Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/M_DYd_iOr_iDnmpIEsL0By4NLnA.roa
File: M_DYd_iOr_iDnmpIEsL0By4NLnA.roa (raw, json)
Hash identifier: 7/U3pCSgNWt3XIlS8ZIYVLx/bj21BajAZ5XdpuHIi6c=
Subject key identifier: 33:F0:D8:77:F8:8E:AF:F8:83:9E:6A:48:12:C2:F4:07:2E:0D:2E:70
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018D6FB9602C7FBD15893CD016AA5C017AF3
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/M_DYd_iOr_iDnmpIEsL0By4NLnA.roa
Signing time: Sat 03 Feb 2024 16:07:16 +0000
ROA not before: Sat 03 Feb 2024 16:07:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 86.38.128.0/24 maxlen: 24
86.38.129.0/24 maxlen: 24
86.38.130.0/24 maxlen: 24
86.38.158.0/24 maxlen: 24
86.38.159.0/24 maxlen: 24
86.38.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 11:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6f:b9:60:2c:7f:bd:15:89:3c:d0:16:aa:5c:01:7a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Feb 3 16:07:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33f0d877f88eaff8839e6a4812c2f4072e0d2e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c0:7c:b4:16:1e:95:3f:9f:12:fb:6c:a3:00:
d7:43:83:a4:32:47:f9:de:2a:72:0c:fb:c8:03:1f:
3e:99:e4:c9:d1:71:75:9f:ef:82:1e:f5:00:d5:a8:
bb:01:22:e6:a1:23:77:e2:64:67:1b:9d:19:8b:b3:
19:aa:08:a1:e4:c9:a5:f6:a6:11:8f:af:e6:63:3f:
a6:2c:18:e0:a7:f4:ca:5b:53:03:a9:d6:5c:f8:60:
c0:4a:a4:a1:7c:b4:e5:77:49:9e:2e:eb:db:93:d4:
60:37:8c:01:f8:bf:0d:28:36:5c:1c:ed:4b:57:56:
7c:2d:8b:02:4c:59:be:98:97:0a:4f:44:d8:e6:77:
a0:46:69:07:55:a7:e1:07:1e:b5:30:af:b3:79:97:
1f:6a:76:e3:1e:b1:b7:e3:ff:a8:04:90:39:0d:9a:
d3:08:a1:14:78:53:92:e0:2d:9e:4a:65:ca:4b:f7:
b4:b5:48:bd:ad:98:e9:66:d1:14:f7:09:72:19:39:
33:68:cb:46:ba:62:83:a5:bb:29:85:c6:37:f0:9d:
3c:56:8f:09:de:78:73:4c:34:eb:b7:97:b8:b0:d6:
5e:87:80:43:36:11:dd:04:dc:25:0e:58:7e:95:ed:
24:8b:5b:9e:7d:75:44:b6:05:e3:c4:ab:dc:4a:99:
ab:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:F0:D8:77:F8:8E:AF:F8:83:9E:6A:48:12:C2:F4:07:2E:0D:2E:70
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/M_DYd_iOr_iDnmpIEsL0By4NLnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.128.0-86.38.130.255
86.38.158.0-86.38.160.255
Signature Algorithm: sha256WithRSAEncryption
0c:b1:05:75:5a:58:22:cb:f0:49:90:06:18:fb:29:ef:c0:22:
ff:75:50:a1:b3:9c:49:0c:58:ec:dc:26:9b:32:91:c6:8b:d5:
e1:ca:9f:d4:f7:01:7c:59:00:d4:b8:e9:49:5e:ed:90:96:c9:
76:7b:8a:21:b0:00:a6:2c:01:1d:ba:e3:9c:ec:fc:ac:fd:01:
40:06:c9:b7:7a:a9:6f:86:60:2b:a3:f0:e0:14:90:9e:bb:45:
3f:45:96:ca:6d:ba:70:d8:99:0f:6f:88:d1:4f:c3:ef:47:e1:
90:62:e4:4e:2d:8f:2c:13:aa:c0:72:4b:18:0b:b2:fa:cc:81:
f5:5a:5a:72:4f:cf:c4:a0:78:96:8a:7f:8d:f4:9f:5b:b9:74:
49:b9:82:cb:15:66:57:3b:f2:c7:96:4f:cb:81:08:89:8b:00:
87:72:a1:ca:bb:08:d1:3f:48:8d:82:09:16:4f:7b:00:14:ee:
b0:c7:39:18:59:9d:90:21:8e:8a:68:e6:de:96:7b:27:6a:54:
b6:5d:f2:43:c6:46:16:b7:f0:dd:a5:d4:0f:52:84:31:23:67:
d1:b9:2c:0e:66:26:35:cb:16:39:56:f2:c1:be:0c:68:88:cd:
ef:39:8d:67:ea:26:9b:79:7d:b9:b6:43:42:2d:c9:07:99:bb:
62:e2:f5:31
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY1vuWAsf70ViTzQFqpcAXrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMjAzMTYwNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2YwZDg3N2Y4OGVhZmY4ODM5ZTZhNDgxMmMyZjQwNzJlMGQyZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssB8tBYelT+fEvtsowDXQ4OkMkf5
3ipyDPvIAx8+meTJ0XF1n++CHvUA1ai7ASLmoSN34mRnG50Zi7MZqgih5Mml9qYR
j6/mYz+mLBjgp/TKW1MDqdZc+GDASqShfLTld0meLuvbk9RgN4wB+L8NKDZcHO1L
V1Z8LYsCTFm+mJcKT0TY5negRmkHVafhBx61MK+zeZcfanbjHrG34/+oBJA5DZrT
CKEUeFOS4C2eSmXKS/e0tUi9rZjpZtEU9wlyGTkzaMtGumKDpbsphcY38J08Vo8J
3nhzTDTrt5e4sNZeh4BDNhHdBNwlDlh+le0ki1uefXVEtgXjxKvcSpmrxQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDPw2Hf4jq/4g55qSBLC9AcuDS5wMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvTV9EWWRfaU9yX2lEbm1wSUVzTDBCeTROTG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAdWJoAD
BABWJoIwDAMEAVYmngMEAFYmoDANBgkqhkiG9w0BAQsFAAOCAQEADLEFdVpYIsvw
SZAGGPsp78Ai/3VQobOcSQxY7NwmmzKRxovV4cqf1PcBfFkA1LjpSV7tkJbJdnuK
IbAApiwBHbrjnOz8rP0BQAbJt3qpb4ZgK6Pw4BSQnrtFP0WWym26cNiZD2+I0U/D
70fhkGLkTi2PLBOqwHJLGAuy+syB9Vpack/PxKB4lop/jfSfW7l0SbmCyxVmVzvy
x5ZPy4EIiYsAh3KhyrsI0T9IjYIJFk97ABTusMc5GFmdkCGOimjm3pZ7J2pUtl3y
Q8ZGFrfw3aXUD1KEMSNn0bksDmYmNcsWOVbywb4MaIjN7zmNZ+omm3l9ubZDQi3J
B5m7YuL1MQ==
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:05:12 2024 by rpki-client on console-ams.rpki-client.org