Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/D1Tdx-8bL88UIyMTbLiTTOLk8XQ.roa
File: D1Tdx-8bL88UIyMTbLiTTOLk8XQ.roa (raw, json)
Hash identifier: 38L4cjM8FyZpJBuvBikOLEjNyc1kY6KAKqgO1DxvmZk=
Subject key identifier: 0F:54:DD:C7:EF:1B:2F:CF:14:23:23:13:6C:B8:93:4C:E2:E4:F1:74
Certificate issuer: /CN=44cf3fa7074e7304b1f32e1664ad5f7157d65d62
Certificate serial: 01856D0AC15F8DA152E2479C79BA6991806D
Authority key identifier: 44:CF:3F:A7:07:4E:73:04:B1:F3:2E:16:64:AD:5F:71:57:D6:5D:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/D1Tdx-8bL88UIyMTbLiTTOLk8XQ.roa
Signing time: Sun 01 Jan 2023 11:14:59 +0000
ROA not before: Sun 01 Jan 2023 11:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21283
IP address blocks: 185.28.8.0/22 maxlen: 22
213.157.224.0/19 maxlen: 19
85.10.32.0/20 maxlen: 20
90.157.128.0/17 maxlen: 17
188.64.24.0/21 maxlen: 21
46.164.0.0/18 maxlen: 18
146.212.0.0/16 maxlen: 18
62.84.224.0/20 maxlen: 20
80.95.224.0/20 maxlen: 20
85.10.0.0/19 maxlen: 19
94.127.24.0/21 maxlen: 21
46.122.0.0/15 maxlen: 15
92.37.0.0/17 maxlen: 17
212.18.32.0/19 maxlen: 19
109.239.176.0/20 maxlen: 20
185.173.52.0/22 maxlen: 22
2a00:1a20::/29 maxlen: 32
2001:15c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c1:5f:8d:a1:52:e2:47:9c:79:ba:69:91:80:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44cf3fa7074e7304b1f32e1664ad5f7157d65d62
Validity
Not Before: Jan 1 11:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f54ddc7ef1b2fcf142323136cb8934ce2e4f174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:14:56:0c:45:f7:10:c8:92:73:2c:ef:77:ab:
9d:e9:25:1b:65:b5:fa:fd:4f:6e:1d:ed:86:6e:5f:
15:42:6c:8d:04:4f:7a:04:5b:0a:e3:70:12:78:8f:
87:f7:b1:50:ec:66:93:07:2b:53:2d:3d:59:88:ad:
1e:66:0b:42:ab:d0:a8:3a:a1:d0:9f:21:d1:2a:6d:
9f:00:e6:c6:9e:e4:c9:3d:23:c3:6c:c3:4c:1e:aa:
89:f1:f3:21:88:57:9c:c2:6a:94:fe:5b:ed:d0:fa:
c5:4a:a1:4f:d8:83:5e:de:77:0d:5a:b6:54:75:18:
31:50:2d:ad:52:09:f1:3d:ed:bc:f8:1b:f9:52:c0:
94:fb:c6:28:5a:b0:e2:8c:a9:7d:05:30:3d:8a:18:
d3:a2:d1:d2:6d:33:1f:fe:aa:a1:b9:cb:6f:14:08:
9c:bb:1b:be:71:14:08:42:c6:de:7c:35:ad:53:bb:
40:d7:3d:c5:d7:0c:34:b5:ac:1b:30:2e:79:75:e3:
4c:c4:5b:1f:2b:f9:64:b7:94:16:e7:44:31:ac:ca:
f6:61:3e:95:eb:26:e6:40:34:64:2f:e8:ce:24:f8:
33:a9:a6:e9:cf:8d:c4:4e:24:7a:76:b5:f4:8e:07:
31:17:33:85:05:6f:ff:f2:00:37:19:88:12:a1:9f:
33:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:54:DD:C7:EF:1B:2F:CF:14:23:23:13:6C:B8:93:4C:E2:E4:F1:74
X509v3 Authority Key Identifier:
keyid:44:CF:3F:A7:07:4E:73:04:B1:F3:2E:16:64:AD:5F:71:57:D6:5D:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM8_pwdOcwSx8y4WZK1fcVfWXWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/D1Tdx-8bL88UIyMTbLiTTOLk8XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/893149-dd25-4596-bad8-1de933d9f843/1/RM8_pwdOcwSx8y4WZK1fcVfWXWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.122.0.0/15
46.164.0.0/18
62.84.224.0/20
