Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/__83tjUMguNM_xz2k2i0cOcEtJc.roa
File: __83tjUMguNM_xz2k2i0cOcEtJc.roa (raw, json)
Hash identifier: ISsU+Vy2ggqGBbbaYfr7f6X3+nGBxk0LJowwHLQUUho=
Subject key identifier: FF:FF:37:B6:35:0C:82:E3:4C:FF:1C:F6:93:68:B4:70:E7:04:B4:97
Certificate issuer: /CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Certificate serial: 01856B932A043460A133AA0A4CA8159D45E2
Authority key identifier: E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/__83tjUMguNM_xz2k2i0cOcEtJc.roa
Signing time: Sun 01 Jan 2023 04:24:44 +0000
ROA not before: Sun 01 Jan 2023 04:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1836
IP address blocks: 195.234.43.0/24 maxlen: 24
185.221.42.0/24 maxlen: 24
185.221.40.0/24 maxlen: 24
2a09:f00:b::/48 maxlen: 48
2a09:f00:a::/48 maxlen: 48
2001:67c:690::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 24 Mar 2023 09:14:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:2a:04:34:60:a1:33:aa:0a:4c:a8:15:9d:45:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Validity
Not Before: Jan 1 04:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffff37b6350c82e34cff1cf69368b470e704b497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:70:0d:b6:b9:d6:f3:40:02:8f:4c:81:23:7e:
38:9b:1f:07:3a:b7:62:ca:ce:76:b7:10:c8:31:11:
45:df:36:b1:3f:35:60:e1:61:bd:f4:f0:27:91:d9:
8e:d3:f8:9d:1e:6f:cd:44:00:ef:39:b8:9f:f4:79:
0b:bd:c5:af:2e:06:44:d2:8f:83:b2:8a:f3:b7:a5:
85:61:c3:a2:f1:27:28:ae:17:5f:7a:2c:4b:57:f3:
32:af:1b:74:31:9e:71:cd:d2:c0:18:a3:80:5c:4a:
e0:70:64:ab:3e:bd:18:66:9f:a3:51:72:d8:2d:a4:
f2:85:a2:c6:c7:60:d2:06:a5:b9:84:a8:48:13:ab:
0b:4c:19:bb:dd:84:4c:bb:a8:fd:9d:5b:a9:8e:91:
37:01:c6:f4:d4:5e:21:79:62:f6:b2:d0:a2:37:d4:
0f:a7:44:91:4e:99:53:ca:46:33:d8:88:1c:38:12:
43:29:1f:0f:33:a7:27:85:ca:f3:5c:cf:df:0b:57:
6d:8c:0b:ad:2a:c4:9e:28:2f:46:cf:05:74:b6:fb:
50:21:46:b7:3a:36:f4:56:6e:7f:4b:de:a8:91:d2:
6e:b5:d1:66:ff:43:ff:59:68:99:da:24:58:ff:78:
14:bf:59:28:77:7d:16:e9:72:96:f1:cf:ef:6b:b8:
0b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:FF:37:B6:35:0C:82:E3:4C:FF:1C:F6:93:68:B4:70:E7:04:B4:97
X509v3 Authority Key Identifier:
keyid:E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/__83tjUMguNM_xz2k2i0cOcEtJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
185.221.42.0/24
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:a::/47
Signature Algorithm: sha256WithRSAEncryption
