Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/ad1xDMyOTB-D-IGws8LRnDv280o.roa
File: ad1xDMyOTB-D-IGws8LRnDv280o.roa (raw, json)
Hash identifier: X88geVCE9TrDgbFd+gT23OL3BCTtDwNi0rqXF4COrlU=
Subject key identifier: 69:DD:71:0C:CC:8E:4C:1F:83:F8:81:B0:B3:C2:D1:9C:3B:F6:F3:4A
Certificate issuer: /CN=330fe971b3e36b16a92be85f59985be45968b864
Certificate serial: 018ABD5FF613E49300134B76BB659C095B7C
Authority key identifier: 33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/ad1xDMyOTB-D-IGws8LRnDv280o.roa
Signing time: Fri 22 Sep 2023 14:51:37 +0000
ROA not before: Fri 22 Sep 2023 14:51:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 185.170.92.0/22 maxlen: 22
159.255.216.0/21 maxlen: 21
94.103.16.0/20 maxlen: 20
185.68.183.0/24 maxlen: 24
185.68.180.0/23 maxlen: 24
5.175.80.0/21 maxlen: 21
2a03:6981::/32 maxlen: 32
2a03:6983::/32 maxlen: 32
2a03:6982::/32 maxlen: 32
2a03:6980::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:5f:f6:13:e4:93:00:13:4b:76:bb:65:9c:09:5b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330fe971b3e36b16a92be85f59985be45968b864
Validity
Not Before: Sep 22 14:51:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69dd710ccc8e4c1f83f881b0b3c2d19c3bf6f34a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:06:ba:dd:d7:4b:a5:95:5b:dd:0b:18:ca:e5:
bf:19:25:1c:f8:21:31:10:b5:b8:99:92:72:18:c3:
4a:56:d1:6e:e9:d8:95:6e:a1:d1:9e:f4:24:60:f6:
40:b3:5e:c2:94:2b:92:a1:cd:db:3b:e6:b8:b9:3d:
d1:fa:12:44:04:70:07:4f:c1:d8:b1:da:28:54:ec:
bd:b5:b7:46:f6:4d:58:45:ea:b7:d0:6a:eb:87:a0:
00:c0:f4:cf:a9:ea:35:14:d9:5f:5b:7b:42:cf:96:
93:6c:23:44:aa:88:3c:99:eb:9d:15:d9:a7:00:0d:
7b:16:d6:b9:48:92:d5:b9:d1:b4:73:2c:8b:f3:26:
44:77:2c:70:36:cd:c0:d4:f8:2a:b0:da:95:5b:fd:
8c:3a:15:0d:b5:65:a2:90:97:5e:11:e7:70:dd:f0:
00:c4:3f:6e:c8:43:1a:86:e2:e8:3f:82:ab:37:4e:
f8:e1:2a:e8:f1:d2:4a:3b:10:b2:7c:a5:2e:eb:27:
af:e3:d9:8b:34:43:cb:e3:d4:68:9c:ad:e7:eb:79:
69:18:2d:0f:15:b5:35:9d:5f:1c:19:e5:39:4f:7e:
e3:d8:96:a2:72:7d:ea:96:06:83:09:9c:dc:82:e3:
15:60:9c:5c:1f:9c:25:82:55:69:87:65:94:53:73:
e9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:DD:71:0C:CC:8E:4C:1F:83:F8:81:B0:B3:C2:D1:9C:3B:F6:F3:4A
X509v3 Authority Key Identifier:
keyid:33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/ad1xDMyOTB-D-IGws8LRnDv280o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.80.0/21
94.103.16.0/20
159.255.216.0/21
185.68.180.0/23
185.68.183.0/24
185.170.92.0/22
IPv6:
2a03:6980::/30
