Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/1-kiUUdY1W2uhiZ3l0KNpjE38wK8.roa
File: 1-kiUUdY1W2uhiZ3l0KNpjE38wK8.roa (raw, json)
Hash identifier: ctAZF7/2Q73x5kVIYxw3edZddRWyWIBXW62TNPZtj8o=
Subject key identifier: FA:48:94:51:D6:35:5B:6B:A1:89:9D:E5:D0:A3:69:8C:4D:FC:C0:AF
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 0192AEF88AF9D0C7898CC9F85E19B44B94ED
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/1-kiUUdY1W2uhiZ3l0KNpjE38wK8.roa
Signing time: Mon 21 Oct 2024 12:06:16 +0000
ROA not before: Mon 21 Oct 2024 12:06:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 176.98.220.0/22 maxlen: 24
185.145.224.0/22 maxlen: 24
185.155.64.0/22 maxlen: 24
185.173.44.0/22 maxlen: 24
185.187.180.0/22 maxlen: 24
185.224.76.0/22 maxlen: 24
193.34.240.0/22 maxlen: 24
195.5.64.0/19 maxlen: 19
195.5.64.0/24 maxlen: 24
195.5.65.0/24 maxlen: 24
195.5.66.0/24 maxlen: 24
195.5.67.0/24 maxlen: 24
2a0d:59c1::/32 maxlen: 32
2a0d:59c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 21 Oct 2024 12:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:f8:8a:f9:d0:c7:89:8c:c9:f8:5e:19:b4:4b:94:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 21 12:06:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa489451d6355b6ba1899de5d0a3698c4dfcc0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d5:1f:39:7c:b3:b2:d6:c5:75:62:0f:3a:66:
4d:77:54:15:02:1a:b5:cb:c4:eb:50:69:0b:cf:56:
c9:38:e3:8c:bd:2c:79:66:43:93:f6:07:10:c8:15:
20:32:ea:b3:ea:97:35:f1:44:af:4a:21:c6:16:64:
25:71:9c:e7:42:ec:6f:5a:76:fe:31:0f:94:13:d1:
75:a7:51:1f:a1:57:0e:d7:77:b2:7f:86:e7:24:61:
2b:2a:dc:6c:a8:a8:6e:95:3c:e2:78:9b:09:32:a8:
e7:7c:ee:ab:fb:5e:1f:e3:77:c2:5b:0e:03:80:f7:
6b:fd:67:37:fc:59:b8:db:3e:dc:fb:81:1e:a9:f3:
02:8a:15:7f:10:b7:71:d9:6c:c4:c7:81:24:48:f4:
2d:ef:74:5a:64:8c:eb:d5:3b:ab:91:7e:91:9c:32:
c0:77:55:46:65:0c:07:fb:5e:a4:12:ec:60:04:2c:
26:5c:fa:4b:cc:8e:9f:35:16:95:ac:e8:51:70:78:
33:ae:a0:ae:3c:96:93:3b:f1:62:45:71:61:f4:44:
b3:a8:b5:ed:1c:e5:b3:6c:0b:59:0d:aa:50:08:bc:
d7:bb:1b:c7:9e:80:45:6b:a0:69:01:17:0f:2b:75:
52:8b:32:74:78:df:f7:da:09:86:35:a3:46:78:c1:
6d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:48:94:51:D6:35:5B:6B:A1:89:9D:E5:D0:A3:69:8C:4D:FC:C0:AF
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/1-kiUUdY1W2uhiZ3l0KNpjE38wK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.220.0/22
185.145.224.0/22
185.155.64.0/22
185.173.44.0/22
185.187.180.0/22
185.224.76.0/22
193.34.240.0/22
195.5.64.0/19
IPv6:
