Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fOspGP0L5QNppCnZ_-sI7Rn93Mk.roa
File: fOspGP0L5QNppCnZ_-sI7Rn93Mk.roa (raw, json)
Hash identifier: aNHd9mbFWSAx8yWZsPVltdxD9YI5xHXeWbt+Q32OfBs=
Subject key identifier: 7C:EB:29:18:FD:0B:E5:03:69:A4:29:D9:FF:EB:08:ED:19:FD:DC:C9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C7DE19A3BC209E9115499C0C6D5A07C27
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fOspGP0L5QNppCnZ_-sI7Rn93Mk.roa
Signing time: Mon 18 Dec 2023 17:03:06 +0000
ROA not before: Mon 18 Dec 2023 17:03:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.180.0/22 maxlen: 24
89.213.182.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 08:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:e1:9a:3b:c2:09:e9:11:54:99:c0:c6:d5:a0:7c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 18 17:03:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ceb2918fd0be50369a429d9ffeb08ed19fddcc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:60:b0:f9:bc:40:c2:6a:10:06:8d:d3:8c:22:
60:4b:e2:3e:d0:f4:09:b7:bf:3e:ec:4f:a5:04:a3:
38:00:5d:54:d6:94:09:b0:d1:06:6e:42:8b:37:db:
9b:6d:06:9e:7b:3c:0e:f8:48:4f:8b:6c:ea:1b:dc:
ca:ec:37:b9:67:84:34:6b:e0:37:42:db:5e:c6:36:
d8:b7:88:39:34:00:d5:c7:86:9c:87:73:2a:90:f7:
b5:6d:b9:7d:83:7f:1c:10:b4:b7:3f:0c:cd:d1:e9:
48:1a:1b:30:05:05:d3:00:2e:ee:bd:54:97:c9:ba:
9b:c4:95:f2:10:07:64:57:eb:9b:9c:6a:35:15:bc:
14:7b:4b:67:7b:98:63:7e:61:80:b2:14:a9:58:f9:
22:a5:69:bd:fe:26:89:18:1a:f9:d2:dd:86:30:18:
f2:3a:6f:b3:4e:7d:ff:7a:13:1d:58:0f:68:b7:e6:
87:45:60:95:8d:fc:b8:b6:53:17:f1:ea:57:d0:78:
4d:58:76:e6:93:a8:e8:22:3b:31:64:88:db:d4:84:
f2:a8:27:26:61:eb:96:fc:74:60:81:6f:f1:53:76:
41:6d:4b:9f:66:d7:ea:82:90:f6:10:32:51:77:94:
0a:c4:08:57:bd:80:d2:c0:7b:64:07:14:c7:4a:c7:
d2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:EB:29:18:FD:0B:E5:03:69:A4:29:D9:FF:EB:08:ED:19:FD:DC:C9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fOspGP0L5QNppCnZ_-sI7Rn93Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.126.0/24
82.153.136.0/22
82.153.246.0/24
89.213.148.0-89.213.159.255
89.213.172.0-89.213.177.255
89.213.180.0/22
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
88:48:7f:dc:32:a5:c3:a2:ad:4f:9a:c7:5f:15:0f:ec:f8:d5:
d8:8b:71:e7:f6:bb:89:bf:2d:18:b9:a6:4a:38:3d:af:1b:40:
99:32:c7:e9:1a:5b:81:97:75:57:34:0b:c8:20:e3:c7:41:36:
76:fc:ec:f9:9b:ac:46:4e:ef:8e:7e:09:01:1e:d8:51:18:3a:
20:cd:21:49:5a:de:19:7c:74:4d:01:77:d9:89:1d:0a:ca:4e:
7c:90:fe:92:f1:dd:1e:36:23:01:86:ab:d3:31:8a:1f:d3:85:
9c:8a:21:d0:19:f5:a5:4e:a3:18:3f:f9:c8:12:76:72:27:9e:
06:76:e0:e4:1c:04:ff:56:ef:ca:ea:0b:21:79:61:a3:25:2b:
2b:b3:ac:03:80:c7:9e:6d:86:25:bc:6b:49:eb:23:2f:70:ec:
4a:cc:8e:24:93:32:00:22:d4:b7:26:68:79:7b:18:55:d5:26:
16:1a:c0:65:fe:ed:6c:3a:ae:da:74:97:3e:44:18:9a:eb:94:
84:01:f9:a8:83:f2:d6:bc:76:91:d5:51:4c:a0:c7:8c:68:85:
4b:0f:d7:db:77:55:f2:04:7b:4b:bd:89:94:87:0d:2f:2b:26:
73:84:a6:a9:57:90:ed:f3:1c:f6:90:fe:19:ac:42:92:88:28:
2e:cd:0a:ea
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYx94Zo7wgnpEVSZwMbVoHwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjE4MTcwMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2ViMjkxOGZkMGJlNTAzNjlhNDI5ZDlmZmViMDhlZDE5ZmRkY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmCw+bxAwmoQBo3TjCJgS+I+0PQJ
t78+7E+lBKM4AF1U1pQJsNEGbkKLN9ubbQaeezwO+EhPi2zqG9zK7De5Z4Q0a+A3
QttexjbYt4g5NADVx4ach3MqkPe1bbl9g38cELS3PwzN0elIGhswBQXTAC7uvVSX
ybqbxJXyEAdkV+ubnGo1FbwUe0tne5hjfmGAshSpWPkipWm9/iaJGBr50t2GMBjy
Om+zTn3/ehMdWA9ot+aHRWCVjfy4tlMX8epX0HhNWHbmk6joIjsxZIjb1ITyqCcm
YeuW/HRggW/xU3ZBbUufZtfqgpD2EDJRd5QKxAhXvYDSwHtkBxTHSsfS1wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHzrKRj9C+UDaaQp2f/rCO0Z/dzJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZk9zcEdQMEw1UU5wcENuWl8tc0k3Um45M01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAUah3AwQA
Uah+AwQCUpmIAwQAUpn2MAwDBAJZ1ZQDBAVZ1YAwDAMEAlnVrAMEAVnVsAMEAlnV
tAMEAbkxfgMEANWYKjANBgkqhkiG9w0BAQsFAAOCAQEAiEh/3DKlw6KtT5rHXxUP
7PjV2Itx5/a7ib8tGLmmSjg9rxtAmTLH6RpbgZd1VzQLyCDjx0E2dvzs+ZusRk7v
jn4JAR7YURg6IM0hSVreGXx0TQF32YkdCspOfJD+kvHdHjYjAYar0zGKH9OFnIoh
0Bn1pU6jGD/5yBJ2cieeBnbg5BwE/1bvyuoLIXlhoyUrK7OsA4DHnm2GJbxrSesj
L3DsSsyOJJMyACLUtyZoeXsYVdUmFhrAZf7tbDqu2nSXPkQYmuuUhAH5qIPy1rx2
kdVRTKDHjGiFSw/X23dV8gR7S72JlIcNLysmc4SmqVeQ7fMc9pD+GaxCkogoLs0K
6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:30 2024 by rpki-client on console-ams.rpki-client.org