Signature Algorithm: sha256WithRSAEncryption
b5:22:fd:e2:31:3e:74:f4:3d:e5:ed:88:be:c0:ec:87:76:58:
c6:d6:e0:cf:30:5e:8d:4f:74:f0:f2:36:42:58:e6:88:d9:45:
13:0e:8b:86:a7:e5:0a:c0:f4:8c:76:cb:8a:6c:d0:19:51:fa:
ae:d8:f9:b9:4e:99:54:0b:ee:0a:35:c0:1c:9c:6c:95:b4:fc:
c9:b2:49:e4:10:4b:35:02:cf:6f:cd:1a:33:bc:ef:5d:64:d8:
1d:70:a2:06:c4:ab:d7:06:fe:e4:ca:20:86:f7:1a:05:bc:9b:
fe:a4:b3:4f:54:a7:0f:21:a3:0b:eb:3e:ee:0c:c8:6b:14:d5:
30:5e:f5:c8:a5:ba:ad:1a:65:8a:48:6a:7e:00:88:89:e1:a9:
1c:55:25:65:52:55:59:40:b8:d4:68:79:ea:2f:18:ae:12:d2:
fa:92:30:81:ba:73:5a:79:6b:09:6a:f3:7a:92:61:c2:91:a4:
e9:27:e4:21:11:6f:34:24:da:c8:39:22:b7:f5:ce:46:e3:33:
f5:3c:b5:cd:dc:64:5a:fb:04:13:d8:45:c8:eb:69:b7:08:64:
b3:fb:43:87:dd:16:16:75:9c:1d:e8:86:06:6c:8e:ee:e9:fc:
86:a9:69:ba:b0:13:68:34:11:3f:6b:f1:20:41:3d:ec:74:bf:
4a:2c:95:8e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYq9X/YT5JMAE0t2u2WcCVt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGZlOTcxYjNlMzZiMTZhOTJiZTg1ZjU5OTg1YmU0NTk2
OGI4NjQwHhcNMjMwOTIyMTQ1MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWRkNzEwY2NjOGU0YzFmODNmODgxYjBiM2MyZDE5YzNiZjZmMzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlga63ddLpZVb3QsYyuW/GSUc+CEx
ELW4mZJyGMNKVtFu6diVbqHRnvQkYPZAs17ClCuSoc3bO+a4uT3R+hJEBHAHT8HY
sdooVOy9tbdG9k1YReq30Grrh6AAwPTPqeo1FNlfW3tCz5aTbCNEqog8meudFdmn
AA17Fta5SJLVudG0cyyL8yZEdyxwNs3A1PgqsNqVW/2MOhUNtWWikJdeEedw3fAA
xD9uyEMahuLoP4KrN0744Sro8dJKOxCyfKUu6yev49mLNEPL49RonK3n63lpGC0P
FbU1nV8cGeU5T37j2Jaicn3qlgaDCZzcguMVYJxcH5wlglVph2WUU3PpYwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFGndcQzMjkwfg/iBsLPC0Zw79vNKMB8GA1UdIwQY
MBaAFDMP6XGz42sWqSvoX1mYW+RZaLhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWIt
MTFlOWU5ZjAxMzQzLzEvYWQxeERNeU9UQi1ELUlHd3M4TFJuRHYyODBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWItMTFlOWU5ZjAxMzQz
LzEvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBa9QAwQE
XmcQAwQDn//YAwQBuUS0AwQAuUS3AwQCuapcMA0EAgACMAcDBQIqA2mAMA0GCSqG
SIb3DQEBCwUAA4IBAQC1Iv3iMT509D3l7Yi+wOyHdljG1uDPMF6NT3Tw8jZCWOaI
2UUTDouGp+UKwPSMdsuKbNAZUfqu2Pm5TplUC+4KNcAcnGyVtPzJsknkEEs1As9v
zRozvO9dZNgdcKIGxKvXBv7kyiCG9xoFvJv+pLNPVKcPIaML6z7uDMhrFNUwXvXI
pbqtGmWKSGp+AIiJ4akcVSVlUlVZQLjUaHnqLxiuEtL6kjCBunNaeWsJavN6kmHC
kaTpJ+QhEW80JNrIOSK39c5G4zP1PLXN3GRa+wQT2EXI62m3CGSz+0OH3RYWdZwd
6IYGbI7u6fyGqWm6sBNoNBE/a/EgQT3sdL9KLJWO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:29 2024 by rpki-client on console-fra.rpki-client.org