32:f0:f4:4e:1a:b9:5d:53:38:14:54:ad:e9:1a:74:41:4f:75:
74:ff:ee:af:d6:5f:00:c7:a5:0c:1b:a7:ab:8f:9b:ea:37:fb:
ba:f2:5a:74:be:94:f2:19:eb:3e:29:43:5d:fd:db:fb:e4:28:
16:13:5b:0e:98:85:dc:07:5f:04:55:06:b2:e5:05:45:0d:ac:
1e:6e:1b:1c:94:09:e2:ce:7b:ad:05:d2:e0:97:7e:5b:ad:7a:
01:fe:b9:5a:4e:e6:6e:4c:3a:75:d9:a1:cf:98:c2:23:57:59:
65:6f:09:7d:c4:b4:03:d2:19:da:1c:b9:09:c0:69:35:9e:da:
4f:b6:67:f2:eb:2c:05:e1:8d:a1:e3:d3:36:56:72:39:9e:21:
51:18:e1:af:c1:79:7e:ce:be:59:d5:6e:7c:a0:0f:f2:cc:fa:
b5:a0:9b:b6:fc:8a:30:42:d1:54:cf:09:b3:b9:83:d0:f5:f9:
52:2c:2a:b0:60:ca:4b:d2:d3:40:fa:83:05:6e:1d:9e:50:cf:
a5:55:dc:fb:32:68:28:48:e0:5c:1d:ce:9c:ec:83:d1:81:af:
5a:58:ad:4b:b2:dd:c9:a5:f9:ee:b1:c1:04:79:6d:e4:ca:00:
75:a0:76:34:2f:c3:fc:5a:a6:d4:e2:af:ed:f6:48:ab:22:1e:
89:ae:1e:d4
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVrkyoENGChM6oKTKgVnUXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjU2ZjllZTE4ZmRiZmFmMzBhMGRhNTc5ODJlMjcyNzNk
YmNiNDIwHhcNMjMwMTAxMDQyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmZmMzdiNjM1MGM4MmUzNGNmZjFjZjY5MzY4YjQ3MGU3MDRiNDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHANtrnW80ACj0yBI344mx8HOrdi
ys52txDIMRFF3zaxPzVg4WG99PAnkdmO0/idHm/NRADvObif9HkLvcWvLgZE0o+D
sorzt6WFYcOi8ScorhdfeixLV/Myrxt0MZ5xzdLAGKOAXErgcGSrPr0YZp+jUXLY
LaTyhaLGx2DSBqW5hKhIE6sLTBm73YRMu6j9nVupjpE3Acb01F4heWL2stCiN9QP
p0SRTplTykYz2IgcOBJDKR8PM6cnhcrzXM/fC1dtjAutKsSeKC9GzwV0tvtQIUa3
Ojb0Vm5/S96okdJutdFm/0P/WWiZ2iRY/3gUv1kod30W6XKW8c/va7gLlwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFP//N7Y1DILjTP8c9pNotHDnBLSXMB8GA1UdIwQY
MBaAFOi1b57hj9v68woNpXmC4nJz28tCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYt
NzM1NWIyMDQzZTU0LzEvX184M3RqVU1ndU5NX3h6MmsyaTBjT2NFdEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82Mzk1N2ItM2ZjMS00NWMxLWE5YzYtNzM1NWIyMDQzZTU0
LzEvNkxWdm51R1AyX3J6Q2cybGVZTGljblBieTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAud0oAwQA
ud0qAwQAw+orMBgEAgACMBIDBwAgAQZ8BpADBwEqCQ8AAAowDQYJKoZIhvcNAQEL
BQADggEBADLw9E4auV1TOBRUrekadEFPdXT/7q/WXwDHpQwbp6uPm+o3+7ryWnS+
lPIZ6z4pQ1392/vkKBYTWw6YhdwHXwRVBrLlBUUNrB5uGxyUCeLOe60F0uCXflut
egH+uVpO5m5MOnXZoc+YwiNXWWVvCX3EtAPSGdocuQnAaTWe2k+2Z/LrLAXhjaHj
0zZWcjmeIVEY4a/BeX7OvlnVbnygD/LM+rWgm7b8ijBC0VTPCbO5g9D1+VIsKrBg
ykvS00D6gwVuHZ5Qz6VV3PsyaChI4Fwdzpzsg9GBr1pYrUuy3cml+e6xwQR5beTK
AHWgdjQvw/xaptTir+32SKsiHomuHtQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org