Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1-9KnnXD84e6zEW8jNNUaRPIdVPg.roa
File: 1-9KnnXD84e6zEW8jNNUaRPIdVPg.roa (raw, json)
Hash identifier: T0ODQOc7Hk5j3rDg53xuhLSCu4ON0sB+nlqnRHsq6aA=
Subject key identifier: FB:D2:A7:9D:70:FC:E1:EE:B3:11:6F:23:34:D5:1A:44:F2:1D:54:F8
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0185720352121AFD259DC5B7F4D97D319A44
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1-9KnnXD84e6zEW8jNNUaRPIdVPg.roa
Signing time: Mon 02 Jan 2023 10:24:58 +0000
ROA not before: Mon 02 Jan 2023 10:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31246
IP address blocks: 95.82.128.0/18 maxlen: 18
83.240.0.0/17 maxlen: 17
46.39.160.0/19 maxlen: 19
213.155.224.0/19 maxlen: 19
185.51.240.0/22 maxlen: 22
2a01:4240::/32 maxlen: 32
2a0a:cac0::/29 maxlen: 29
2001:4cc8::/31 maxlen: 31
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:52:12:1a:fd:25:9d:c5:b7:f4:d9:7d:31:9a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 2 10:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbd2a79d70fce1eeb3116f2334d51a44f21d54f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b7:3b:af:5c:67:5a:27:d4:3e:95:56:ec:a8:
b6:a6:ca:49:ad:0a:f9:2c:8a:fc:4c:f5:6c:54:1b:
9d:54:59:d3:7c:69:07:a8:70:b2:3c:0a:4b:49:b8:
f0:e4:22:d8:13:6d:64:42:8f:d5:25:2f:2a:f4:f4:
f0:a8:e5:fe:20:50:2a:30:54:e5:34:74:ef:83:e3:
3c:d5:b6:aa:ea:0a:0d:98:95:ee:90:e0:fa:94:84:
70:66:1c:95:7d:41:c0:29:b2:3b:81:5d:4c:f0:8d:
5a:12:b6:b3:e9:7a:8c:66:5e:59:99:81:dd:0a:84:
fb:97:e6:d8:7b:c0:2a:5c:6a:9c:79:52:1f:20:c2:
1d:7c:ae:6d:b4:de:27:d1:db:12:49:a3:07:d1:e8:
ef:4a:1a:52:07:81:51:4d:3b:86:c8:4a:f7:ec:3f:
3f:74:e8:43:b6:49:79:5a:4a:c3:3a:bd:1b:fd:27:
51:54:eb:a1:a5:6a:e9:dd:d4:06:5f:96:dd:6c:58:
56:ac:9c:95:a4:6f:7b:74:ff:de:ed:fb:21:07:28:
4d:a3:b4:c6:36:fa:d2:bc:55:84:97:c1:76:3e:a7:
40:72:c6:7e:a2:5f:9f:12:0c:86:4e:b2:52:19:00:
73:e7:49:3d:3f:a2:a4:7c:26:05:fc:5c:cd:3f:50:
0b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:D2:A7:9D:70:FC:E1:EE:B3:11:6F:23:34:D5:1A:44:F2:1D:54:F8
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1-9KnnXD84e6zEW8jNNUaRPIdVPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.39.160.0/19
83.240.0.0/17
95.82.128.0/18
185.51.240.0/22
213.155.224.0/19
IPv6:
2001:4cc8::/31
2a01:4240::/32
2a0a:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
09:2d:7f:2e:2d:5e:ab:ab:70:70:82:89:8e:b9:3c:1e:a2:57:
87:e7:8c:72:00:a0:1e:c6:21:34:66:f5:6e:2d:fe:96:0a:e0:
cc:dc:01:c1:ec:e2:a3:68:e3:99:e7:a0:db:dc:81:59:7d:0d:
