Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ch6-txFvGOsOh_DdCPWB6pFiiSc.roa
File: ch6-txFvGOsOh_DdCPWB6pFiiSc.roa (raw, json)
Hash identifier: qMJeJkqFItb8Mrq+axQbpVuU+1ifLANRUsHtOVXvJcs=
Subject key identifier: 72:1E:BE:B7:11:6F:18:EB:0E:87:F0:DD:08:F5:81:EA:91:62:89:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FA078CF17C5510D5E43DBA16B1D5F6C53
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ch6-txFvGOsOh_DdCPWB6pFiiSc.roa
Signing time: Wed 22 May 2024 13:23:42 +0000
ROA not before: Wed 22 May 2024 13:23:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.152.176.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
89.213.98.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.238.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 07:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:78:cf:17:c5:51:0d:5e:43:db:a1:6b:1d:5f:6c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 13:23:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=721ebeb7116f18eb0e87f0dd08f581ea91628927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:fb:d5:51:f5:53:19:8e:a0:a8:03:d3:9c:
29:a8:55:5d:8f:68:5e:b1:22:c5:26:6d:f2:f6:6e:
f5:10:cb:de:bf:6d:35:b5:96:d9:22:f7:38:41:f2:
31:3d:5e:0b:af:ba:97:c9:24:9a:41:8e:ea:e3:bc:
71:a9:b8:6d:12:64:20:39:11:32:2b:5d:66:78:46:
18:e3:5b:7d:9d:ac:59:bc:4b:20:e2:d6:94:4f:48:
dc:51:1d:71:67:ca:0c:ed:60:0b:fe:e0:62:9d:d0:
22:8a:c8:a4:89:a9:f2:6e:5d:82:9f:8b:52:78:7e:
93:d4:c6:6e:b7:50:8b:d4:0e:b7:14:7c:81:07:89:
49:0b:c2:1c:ce:85:5f:21:10:78:cf:bf:2a:4f:44:
51:fd:f3:50:d8:be:30:80:52:9e:de:32:c7:36:da:
db:00:63:51:e3:d6:60:43:ea:39:ad:9e:89:cd:41:
f0:20:9e:8a:7b:86:b9:b1:68:83:dc:37:26:58:b7:
f0:13:19:a6:df:30:b6:77:1f:55:b6:b4:23:4f:23:
20:bd:c5:69:73:f7:7b:9f:d3:71:7a:d9:ac:a6:1a:
09:28:cb:2c:9b:46:71:39:a5:7f:67:01:5a:b6:e5:
20:ad:2d:1a:c6:7e:17:e7:b2:83:64:89:2b:c5:30:
c5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:1E:BE:B7:11:6F:18:EB:0E:87:F0:DD:08:F5:81:EA:91:62:89:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ch6-txFvGOsOh_DdCPWB6pFiiSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
89.213.98.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.196.0-89.213.207.255
89.213.232.0/21
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
213.130.130.0/24
213.130.149.0/24
213.218.210.0/23
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:8a:f4:29:de:19:22:0b:d9:f0:ce:86:af:7d:c5:10:a1:04:
ad:26:a7:2b:45:8a:13:21:da:54:cd:39:91:fc:c3:70:c4:8b:
11:4b:00:bd:70:05:f8:46:8e:61:20:1d:2f:35:e0:2d:65:75:
f3:5a:79:f1:cc:4a:cc:7a:f3:d7:42:3e:6b:9d:64:fd:1f:58:
e1:22:75:cf:3d:4d:1c:ef:e8:59:bb:1c:f3:c3:be:b7:e4:67:
a8:6b:fe:3a:20:78:57:9e:73:41:a3:46:78:4b:46:40:53:c5:
d7:d1:b1:ee:18:d4:a0:19:b9:29:bd:09:c7:3a:e8:2f:2b:e9:
6c:c7:22:84:eb:81:0a:d3:7d:42:18:d2:cb:bd:ca:bb:ae:65:
7f:e6:ac:d5:6c:46:f5:bb:e7:6e:b5:c3:64:94:b9:4c:36:73:
66:c7:59:0c:07:8a:98:1c:64:bd:af:70:cb:b8:12:4d:61:5b:
02:01:27:61:60:bb:2b:08:92:f2:fd:ba:10:67:d9:64:0b:71:
d3:ed:b3:07:ef:d6:7e:fd:c9:c7:c0:89:fd:20:46:73:36:01:
cc:d6:05:52:29:a1:ac:94:c4:a6:b3:0e:87:bf:88:a7:60:53:
e4:20:78:0a:a0:26:a6:89:ec:f1:c6:79:d6:dd:34:64:07:0b:
eb:4e:38:ad
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY+geM8XxVENXkPboWsdX2xTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIyMTMyMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjFlYmViNzExNmYxOGViMGU4N2YwZGQwOGY1ODFlYTkxNjI4OTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxT71VH1UxmOoKgD05wpqFVdj2he
sSLFJm3y9m71EMvev201tZbZIvc4QfIxPV4Lr7qXySSaQY7q47xxqbhtEmQgOREy
K11meEYY41t9naxZvEsg4taUT0jcUR1xZ8oM7WAL/uBindAiisikianybl2Cn4tS
eH6T1MZut1CL1A63FHyBB4lJC8IczoVfIRB4z78qT0RR/fNQ2L4wgFKe3jLHNtrb
AGNR49ZgQ+o5rZ6JzUHwIJ6Ke4a5sWiD3DcmWLfwExmm3zC2dx9VtrQjTyMgvcVp
c/d7n9NxetmsphoJKMssm0ZxOaV/ZwFatuUgrS0axn4X57KDZIkrxTDFVQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFHIevrcRbxjrDofw3Qj1geqRYoknMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY2g2LXR4RnZHT3NPaF9EZENQV0I2cEZpaVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBUpiwAwQC
UpmIAwQAWdViMAwDBAJZ1ZQDBAVZ1YADBAJZ1awwDAMEAlnVxAMEBFnVwAMEA1nV
6AMEA22wEAMEAbkxfgMEBMJpUAMEANWCggMEANWClQMEAdXa0gMEANXa5zANBgkq
hkiG9w0BAQsFAAOCAQEAjYr0Kd4ZIgvZ8M6Gr33FEKEErSanK0WKEyHaVM05kfzD
cMSLEUsAvXAF+EaOYSAdLzXgLWV181p58cxKzHrz10I+a51k/R9Y4SJ1zz1NHO/o
Wbsc88O+t+RnqGv+OiB4V55zQaNGeEtGQFPF19Gx7hjUoBm5Kb0JxzroLyvpbMci
hOuBCtN9QhjSy73Ku65lf+as1WxG9bvnbrXDZJS5TDZzZsdZDAeKmBxkva9wy7gS
TWFbAgEnYWC7KwiS8v26EGfZZAtx0+2zB+/Wfv3Jx8CJ/SBGczYBzNYFUimhrJTE
prMOh7+Ip2BT5CB4CqAmpons8cZ51t00ZAcL6044rQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org