Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/atx3whVlDC-3o8heNsqwUARDJbM.roa
File: atx3whVlDC-3o8heNsqwUARDJbM.roa (raw, json)
Hash identifier: 8snqX/XkaTOESZ80Z0LeJOLNu/rST5RuSl7IOQUoLxE=
Subject key identifier: 6A:DC:77:C2:15:65:0C:2F:B7:A3:C8:5E:36:CA:B0:50:04:43:25:B3
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 018CCA2B1292DBE18C93E0CC30196E8B5873
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/atx3whVlDC-3o8heNsqwUARDJbM.roa
Signing time: Tue 02 Jan 2024 12:34:29 +0000
ROA not before: Tue 02 Jan 2024 12:34:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43647
IP address blocks: 82.148.0.0/21 maxlen: 24
185.76.12.0/22 maxlen: 24
89.232.184.0/22 maxlen: 24
213.232.225.0/24 maxlen: 24
213.232.245.0/24 maxlen: 24
185.228.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Sep 2024 14:44:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:12:92:db:e1:8c:93:e0:cc:30:19:6e:8b:58:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 2 12:34:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6adc77c215650c2fb7a3c85e36cab050044325b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:b1:b2:61:54:ff:16:e1:f9:91:bb:89:fc:
36:54:5c:73:c6:8c:64:39:53:cd:47:55:a0:de:5b:
00:78:ca:db:97:18:39:a7:0d:37:b7:4b:8a:5b:5e:
bf:9e:e6:65:7e:12:06:c2:ca:1c:5b:33:74:da:42:
15:17:01:4f:af:ad:4e:fe:3d:14:63:c4:ee:c0:ca:
3e:51:56:81:9f:ae:44:7c:d3:18:d3:fb:87:02:22:
12:ad:dc:cb:fc:b5:98:84:c4:d4:e7:34:bc:0d:bf:
88:8a:12:fd:99:02:88:15:9d:84:d8:0b:05:21:df:
9d:72:ec:0d:25:80:31:27:02:04:4b:53:05:ae:b7:
17:f2:b8:8a:f9:56:27:ad:61:e6:28:91:23:9f:e0:
87:99:38:a8:d8:e2:25:85:97:b0:d0:59:8c:20:36:
e0:9a:80:c5:2c:a1:8a:8c:1e:d7:b0:11:21:4b:9b:
2f:c6:0e:f7:03:52:f5:e4:a0:9c:19:c5:6c:f9:46:
02:58:58:89:26:13:ac:89:78:0c:12:b9:fa:1d:c7:
89:fb:4c:ee:fb:3c:8e:0b:0f:d2:03:1e:ba:c6:d3:
76:1f:b6:2f:e9:25:60:74:2f:5a:dc:da:7c:93:b9:
bc:dd:17:a3:df:45:9d:3f:a7:01:06:2c:c8:1d:8c:
81:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DC:77:C2:15:65:0C:2F:B7:A3:C8:5E:36:CA:B0:50:04:43:25:B3
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/atx3whVlDC-3o8heNsqwUARDJbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.0.0/21
89.232.184.0/22
185.76.12.0/22
185.228.88.0/22
213.232.225.0/24
213.232.245.0/24
Signature Algorithm: sha256WithRSAEncryption
84:f9:51:ec:82:48:ec:40:78:34:47:b2:88:64:9d:57:00:82:
f7:4d:5a:8d:a3:da:cc:da:e1:f4:f4:bb:d3:53:91:a5:95:7f:
f3:94:1e:b7:bd:1f:c1:dc:ac:37:b8:9e:61:83:a5:3c:fb:b5:
b1:69:05:a0:dc:b8:c3:1f:b4:8a:c9:01:3d:83:ba:5c:2c:71:
af:43:ca:dd:50:91:85:07:b9:1a:4a:93:ba:fe:69:ae:95:56:
7d:61:ee:8a:ca:d3:58:7f:1f:cc:52:ee:d1:89:8e:e4:43:80:
bc:54:a3:69:54:71:92:c8:92:bb:18:9b:cc:65:00:d7:5b:27:
e7:b8:ea:65:27:87:cb:e2:7b:60:b6:37:e0:32:0b:37:b6:3c:
57:e1:a0:68:f1:e6:53:f0:01:60:af:2d:9f:76:c0:32:7e:70:
49:b8:b4:e3:5d:d4:13:cb:54:7d:90:0f:f3:9f:5d:0a:bb:cf:
bb:df:a7:71:b9:54:c1:85:1d:5f:2a:ef:82:10:a6:98:a5:ad:
a8:44:00:1b:d3:83:87:5d:a2:4f:8b:06:a4:51:c3:a8:6a:96:
d5:ac:a4:d4:b1:92:81:05:6a:94:01:af:3b:ac:da:8a:c8:0b:
2d:26:88:7b:2d:53:24:a0:d9:e4:08:fe:7e:3d:d4:01:ff:01:
f7:f8:cb:24
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKKxKS2+GMk+DMMBlui1hzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjQwMTAyMTIzNDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRjNzdjMjE1NjUwYzJmYjdhM2M4NWUzNmNhYjA1MDA0NDMyNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoWxsmFU/xbh+ZG7ifw2VFxzxoxk
OVPNR1Wg3lsAeMrblxg5pw03t0uKW16/nuZlfhIGwsocWzN02kIVFwFPr61O/j0U
Y8TuwMo+UVaBn65EfNMY0/uHAiISrdzL/LWYhMTU5zS8Db+IihL9mQKIFZ2E2AsF
Id+dcuwNJYAxJwIES1MFrrcX8riK+VYnrWHmKJEjn+CHmTio2OIlhZew0FmMIDbg
moDFLKGKjB7XsBEhS5svxg73A1L15KCcGcVs+UYCWFiJJhOsiXgMErn6HceJ+0zu
+zyOCw/SAx66xtN2H7Yv6SVgdC9a3Np8k7m83Rej30WdP6cBBizIHYyBfQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGrcd8IVZQwvt6PIXjbKsFAEQyWzMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvYXR4M3doVmxEQy0zbzhoZU5zcXdVQVJESmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDUpQAAwQC
Wei4AwQCuUwMAwQCueRYAwQA1ejhAwQA1ej1MA0GCSqGSIb3DQEBCwUAA4IBAQCE
+VHsgkjsQHg0R7KIZJ1XAIL3TVqNo9rM2uH09LvTU5GllX/zlB63vR/B3Kw3uJ5h
g6U8+7WxaQWg3LjDH7SKyQE9g7pcLHGvQ8rdUJGFB7kaSpO6/mmulVZ9Ye6KytNY
fx/MUu7RiY7kQ4C8VKNpVHGSyJK7GJvMZQDXWyfnuOplJ4fL4ntgtjfgMgs3tjxX
4aBo8eZT8AFgry2fdsAyfnBJuLTjXdQTy1R9kA/zn10Ku8+736dxuVTBhR1fKu+C
EKaYpa2oRAAb04OHXaJPiwakUcOoapbVrKTUsZKBBWqUAa87rNqKyAstJoh7LVMk
oNnkCP5+PdQB/wH3+Msk
-----END CERTIFICATE-----
Generated at Fri Sep 13 17:40:59 2024 by rpki-client on console-fra.rpki-client.org