bc:c1:4f:d9:08:56:42:1e:3d:b4:61:58:42:c6:ce:4c:20:d3:
ad:1b:39:69:6b:dc:33:2c:8b:d4:06:34:35:74:53:4e:a2:08:
3c:31:cc:63:a1:c1:78:ec:97:c2:30:da:78:cc:59:ed:44:1f:
29:16:cf:93:ec:2f:a9:bc:b8:2a:2c:9a:9e:14:9c:98:0a:8a:
65:45:91:bf:a2:05:45:2d:ce:68:4c:07:3b:85:88:c4:e5:d6:
cd:47:12:e5:03:4b:9d:f7:16:1f:81:5b:96:d1:07:19:4d:74:
83:43:72:55:e5:6c:83:b7:b6:18:82:ec:bd:36:de:b1:6c:e1:
1e:ed:a9:2b:72:f2:9f:e9:f4:ef:b6:d7:d8:9c:b3:a2:08:4d:
12:8d:04:25:91:87:85:ca:20:b2:18:2d:03:a9:7c:6a:89:1b:
f5:ef:2e:ae:91:25:11:ce:4f:be:e4:72:ef:3e:ce:53:05:14:
8b:a2:cf:49:37:26:22:b7:70:4a:41:ea:b8:d6:b5:86:0c:3b:
dd:c2:51:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVyA1ISGv0lncW39Nl9MZpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmYwZmVjZDdiZjQ0MTQ4OTMxNzg4ZGZlN2YyMGQ2N2E2
N2EwZGIwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmQyYTc5ZDcwZmNlMWVlYjMxMTZmMjMzNGQ1MWE0NGYyMWQ1NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7c7r1xnWifUPpVW7Ki2pspJrQr5
LIr8TPVsVBudVFnTfGkHqHCyPApLSbjw5CLYE21kQo/VJS8q9PTwqOX+IFAqMFTl
NHTvg+M81baq6goNmJXukOD6lIRwZhyVfUHAKbI7gV1M8I1aEraz6XqMZl5ZmYHd
CoT7l+bYe8AqXGqceVIfIMIdfK5ttN4n0dsSSaMH0ejvShpSB4FRTTuGyEr37D8/
dOhDtkl5WkrDOr0b/SdRVOuhpWrp3dQGX5bdbFhWrJyVpG97dP/e7fshByhNo7TG
NvrSvFWEl8F2PqdAcsZ+ol+fEgyGTrJSGQBz50k9P6KkfCYF/FzNP1ALpwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFPvSp51w/OHusxFvIzTVGkTyHVT4MB8GA1UdIwQY
MBaAFNT/D+zXv0QUiTF4jf5/INZ6Z6DbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA4UDdOZV9SQlNKTVhpTl9uOGcxbnBub05zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYzBjNjUtOWY4Mi00NDUwLTkxNjUt
ZjBjMjFmODE4NmYwLzEvMS05S25uWEQ4NGU2ekVXOGpOTlVhUlBJZFZQZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmIvMGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZm
MC8xLzFQOFA3TmVfUkJTSk1YaU5fbjhnMW5wbm9Ocy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBUBggrBgEFBQcBBwEB/wRFMEMwJAQCAAEwHgMEBS4noAME
B1PwAAMEBl9SgAMEArkz8AMEBdWb4DAbBAIAAjAVAwUBIAFMyAMFACoBQkADBQMq
CsrAMA0GCSqGSIb3DQEBCwUAA4IBAQAJLX8uLV6rq3BwgomOuTweoleH54xyAKAe
xiE0ZvVuLf6WCuDM3AHB7OKjaOOZ56Db3IFZfQ28wU/ZCFZCHj20YVhCxs5MINOt
Gzlpa9wzLIvUBjQ1dFNOogg8McxjocF47JfCMNp4zFntRB8pFs+T7C+pvLgqLJqe
FJyYCoplRZG/ogVFLc5oTAc7hYjE5dbNRxLlA0ud9xYfgVuW0QcZTXSDQ3JV5WyD
t7YYguy9Nt6xbOEe7akrcvKf6fTvttfYnLOiCE0SjQQlkYeFyiCyGC0DqXxqiRv1
7y6ukSURzk++5HLvPs5TBRSLos9JNyYit3BKQeq41rWGDDvdwlEi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:50 2024 by rpki-client on console-fra.rpki-client.org