:c8:52:78:46:a3:ca:d0:18:7e:90:
b1:31:f9:47:46:fe:42:a5:fe:4c:d7:d1:a0:6f:8b:06:f4:98:
aa:b2:ae:42:c6:8b:9d:c0:95:2c:03:be:10:d9:b9:87:f3:7e:
f4:1c:ef:ee:46:4b:04:64:45:67:4b:bf:bf:38:b1:92:fc:54:
79:b7:47:27:09:81:29:64:b0:c5:26:00:f0:b3:a6:d7:40:78:
64:8e:a0:21:62:5a:11:d5:32:89:2f:96:8c:ae:df:2e:5f:b2:
fc:53:94:ca:cd:c2:bb:38:ae:6a:6e:6f:90:a7:23:9f:4c:b5:
e8:5b:df:37:1f:73:03:7b:88:51:1f:0e:89:66:ee:74:3a:0c:
6f:3f:ac:1b:1f:0b:ef:db:22:22:81:2b:dd:d0:53:8e:d3:04:
51:6a:62:eb:3c:b9:13:ab:53:23:a2:3c:5d:34:cc:7c:1c:6a:
dc:1f:b6:40:13:99:d9:35:08:00:38:d2:8e:a8:0e:16:95:06:
e9:01:a8:cb:be:7c:46:d4:92:ea:ce:5e:61:e7:95:42:2c:3b:
32:b6:4a:d0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYyD6+1OKlJFkwzgcmWgXDtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMxMjE5MjExMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgxMGMxMDc2YjJmY2NiNzA4ZmFkNzRjYmY0MjQzMzNhZjBiOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAze2m0ebcfl3QClTgW6Pr16d7Vi4x
iPWGubNp1z2DnHAEjcF/OVGR/rK5sAWXMgNI87E++kd3D/08TO6V4gLwRj40UmT6
2ZAHDrGLXqXbOgfo7K44KgRbUVtwdhw3afifqFGUV/P1MIAoAxcrtjU8bYzjMG+Z
W4dKdggV1xJgF3kpk40mkHytaKSpS4SPMl2xhDPFKyRebIEIZfxHVMwUw3pTh4JG
XJBmVgChTHwieVS/6DahbuuSk8manGPMhB2Av+F1OqpqNh3XwdK+VFQ9OR88TWnu
s/RRS6EDlC1e8ELG3xw024bOMW6f/LIeVMUvkHoZQGTliiRngxi2wtE/RwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGyBDBB2svzLcI+tdMv0JDM68LldMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvYklFTUVIYXlfTXR3ajYxMHlfUWtNenJ3dVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAbfgpAwQA
vIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCSzkdh
VmJ8fCk7/+bxCyZWXgRgqdaCj2IjST93rprB92ukGb/tCz6ip8Rr8chSeEajytAY
fpCxMflHRv5Cpf5M19Ggb4sG9Jiqsq5CxoudwJUsA74Q2bmH8370HO/uRksEZEVn
S7+/OLGS/FR5t0cnCYEpZLDFJgDws6bXQHhkjqAhYloR1TKJL5aMrt8uX7L8U5TK
zcK7OK5qbm+QpyOfTLXoW983H3MDe4hRHw6JZu50OgxvP6wbHwvv2yIigSvd0FOO
0wRRamLrPLkTq1MjojxdNMx8HGrcH7ZAE5nZNQgAONKOqA4WlQbpAajLvnxG1JLq
zl5h55VCLDsytkrQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:58 2024 by rpki-client on console-ams.rpki-client.org