Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IvNuZtupO9xwj3kkvKcEH1lRH0Q.roa
File: IvNuZtupO9xwj3kkvKcEH1lRH0Q.roa (raw, json)
Hash identifier: XRDtETlNkyd4K7QQzT1ORwSpacMwsH5NvzBCNpwu+08=
Subject key identifier: 22:F3:6E:66:DB:A9:3B:DC:70:8F:79:24:BC:A7:04:1F:59:51:1F:44
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CB6A6919F2D2024811BAB1B69A423BCB7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IvNuZtupO9xwj3kkvKcEH1lRH0Q.roa
Signing time: Fri 29 Dec 2023 17:36:58 +0000
ROA not before: Fri 29 Dec 2023 17:36:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Dec 2023 17:39:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:a6:91:9f:2d:20:24:81:1b:ab:1b:69:a4:23:bc:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 29 17:36:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22f36e66dba93bdc708f7924bca7041f59511f44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d2:47:7f:52:9b:b5:34:28:fa:f4:2b:90:d7:
45:c9:3c:16:70:95:e7:f2:48:9c:c7:b4:44:87:dc:
30:4f:d3:c9:56:02:34:ed:a6:33:44:b6:82:b1:f9:
83:f0:f2:f8:9d:5d:9c:79:0f:76:a1:88:d5:95:dd:
78:66:67:2d:09:50:6f:97:16:24:3a:f0:31:f2:cb:
52:28:95:13:e5:a5:83:fe:17:1e:2c:10:54:25:34:
ee:90:c2:fe:c5:29:69:7e:7a:21:4d:75:a3:08:fd:
b3:d4:e7:a6:93:2e:db:d8:2d:11:f1:16:57:c6:0f:
04:d2:6e:31:fc:02:7a:cf:ea:ca:7a:9e:c0:1e:d9:
40:bd:01:e7:68:f4:fe:82:c2:be:86:62:06:12:83:
2d:33:6d:4f:2e:11:12:bd:be:c8:94:a7:d7:2d:9e:
45:b3:e1:be:3d:35:83:44:5e:18:ed:91:d3:61:34:
a7:b0:22:d6:59:db:29:60:2a:74:4b:c6:82:c8:85:
40:bc:cb:ee:be:fa:26:3b:8a:18:a0:f4:01:d5:fb:
33:b8:ac:0f:ea:23:c6:e3:bf:cb:b1:de:a4:57:76:
5e:44:a0:d5:7c:53:95:ec:16:8c:ed:87:bf:23:30:
6b:b2:a1:3a:76:8a:3b:b3:af:c7:1b:57:e4:cd:15:
0d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F3:6E:66:DB:A9:3B:DC:70:8F:79:24:BC:A7:04:1F:59:51:1F:44
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IvNuZtupO9xwj3kkvKcEH1lRH0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.136.0/22
89.213.143.0/24
89.213.147.0-89.213.159.255
89.213.172.0/22
89.213.180.0/23
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:9e:88:51:e8:8f:88:65:8b:80:52:82:a5:f9:ff:17:ff:cf:
c0:8e:13:83:ec:05:05:4e:79:41:3f:e2:a1:ba:76:b4:db:54:
e2:63:4d:3a:f9:31:46:33:31:64:ca:e6:5e:c5:24:ef:15:85:
c1:d9:dc:a6:a9:70:17:15:bc:25:18:50:bf:fb:43:34:54:15:
9c:fc:56:f8:d0:92:69:4a:12:e9:9b:55:c8:70:a8:80:bc:dd:
9a:b2:8c:25:8b:06:76:bb:8e:5b:24:cd:35:83:6b:ac:f6:c9:
c2:65:2d:4c:83:04:bc:25:88:bd:de:8b:c1:78:63:5b:ad:71:
04:6f:7d:50:d1:56:75:16:82:9d:17:0e:5b:ed:9a:28:74:4b:
58:f6:bd:e5:f9:c5:97:8e:22:6d:5a:2b:7e:56:49:df:a1:8e:
23:79:bd:80:1b:81:bb:1b:e9:86:a6:9d:1f:12:d7:bf:d8:4e:
6d:fa:7b:46:98:1f:80:ea:ee:28:e7:39:7f:3c:e2:b2:6c:63:
9d:b4:07:dd:22:ce:48:c8:27:ec:e0:24:11:1f:c0:45:bc:3b:
f9:93:41:fa:5f:ef:6d:78:29:37:3b:d8:5c:2c:86:5c:f4:22:
c4:01:b6:46:f0:91:0b:e0:17:ca:19:d7:fd:42:0f:9b:cf:0f:
fa:70:b8:79
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYy2ppGfLSAkgRurG2mkI7y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI5MTczNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmYzNmU2NmRiYTkzYmRjNzA4Zjc5MjRiY2E3MDQxZjU5NTExZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidJHf1KbtTQo+vQrkNdFyTwWcJXn
8kicx7REh9wwT9PJVgI07aYzRLaCsfmD8PL4nV2ceQ92oYjVld14ZmctCVBvlxYk
OvAx8stSKJUT5aWD/hceLBBUJTTukML+xSlpfnohTXWjCP2z1Oemky7b2C0R8RZX
xg8E0m4x/AJ6z+rKep7AHtlAvQHnaPT+gsK+hmIGEoMtM21PLhESvb7IlKfXLZ5F
s+G+PTWDRF4Y7ZHTYTSnsCLWWdspYCp0S8aCyIVAvMvuvvomO4oYoPQB1fszuKwP
6iPG47/Lsd6kV3ZeRKDVfFOV7BaM7Ye/IzBrsqE6doo7s6/HG1fkzRUNbwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCLzbmbbqTvccI95JLynBB9ZUR9EMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSXZOdVp0dXBPOXh3ajNra3ZLY0VIMWxSSDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAUah3AwQC
UpmIAwQAWdWPMAwDBABZ1ZMDBAVZ1YADBAJZ1awDBAFZ1bQDBAG5MX4DBADVmCow
DQYJKoZIhvcNAQELBQADggEBAE+eiFHoj4hli4BSgqX5/xf/z8COE4PsBQVOeUE/
4qG6drTbVOJjTTr5MUYzMWTK5l7FJO8VhcHZ3KapcBcVvCUYUL/7QzRUFZz8VvjQ
kmlKEumbVchwqIC83ZqyjCWLBna7jlskzTWDa6z2ycJlLUyDBLwliL3ei8F4Y1ut
cQRvfVDRVnUWgp0XDlvtmih0S1j2veX5xZeOIm1aK35WSd+hjiN5vYAbgbsb6Yam
nR8S17/YTm36e0aYH4Dq7ijnOX884rJsY520B90izkjIJ+zgJBEfwEW8O/mTQfpf
7214KTc72Fwshlz0IsQBtkbwkQvgF8oZ1/1CD5vPD/pwuHk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:15 2024 by rpki-client on console-fra.rpki-client.org