Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rkZHkoTUCcLRUGdQ3D84bdMES-8.roa
File: rkZHkoTUCcLRUGdQ3D84bdMES-8.roa (raw, json)
Hash identifier: szHr7GygcwxuZL8ir5Lmddy7WeSjrRVoECOpyoQ/crw=
Subject key identifier: AE:46:47:92:84:D4:09:C2:D1:50:67:50:DC:3F:38:6D:D3:04:4B:EF
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB83648441E89710426333762B5D30F
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rkZHkoTUCcLRUGdQ3D84bdMES-8.roa
Signing time: Sun 01 Jan 2023 09:44:49 +0000
ROA not before: Sun 01 Jan 2023 09:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 194.2.86.0/24 maxlen: 24
194.250.98.0/24 maxlen: 24
90.115.208.0/24 maxlen: 24
90.115.209.0/24 maxlen: 24
194.3.4.0/24 maxlen: 24
194.2.57.0/24 maxlen: 24
81.255.178.0/24 maxlen: 24
194.2.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:36:48:44:1e:89:71:04:26:33:37:62:b5:d3:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae46479284d409c2d1506750dc3f386dd3044bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ef:6a:c1:fd:b9:ef:7a:9d:cb:cf:38:4b:24:
9c:eb:b6:1d:01:b9:9d:8a:74:0a:ff:47:08:95:40:
e8:77:2c:74:6a:68:e3:4d:99:64:87:38:cf:59:9e:
00:26:78:a4:cc:fe:3a:e9:63:f5:0f:84:fb:c6:83:
36:eb:19:b5:96:d3:e2:be:40:05:34:d4:7d:2c:16:
bc:19:60:3d:65:bf:6f:2d:04:65:fd:99:52:65:d4:
61:00:f6:6a:21:86:36:98:58:a6:7a:af:44:36:dc:
62:08:16:93:ba:67:09:ba:f2:41:1d:90:7c:25:53:
95:5c:02:c4:3a:e4:c9:2f:b8:c0:8c:97:c0:de:87:
1c:6c:f3:5d:65:b9:ce:ae:ea:0b:62:32:3f:55:85:
f4:d6:55:b4:4a:85:22:d5:fa:73:18:ce:b4:1d:0a:
b1:4e:7c:34:b8:f7:65:ee:ca:db:63:8e:8f:b8:0e:
02:59:f4:5b:74:40:1a:cd:60:70:ee:dc:77:5a:c0:
49:61:a1:4b:c5:5b:7a:2d:06:6f:5a:34:e0:ca:ec:
96:85:7c:ab:8f:2d:59:38:38:2f:5f:5b:05:dd:5b:
14:54:2d:ac:70:57:65:94:ca:60:d6:bb:7f:c7:08:
99:62:96:fa:13:1c:b0:34:d1:74:89:ad:c6:41:3b:
3a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:46:47:92:84:D4:09:C2:D1:50:67:50:DC:3F:38:6D:D3:04:4B:EF
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/rkZHkoTUCcLRUGdQ3D84bdMES-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.178.0/24
90.115.208.0/23
194.2.56.0/23
194.2.86.0/24
194.3.4.0/24
194.250.98.0/24
Signature Algorithm: sha256WithRSAEncryption
64:cf:7b:a0:4e:51:ae:92:37:b4:c1:73:19:d8:4b:f0:fa:55:
1a:83:0d:d6:ab:f6:9b:11:96:2e:13:78:2c:05:fe:00:88:d5:
12:a8:a3:2d:21:26:35:66:08:8d:f3:b8:a7:9c:60:73:42:cb:
b2:cb:9e:a4:10:bb:5b:82:a2:1d:3d:b6:99:3c:08:4d:31:3d:
11:cf:37:e9:23:80:1b:b3:66:f4:1f:b1:c5:d5:62:f7:28:c8:
c2:53:5c:72:d6:3a:bf:40:a4:5f:49:11:35:85:cc:df:6d:03:
44:b6:a8:b6:7b:c0:b8:74:1a:b4:0d:8c:ea:dc:f5:03:9c:01:
db:30:e7:2a:b5:dd:8c:20:38:6f:49:28:21:21:9f:74:70:a4:
c3:5e:d7:a8:df:dc:0a:f1:48:c6:88:a8:34:c0:91:0f:e2:96:
08:de:9f:f4:54:4f:c6:15:46:66:ec:e9:30:73:49:af:3e:6a:
4b:c8:2a:cc:71:a5:39:f5:7f:e2:8e:e5:e6:0c:a3:af:31:96:
46:63:03:d8:00:d1:50:4a:5a:e8:72:d0:a4:c2:31:51:2f:6f:
68:c7:77:1b:93:ab:37:02:35:60:9f:7e:b3:a7:69:9a:68:ff:
d2:b1:86:db:f8:aa:ce:e7:bd:74:50:e6:19:f1:18:59:4d:94:
4f:ed:19:c4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVsuDZIRB6JcQQmMzditdMPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTQ2NDc5Mjg0ZDQwOWMyZDE1MDY3NTBkYzNmMzg2ZGQzMDQ0YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+9qwf2573qdy884SySc67YdAbmd
inQK/0cIlUDodyx0amjjTZlkhzjPWZ4AJnikzP466WP1D4T7xoM26xm1ltPivkAF
NNR9LBa8GWA9Zb9vLQRl/ZlSZdRhAPZqIYY2mFimeq9ENtxiCBaTumcJuvJBHZB8
JVOVXALEOuTJL7jAjJfA3occbPNdZbnOruoLYjI/VYX01lW0SoUi1fpzGM60HQqx
Tnw0uPdl7srbY46PuA4CWfRbdEAazWBw7tx3WsBJYaFLxVt6LQZvWjTgyuyWhXyr
jy1ZODgvX1sF3VsUVC2scFdllMpg1rt/xwiZYpb6ExywNNF0ia3GQTs6pQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK5GR5KE1AnC0VBnUNw/OG3TBEvvMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvcmtaSGtvVFVDY0xSVUdkUTNEODRiZE1FUy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUf+yAwQB
WnPQAwQBwgI4AwQAwgJWAwQAwgMEAwQAwvpiMA0GCSqGSIb3DQEBCwUAA4IBAQBk
z3ugTlGukje0wXMZ2Evw+lUagw3Wq/abEZYuE3gsBf4AiNUSqKMtISY1ZgiN87in
nGBzQsuyy56kELtbgqIdPbaZPAhNMT0RzzfpI4Abs2b0H7HF1WL3KMjCU1xy1jq/
QKRfSRE1hczfbQNEtqi2e8C4dBq0DYzq3PUDnAHbMOcqtd2MIDhvSSghIZ90cKTD
Xteo39wK8UjGiKg0wJEP4pYI3p/0VE/GFUZm7Okwc0mvPmpLyCrMcaU59X/ijuXm
DKOvMZZGYwPYANFQSlroctCkwjFRL29ox3cbk6s3AjVgn36zp2maaP/SsYbb+KrO
5710UOYZ8RhZTZRP7RnE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:20 2024 by rpki-client on console-ams.rpki-client.org