Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/It7S0b-lMzzuCi3M41_53rn5cDY.roa
File: It7S0b-lMzzuCi3M41_53rn5cDY.roa (raw, json)
Hash identifier: 9qg650irE6VtSguM3sF+SNOk3YhOs9zbnCBQaK8uf/c=
Subject key identifier: 22:DE:D2:D1:BF:A5:33:3C:EE:0A:2D:CC:E3:5F:F9:DE:B9:F9:70:36
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC472AB14B1C077B9E67BA40A297BC558
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/It7S0b-lMzzuCi3M41_53rn5cDY.roa
Signing time: Mon 01 Jan 2024 09:54:58 +0000
ROA not before: Mon 01 Jan 2024 09:54:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 17:14:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:72:ab:14:b1:c0:77:b9:e6:7b:a4:0a:29:7b:c5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:54:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22ded2d1bfa5333cee0a2dcce35ff9deb9f97036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:80:5a:cb:60:f2:95:c3:32:24:70:31:d2:1d:
85:ac:a7:05:94:c7:43:1c:eb:f7:64:08:79:b8:f0:
f1:24:94:cf:ee:96:ce:08:8d:a8:3d:fe:ff:5a:d6:
8f:4e:45:c4:af:a1:c1:60:e5:b0:13:6f:37:14:2a:
36:71:89:83:e3:a8:2f:4a:70:bb:7b:f3:ba:75:d3:
4b:48:bf:86:63:b0:56:ea:6c:eb:a4:e7:21:fd:f5:
86:c8:60:96:88:c3:1d:5f:38:b4:c3:d4:7f:3e:fd:
12:ad:fa:32:7f:13:24:8d:1d:aa:09:5c:01:df:e3:
29:81:bc:0d:d8:6d:a7:a7:84:b4:a2:f4:c0:92:6d:
4f:4a:06:af:21:b9:57:b3:1f:12:b6:13:f3:96:5b:
48:f9:dd:0f:cd:18:9d:33:89:88:75:87:22:19:b4:
65:2f:f2:3b:3f:45:4f:3a:60:cc:ff:08:d6:81:0e:
9a:88:e3:f8:c8:13:d3:a2:f8:85:5e:3d:57:56:ec:
af:c5:3b:95:39:04:5d:3a:f6:a0:5a:f7:79:52:4c:
94:3a:48:49:e2:47:96:35:d4:8d:b6:cd:ca:c6:37:
fc:60:6f:78:86:06:da:e0:69:5f:e0:10:7b:32:46:
5d:98:b9:cc:1e:82:59:95:6a:99:28:9f:55:0a:35:
a2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:DE:D2:D1:BF:A5:33:3C:EE:0A:2D:CC:E3:5F:F9:DE:B9:F9:70:36
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/It7S0b-lMzzuCi3M41_53rn5cDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.136.0/22
82.153.246.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
60:af:15:ee:be:1a:e9:79:99:a6:b4:b0:db:48:31:bf:32:19:
62:2a:c1:7e:5f:c6:48:06:1a:df:d5:10:08:b9:f8:a9:a1:bf:
be:8a:92:24:64:e7:0c:75:7a:50:a0:86:35:71:b0:08:c8:d7:
5d:a5:ef:24:df:05:66:a9:cf:4b:da:33:25:af:19:cd:b2:97:
4b:92:36:b5:51:d1:db:bd:9a:6e:0d:47:3a:75:cc:f5:74:4d:
fd:c3:82:9e:1b:27:17:45:04:5e:be:6e:8a:38:43:32:52:fc:
e7:c8:16:1d:04:8c:9d:60:c5:ec:9e:aa:6c:ee:6e:cf:43:c8:
1d:5c:aa:24:6d:a8:84:ca:45:a2:cd:b2:8c:3e:b8:04:f9:2b:
ea:a6:a7:09:8e:ce:be:d5:e9:14:94:65:13:d8:6b:35:3e:4a:
01:08:f1:93:39:75:a9:9e:e7:58:86:e2:be:52:ed:0f:17:61:
b6:7f:61:03:1c:3a:ba:b4:48:98:48:2d:fe:80:9b:1a:4d:2b:
51:16:12:09:b3:55:1f:f0:25:57:ef:cf:b4:fe:2a:ee:0b:29:
93:31:02:37:86:c9:5c:fe:ba:a7:bd:e1:ac:64:0d:56:e0:3f:
2e:61:59:73:c9:28:96:f4:29:eb:4e:a8:ce:b7:60:fb:64:72:
31:28:3a:45
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzEcqsUscB3ueZ7pAope8VYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDk1NDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmRlZDJkMWJmYTUzMzNjZWUwYTJkY2NlMzVmZjlkZWI5Zjk3MDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIBay2DylcMyJHAx0h2FrKcFlMdD
HOv3ZAh5uPDxJJTP7pbOCI2oPf7/WtaPTkXEr6HBYOWwE283FCo2cYmD46gvSnC7
e/O6ddNLSL+GY7BW6mzrpOch/fWGyGCWiMMdXzi0w9R/Pv0SrfoyfxMkjR2qCVwB
3+MpgbwN2G2np4S0ovTAkm1PSgavIblXsx8SthPzlltI+d0PzRidM4mIdYciGbRl
L/I7P0VPOmDM/wjWgQ6aiOP4yBPToviFXj1XVuyvxTuVOQRdOvagWvd5UkyUOkhJ
4keWNdSNts3Kxjf8YG94hgba4Glf4BB7MkZdmLnMHoJZlWqZKJ9VCjWitQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCLe0tG/pTM87gotzONf+d65+XA2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSXQ3UzBiLWxNenp1Q2kzTTQxXzUzcm41Y0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQC
UpmIAwQAUpn2MAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAGCvFe6+Gul5maa0sNtIMb8yGWIqwX5fxkgGGt/V
EAi5+Kmhv76KkiRk5wx1elCghjVxsAjI112l7yTfBWapz0vaMyWvGc2yl0uSNrVR
0du9mm4NRzp1zPV0Tf3Dgp4bJxdFBF6+boo4QzJS/OfIFh0EjJ1gxeyeqmzubs9D
yB1cqiRtqITKRaLNsow+uAT5K+qmpwmOzr7V6RSUZRPYazU+SgEI8ZM5dame51iG
4r5S7Q8XYbZ/YQMcOrq0SJhILf6AmxpNK1EWEgmzVR/wJVfvz7T+Ku4LKZMxAjeG
yVz+uqe94axkDVbgPy5hWXPJKJb0KetOqM63YPtkcjEoOkU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org