Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Au2kVcFlt9QlYk4mfhDNkLuydaQ.roa
File: Au2kVcFlt9QlYk4mfhDNkLuydaQ.roa (raw, json)
Hash identifier: 6B8l4pAIFDUzNgGc2JEzbzkGfdSauzkTOZlzlkQF2bk=
Subject key identifier: 02:ED:A4:55:C1:65:B7:D4:25:62:4E:26:7E:10:CD:90:BB:B2:75:A4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F2E1732B0960B785A6352D3017DB51B9E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Au2kVcFlt9QlYk4mfhDNkLuydaQ.roa
Signing time: Tue 30 Apr 2024 08:20:22 +0000
ROA not before: Tue 30 Apr 2024 08:20:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61112
IP address blocks: 82.153.65.0/24 maxlen: 24
82.163.16.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
194.105.81.0/24 maxlen: 24
213.218.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 07:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:17:32:b0:96:0b:78:5a:63:52:d3:01:7d:b5:1b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 08:20:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02eda455c165b7d425624e267e10cd90bbb275a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f6:0b:05:0f:af:b2:a1:c4:4e:ea:a3:a4:13:
77:f2:8f:f6:f6:de:5a:82:db:5b:77:32:d0:e8:3b:
c6:ca:4d:89:bb:29:b1:7e:57:98:aa:4b:b9:84:c9:
d1:74:bd:25:b4:e8:af:6c:64:b6:32:c5:1e:17:c8:
42:19:d7:3f:99:88:d7:99:b1:2d:91:13:79:d1:86:
96:6c:7a:ac:9f:e8:16:ec:79:e6:03:70:a9:14:1a:
af:1f:e4:2d:5a:b9:6c:e1:16:c9:10:20:c7:57:17:
41:c6:df:06:22:0b:fa:46:46:7a:a3:ff:3e:2d:d0:
86:63:4c:b9:8b:2f:63:ba:73:d0:a5:0e:4f:6f:5d:
07:96:dc:86:4d:f2:ec:f6:a1:f7:27:98:6e:cc:d9:
47:f0:8a:e2:35:5d:db:f8:74:42:23:d3:b2:9a:8d:
19:59:c2:01:12:e4:78:03:32:2d:a1:d3:8a:25:b4:
15:53:e5:1d:56:0e:d9:fb:64:de:1b:3d:f0:c5:7c:
dd:fa:81:09:d8:d9:e0:a2:b9:cb:ff:cb:b5:f6:0b:
ee:eb:9d:56:6b:da:37:77:eb:2b:82:75:06:92:08:
4f:e4:d1:ed:e6:6e:b3:46:ac:53:f9:15:fc:f9:d2:
d4:41:c4:c6:b1:50:7e:13:ad:91:59:c4:a0:cf:cd:
58:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:ED:A4:55:C1:65:B7:D4:25:62:4E:26:7E:10:CD:90:BB:B2:75:A4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Au2kVcFlt9QlYk4mfhDNkLuydaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.65.0/24
82.163.16.0/24
89.213.164.0/24
89.213.184.0/24
194.105.81.0/24
213.218.254.0/24
Signature Algorithm: sha256WithRSAEncryption
08:10:05:49:07:39:53:55:c6:43:3f:27:ac:e3:fd:9c:6c:6d:
03:2f:0b:07:b0:20:d7:62:b3:75:6d:38:a8:33:df:75:44:46:
c8:12:19:49:2b:5c:bd:91:3a:be:28:4f:c1:aa:67:5d:b2:f3:
ee:0d:3a:f4:31:8e:d3:2b:bc:e4:39:aa:88:8f:e7:6e:13:f5:
99:55:f8:3d:c2:d4:ca:39:0a:82:c0:52:8c:8f:31:22:7b:0d:
5f:4b:76:15:cc:2e:d6:7a:38:c2:06:19:22:e9:db:3d:85:59:
7b:18:f9:14:cb:b5:9c:a6:b7:55:c0:10:eb:02:ed:67:71:16:
7a:83:33:79:8c:cb:d1:4c:9b:32:64:74:e2:24:c6:21:ed:3f:
ef:24:80:b0:4c:24:d2:a4:4a:da:bf:15:29:7e:9f:63:e0:3f:
97:37:9e:8f:45:92:c6:df:18:6b:76:de:b3:7d:dc:e3:36:5a:
99:5e:b0:57:c2:51:ae:e6:2a:d2:19:42:f7:d4:3a:dc:26:aa:
9b:98:c9:48:84:ba:3d:6f:36:49:92:fa:79:fa:bf:72:55:bb:
3d:bd:eb:ef:ad:97:d4:a5:5f:35:f8:6c:56:c5:73:93:5c:25:
64:91:a5:1f:33:3b:eb:bc:bd:d0:6c:a0:fd:f9:0f:e3:2f:24:
f8:bd:5e:10
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY8uFzKwlgt4WmNS0wF9tRueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMDgyMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmVkYTQ1NWMxNjViN2Q0MjU2MjRlMjY3ZTEwY2Q5MGJiYjI3NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/YLBQ+vsqHETuqjpBN38o/29t5a
gttbdzLQ6DvGyk2JuymxfleYqku5hMnRdL0ltOivbGS2MsUeF8hCGdc/mYjXmbEt
kRN50YaWbHqsn+gW7HnmA3CpFBqvH+QtWrls4RbJECDHVxdBxt8GIgv6RkZ6o/8+
LdCGY0y5iy9junPQpQ5Pb10HltyGTfLs9qH3J5huzNlH8IriNV3b+HRCI9Oymo0Z
WcIBEuR4AzItodOKJbQVU+UdVg7Z+2TeGz3wxXzd+oEJ2NngornL/8u19gvu651W
a9o3d+srgnUGkghP5NHt5m6zRqxT+RX8+dLUQcTGsVB+E62RWcSgz81YdQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFALtpFXBZbfUJWJOJn4QzZC7snWkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXUya1ZjRmx0OVFsWWs0bWZoRE5rTHV5ZGFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUplBAwQA
UqMQAwQAWdWkAwQAWdW4AwQAwmlRAwQA1dr+MA0GCSqGSIb3DQEBCwUAA4IBAQAI
EAVJBzlTVcZDPyes4/2cbG0DLwsHsCDXYrN1bTioM991REbIEhlJK1y9kTq+KE/B
qmddsvPuDTr0MY7TK7zkOaqIj+duE/WZVfg9wtTKOQqCwFKMjzEiew1fS3YVzC7W
ejjCBhki6ds9hVl7GPkUy7WcprdVwBDrAu1ncRZ6gzN5jMvRTJsyZHTiJMYh7T/v
JICwTCTSpEravxUpfp9j4D+XN56PRZLG3xhrdt6zfdzjNlqZXrBXwlGu5irSGUL3
1DrcJqqbmMlIhLo9bzZJkvp5+r9yVbs9vevvrZfUpV81+GxWxXOTXCVkkaUfMzvr
vL3QbKD9+Q/jLyT4vV4Q
-----END CERTIFICATE-----
Generated at Mon May 20 08:33:02 2024 by rpki-client on console-fra.rpki-client.org