80.95.224.0/20
85.10.0.0-85.10.47.255
90.157.128.0/17
92.37.0.0/17
94.127.24.0/21
109.239.176.0/20
146.212.0.0/16
185.28.8.0/22
185.173.52.0/22
188.64.24.0/21
212.18.32.0/19
213.157.224.0/19
IPv6:
2001:15c0::/29
2a00:1a20::/29
Signature Algorithm: sha256WithRSAEncryption
90:b1:10:a1:70:59:2d:02:3e:ef:89:33:a8:09:b1:ba:0b:e0:
6d:35:5b:1f:fd:e1:f6:db:dd:8d:29:1c:17:de:16:93:b3:49:
cf:e7:52:26:4e:af:01:5c:39:04:99:d8:d9:6b:a9:08:a9:5e:
2c:8b:60:2e:c6:aa:eb:e7:a4:87:77:9a:18:1c:53:6a:26:db:
bd:81:32:a6:1f:40:af:e4:74:97:f0:fe:d8:e8:7f:df:75:49:
db:e1:ea:b6:77:b7:5b:57:9c:0c:af:ad:38:0b:26:d9:6b:e3:
7e:52:ea:18:cd:ff:85:5c:44:39:43:fe:af:16:72:60:49:c1:
29:79:6e:28:4b:f3:67:6b:90:24:6e:43:32:c0:f6:b4:da:14:
ab:fe:bd:38:18:eb:da:69:06:65:7b:5f:be:ad:ec:0f:5e:87:
84:84:63:93:fe:ea:f8:af:61:4c:2b:c7:fa:be:a0:c9:37:b8:
82:02:44:c3:e8:e0:25:cf:ef:83:f0:85:d1:8e:6c:2b:a1:96:
7f:90:1c:25:56:db:3e:9a:b6:57:28:b2:90:1a:e5:fe:b5:d4:
e0:a0:c4:99:6c:b2:fe:c6:51:9b:c7:9e:22:ca:f9:e0:21:4e:
34:01:35:f6:13:f1:0c:65:0c:1f:67:95:9a:9f:d4:56:c3:f6:
31:c1:d1:f2
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVtCsFfjaFS4kecebppkYBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Y2YzZmE3MDc0ZTczMDRiMWYzMmUxNjY0YWQ1ZjcxNTdk
NjVkNjIwHhcNMjMwMTAxMTExNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU0ZGRjN2VmMWIyZmNmMTQyMzIzMTM2Y2I4OTM0Y2UyZTRmMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRRWDEX3EMiScyzvd6ud6SUbZbX6
/U9uHe2Gbl8VQmyNBE96BFsK43ASeI+H97FQ7GaTBytTLT1ZiK0eZgtCq9CoOqHQ
nyHRKm2fAObGnuTJPSPDbMNMHqqJ8fMhiFecwmqU/lvt0PrFSqFP2INe3ncNWrZU
dRgxUC2tUgnxPe28+Bv5UsCU+8YoWrDijKl9BTA9ihjTotHSbTMf/qqhuctvFAic
uxu+cRQIQsbefDWtU7tA1z3F1ww0tawbMC55deNMxFsfK/lkt5QW50QxrMr2YT6V
6ybmQDRkL+jOJPgzqabpz43ETiR6drX0jgcxFzOFBW//8gA3GYgSoZ8ztQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFA9U3cfvGy/PFCMjE2y4k0zi5PF0MB8GA1UdIwQY
MBaAFETPP6cHTnMEsfMuFmStX3FX1l1iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk04X3B3ZE9jd1N4OHk0V1pLMWZjVmZXWFdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84OTMxNDktZGQyNS00NTk2LWJhZDgt
MWRlOTMzZDlmODQzLzEvRDFUZHgtOGJMODhVSXlNVGJMaVRUT0xrOFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84OTMxNDktZGQyNS00NTk2LWJhZDgtMWRlOTMzZDlmODQz
LzEvUk04X3B3ZE9jd1N4OHk0V1pLMWZjVmZXWFdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wZQQCAAEwXwMDAS56AwQG
LqQAAwQEPlTgAwQEUF/gMAsDAwFVCgMEBFUKIAMEB1qdgAMEB1wlAAMEA15/GAME
BG3vsAMDAJLUAwQCuRwIAwQCua00AwQDvEAYAwQF1BIgAwQF1Z3gMBQEAgACMA4D
BQMgARXAAwUDKgAaIDANBgkqhkiG9w0BAQsFAAOCAQEAkLEQoXBZLQI+74kzqAmx
ugvgbTVbH/3h9tvdjSkcF94Wk7NJz+dSJk6vAVw5BJnY2WupCKleLItgLsaq6+ek
h3eaGBxTaibbvYEyph9Ar+R0l/D+2Oh/33VJ2+Hqtne3W1ecDK+tOAsm2WvjflLq
GM3/hVxEOUP+rxZyYEnBKXluKEvzZ2uQJG5DMsD2tNoUq/69OBjr2mkGZXtfvq3s
D16HhIRjk/7q+K9hTCvH+r6gyTe4ggJEw+jgJc/vg/CF0Y5sK6GWf5AcJVbbPpq2
VyiykBrl/rXU4KDEmWyy/sZRm8eeIsr54CFONAE19hPxDGUMH2eVmp/UVsP2McHR
8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org