Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1tkpU0LKuFEvCgxmUvA7JDt3jeM.roa
File: 1tkpU0LKuFEvCgxmUvA7JDt3jeM.roa (raw, json)
Hash identifier: SAIkiW5jJaaWxxi/QI0EvcgGOgGXgu02y728Z9wg7EY=
Subject key identifier: D6:D9:29:53:42:CA:B8:51:2F:0A:0C:66:52:F0:3B:24:3B:77:8D:E3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E51ED22C67B825C0F01B2EA8D61F7294A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1tkpU0LKuFEvCgxmUvA7JDt3jeM.roa
Signing time: Mon 18 Mar 2024 14:17:59 +0000
ROA not before: Mon 18 Mar 2024 14:17:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 81.168.126.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.165.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 07:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:ed:22:c6:7b:82:5c:0f:01:b2:ea:8d:61:f7:29:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 18 14:17:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6d9295342cab8512f0a0c6652f03b243b778de3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5d:91:84:31:28:28:09:d4:43:7f:0f:02:dc:
0b:5a:3a:e6:7d:dd:5a:6b:05:ab:c0:d4:e7:cc:5d:
53:10:35:d9:c2:f3:f1:ae:e2:be:39:ec:37:0b:aa:
62:9e:ca:6b:19:f1:78:d1:71:71:70:28:0c:80:0a:
33:31:ff:44:fc:ce:38:83:72:c0:b4:c6:81:97:c0:
0d:8a:e6:01:2f:ab:cc:b5:f6:b9:32:57:f0:60:cc:
be:7f:40:0d:ea:a9:06:ef:e8:b9:5b:59:5f:1d:3f:
71:06:80:a2:83:f3:1e:fb:0d:c9:20:d6:2e:d6:d7:
d3:c8:2c:09:30:b0:0d:a2:1a:50:ed:34:28:77:ef:
9e:93:15:af:0c:8e:9e:1b:98:36:7d:8c:5c:79:e9:
5d:b4:82:39:cb:3c:60:e5:a7:d5:7a:e8:04:23:ab:
7b:41:0b:b9:4f:df:ff:c2:73:7e:af:d1:bb:b4:c5:
b5:c7:7c:33:8a:b2:c0:b4:bc:f6:1b:0b:81:d2:26:
27:31:8c:dc:be:67:55:f7:a4:45:a4:35:e5:7c:e8:
2c:a0:13:a2:26:54:88:d6:c4:22:5b:bc:4a:34:9d:
2c:6f:76:4e:62:08:eb:c1:89:84:c4:ca:36:50:d4:
0f:50:89:ee:44:fd:22:63:e5:ad:5e:c0:76:fe:ef:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D9:29:53:42:CA:B8:51:2F:0A:0C:66:52:F0:3B:24:3B:77:8D:E3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1tkpU0LKuFEvCgxmUvA7JDt3jeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
82.152.176.0/23
82.153.136.0/22
89.213.148.0-89.213.159.255
89.213.165.0/24
89.213.172.0/22
89.213.180.0/24
109.176.245.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:ff:6a:c0:3b:c5:a8:59:12:a9:bd:4b:49:3c:41:5c:9a:26:
f2:4f:dc:74:7e:9b:88:ed:69:58:27:6b:d6:46:a5:45:b0:5c:
6d:08:d2:b2:04:34:97:cb:ce:91:25:27:16:5b:af:9e:3e:fd:
1a:7c:71:68:d8:3f:bc:93:75:2f:23:72:1d:15:3c:da:c8:98:
35:e6:3c:42:b8:7c:65:88:1c:d9:2b:9a:8d:78:d7:5b:12:1a:
33:58:b1:d1:bf:99:20:19:24:33:19:d8:8d:d6:89:47:09:47:
92:00:c4:84:f5:9a:1f:9d:11:5d:6f:c8:a4:91:f4:af:af:fa:
02:59:21:ab:56:6e:9d:ac:1c:0c:e0:b5:6a:9f:89:82:2c:85:
47:a9:5d:2d:61:d9:7d:f3:d1:ec:c5:e0:ca:22:20:2f:36:94:
01:e2:51:a3:ef:42:1b:9e:32:fb:d1:e9:6b:2d:f8:00:26:54:
73:af:06:d5:ba:71:8d:20:90:d3:d7:d5:9c:17:1c:45:d6:ff:
30:58:d2:a7:50:4a:a9:63:96:ca:bc:29:d7:af:ff:a0:c7:b2:
00:1b:39:87:b1:db:52:39:7d:9b:d9:18:d9:2a:c7:78:ef:8c:
12:dd:54:22:b2:c5:b6:05:21:f9:05:3d:49:4d:48:c5:ba:56:
9f:05:e0:53
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY5R7SLGe4JcDwGy6o1h9ylKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzE4MTQxNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmQ5Mjk1MzQyY2FiODUxMmYwYTBjNjY1MmYwM2IyNDNiNzc4ZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF2RhDEoKAnUQ38PAtwLWjrmfd1a
awWrwNTnzF1TEDXZwvPxruK+Oew3C6pinsprGfF40XFxcCgMgAozMf9E/M44g3LA
tMaBl8ANiuYBL6vMtfa5MlfwYMy+f0AN6qkG7+i5W1lfHT9xBoCig/Me+w3JINYu
1tfTyCwJMLANohpQ7TQod++ekxWvDI6eG5g2fYxceeldtII5yzxg5afVeugEI6t7
QQu5T9//wnN+r9G7tMW1x3wzirLAtLz2GwuB0iYnMYzcvmdV96RFpDXlfOgsoBOi
JlSI1sQiW7xKNJ0sb3ZOYgjrwYmExMo2UNQPUInuRP0iY+WtXsB2/u/BEQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFNbZKVNCyrhRLwoMZlLwOyQ7d43jMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMXRrcFUwTEt1RkV2Q2d4bVV2QTdKRHQzamVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAUah+AwQB
UpiwAwQCUpmIMAwDBAJZ1ZQDBAVZ1YADBABZ1aUDBAJZ1awDBABZ1bQDBABtsPUD
BAG5MX4DBADVmCowDQYJKoZIhvcNAQELBQADggEBAEr/asA7xahZEqm9S0k8QVya
JvJP3HR+m4jtaVgna9ZGpUWwXG0I0rIENJfLzpElJxZbr54+/Rp8cWjYP7yTdS8j
ch0VPNrImDXmPEK4fGWIHNkrmo1411sSGjNYsdG/mSAZJDMZ2I3WiUcJR5IAxIT1
mh+dEV1vyKSR9K+v+gJZIatWbp2sHAzgtWqfiYIshUepXS1h2X3z0ezF4MoiIC82
lAHiUaPvQhueMvvR6Wst+AAmVHOvBtW6cY0gkNPX1ZwXHEXW/zBY0qdQSqljlsq8
Kdev/6DHsgAbOYex21I5fZvZGNkqx3jvjBLdVCKyxbYFIfkFPUlNSMW6Vp8F4FM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:13 2024 by rpki-client on console-fra.rpki-client.org