2a0d:59c1::/32
2a0d:59c7::/32
Signature Algorithm: sha256WithRSAEncryption
bd:d6:7f:be:fc:a0:a7:01:35:8f:a3:eb:29:47:fc:bb:ef:4a:
10:bf:60:a7:bc:e6:6e:a9:8d:12:a6:0a:03:b2:15:73:08:a9:
c9:c6:f0:3a:bf:a3:0c:d3:1c:cc:f0:74:52:16:e3:87:64:76:
df:22:df:47:04:7e:f0:3b:80:50:b1:e9:84:8b:c2:dc:fe:9d:
7f:67:a7:66:f2:4b:4d:7a:52:78:5d:b8:a4:bc:c2:d4:ed:fd:
c9:5d:dd:91:de:85:51:6f:8b:08:16:6f:f7:6a:0e:11:a7:35:
94:93:9e:53:dd:38:ad:a9:a1:11:73:df:7f:eb:25:19:90:e7:
a7:63:43:98:73:16:52:58:bf:8c:42:0a:41:f8:d9:ee:c7:da:
14:eb:ba:34:64:da:78:9a:ae:0c:0e:89:b9:87:ec:12:96:11:
30:48:6a:b9:23:d2:05:4d:af:4f:46:bc:b5:ba:ba:c6:ac:89:
c9:83:0a:59:be:7d:5c:70:f5:1d:ac:bc:68:d8:bc:25:c8:7f:
f6:08:dd:d8:b8:fc:ef:79:c1:68:46:ec:0c:c3:c0:bb:70:51:
b4:ba:85:18:37:f2:5c:e9:04:c7:4b:10:71:39:c9:4b:a9:e2:
b7:f3:e3:8d:a4:27:5c:71:d0:6c:33:e0:92:8f:ae:03:99:e0:
b2:98:12:75
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZKu+Ir50MeJjMn4Xhm0S5TtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDIxMTIwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ4OTQ1MWQ2MzU1YjZiYTE4OTlkZTVkMGEzNjk4YzRkZmNjMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNUfOXyzstbFdWIPOmZNd1QVAhq1
y8TrUGkLz1bJOOOMvSx5ZkOT9gcQyBUgMuqz6pc18USvSiHGFmQlcZznQuxvWnb+
MQ+UE9F1p1EfoVcO13eyf4bnJGErKtxsqKhulTzieJsJMqjnfO6r+14f43fCWw4D
gPdr/Wc3/Fm42z7c+4EeqfMCihV/ELdx2WzEx4EkSPQt73RaZIzr1TurkX6RnDLA
d1VGZQwH+16kEuxgBCwmXPpLzI6fNRaVrOhRcHgzrqCuPJaTO/FiRXFh9ESzqLXt
HOWzbAtZDapQCLzXuxvHnoBFa6BpARcPK3VSizJ0eN/32gmGNaNGeMFtTQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPpIlFHWNVtroYmd5dCjaYxN/MCvMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvMS1raVVVZFkxVzJ1aGlaM2wwS05wakUzOHdLOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvMDkxN2E3LTllYmQtNDViOS05ZGUyLTI3NDczY2E2MTJk
ZS8xL3VSU1dIMmZ5TEdIb1NtYklyWndhak9VZENacy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBfBggrBgEFBQcBBwEB/wRQME4wNgQCAAEwMAMEArBi3AME
ArmR4AMEArmbQAMEArmtLAMEArm7tAMEArngTAMEAsEi8AMEBcMFQDAUBAIAAjAO
AwUAKg1ZwQMFACoNWccwDQYJKoZIhvcNAQELBQADggEBAL3Wf778oKcBNY+j6ylH
/LvvShC/YKe85m6pjRKmCgOyFXMIqcnG8Dq/owzTHMzwdFIW44dkdt8i30cEfvA7
gFCx6YSLwtz+nX9np2byS016UnhduKS8wtTt/cld3ZHehVFviwgWb/dqDhGnNZST
nlPdOK2poRFz33/rJRmQ56djQ5hzFlJYv4xCCkH42e7H2hTrujRk2niargwOibmH
7BKWETBIarkj0gVNr09GvLW6usasicmDClm+fVxw9R2svGjYvCXIf/YI3di4/O95
wWhG7AzDwLtwUbS6hRg38lzpBMdLEHE5yUup4rfz442kJ1xx0Gwz4JKPrgOZ4LKY
EnU=
-----END CERTIFICATE-----
Generated at Mon Oct 21 15:40:34 2024 by rpki-client on console-fra.rpki-client.org