Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sIkNmTA43wDx8wNROKTY7Sr-jW4.roa
File: sIkNmTA43wDx8wNROKTY7Sr-jW4.roa (raw, json)
Hash identifier: Bc4gx5y2Wf6lpa/gkcWV5HAAbjoiBt4dNxL5PA1NQYE=
Subject key identifier: B0:89:0D:99:30:38:DF:00:F1:F3:03:51:38:A4:D8:ED:2A:FE:8D:6E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C60976F1B686C938179E77915CF4B0E18
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sIkNmTA43wDx8wNROKTY7Sr-jW4.roa
Signing time: Wed 13 Dec 2023 00:33:06 +0000
ROA not before: Wed 13 Dec 2023 00:33:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.153.136.0/22 maxlen: 22
81.168.119.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
89.213.180.0/22 maxlen: 24
89.213.182.0/23 maxlen: 24
185.49.126.0/23 maxlen: 24
89.213.180.0/24 maxlen: 24
82.153.246.0/24 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
213.152.42.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Dec 2023 09:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:97:6f:1b:68:6c:93:81:79:e7:79:15:cf:4b:0e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 13 00:33:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b0890d993038df00f1f3035138a4d8ed2afe8d6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2a:99:a1:4c:36:1f:ad:fe:6a:8f:ec:44:0c:
74:a4:43:b5:04:65:2e:2c:57:86:fe:05:e5:61:53:
08:1e:b8:0a:8a:47:f3:a7:5a:86:6c:d1:2e:7f:60:
e1:9c:a7:03:3d:26:73:b9:26:43:8f:ba:23:d6:6b:
cc:f0:14:2c:c6:06:c1:76:38:4d:17:34:00:3c:e5:
30:88:ae:d5:ca:ba:81:a8:11:7e:29:d9:ef:b1:ee:
98:1d:8f:4b:7c:1e:27:04:28:29:30:a9:79:ad:fc:
c3:eb:01:ee:16:7f:b4:fc:7d:70:f3:75:9e:43:e7:
b8:dd:b3:41:cb:48:ca:bd:be:05:43:3c:e0:d8:7b:
6e:aa:95:f9:74:b7:b6:92:bd:bb:60:a1:56:49:e4:
ce:75:a8:5e:0a:59:da:b2:3e:49:40:82:fd:d1:ee:
0c:31:f2:76:55:f3:0b:7f:7c:70:6d:9b:c1:fa:f8:
85:90:22:4e:97:b0:18:49:95:7d:3d:c9:2e:fb:1c:
96:d8:55:de:52:47:64:be:f5:01:d6:39:77:ad:c3:
77:48:0d:17:cc:9d:f3:30:92:aa:26:1d:52:47:0f:
4d:07:37:3d:16:b7:ea:f0:94:e9:4f:23:2b:d2:76:
d4:00:ec:b7:85:ae:49:ac:db:30:af:c5:fc:31:64:
7e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:89:0D:99:30:38:DF:00:F1:F3:03:51:38:A4:D8:ED:2A:FE:8D:6E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sIkNmTA43wDx8wNROKTY7Sr-jW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.136.0/22
82.153.246.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/22
109.176.253.0/24
185.49.126.0/23
213.152.42.0/24
Signature Algorithm: sha256WithRSAEncryption
65:10:5f:b3:c9:00:c0:cb:14:28:27:e0:4a:b6:dd:06:4a:fb:
82:95:00:7e:72:59:e0:ac:47:e7:8b:8f:e5:67:df:6c:d0:88:
73:f7:a8:23:34:3b:ce:25:6c:16:31:b1:b5:be:5c:ec:e4:63:
87:d0:d8:8f:13:13:dc:7d:33:24:0e:e2:25:b2:a9:9d:cf:04:
6f:d9:7e:9c:8f:79:f2:a7:39:0b:7c:82:1e:50:b5:e5:06:e9:
88:32:61:da:69:4c:28:ba:e3:0c:a9:57:95:ee:46:2d:5c:e8:
eb:08:35:2a:60:fb:d0:af:54:9b:dd:4d:8f:73:27:62:0b:37:
08:24:ac:9a:21:b2:6c:69:a4:a2:46:28:6f:ee:83:66:7c:08:
7a:55:7c:1c:af:ef:87:08:32:22:84:e8:80:56:0d:65:49:91:
ff:eb:a6:cd:2b:39:b5:70:b5:ba:f6:8b:93:ab:09:2d:2d:9e:
14:a4:ed:dc:37:01:ce:76:74:7a:ae:a1:44:33:f5:39:1a:85:
8f:64:2f:69:5f:a8:a3:85:7b:36:fc:f6:68:70:71:49:bb:69:
1f:91:eb:ed:00:a6:e9:43:61:50:2d:b1:cc:94:b3:9f:eb:5f:
a0:9b:27:93:ac:c7:db:8b:55:3c:de:07:9b:b9:72:58:35:35:
98:3b:b2:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYxgl28baGyTgXnneRXPSw4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjEzMDAzMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDg5MGQ5OTMwMzhkZjAwZjFmMzAzNTEzOGE0ZDhlZDJhZmU4ZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiqZoUw2H63+ao/sRAx0pEO1BGUu
LFeG/gXlYVMIHrgKikfzp1qGbNEuf2DhnKcDPSZzuSZDj7oj1mvM8BQsxgbBdjhN
FzQAPOUwiK7VyrqBqBF+Kdnvse6YHY9LfB4nBCgpMKl5rfzD6wHuFn+0/H1w83We
Q+e43bNBy0jKvb4FQzzg2HtuqpX5dLe2kr27YKFWSeTOdaheClnasj5JQIL90e4M
MfJ2VfMLf3xwbZvB+viFkCJOl7AYSZV9Pcku+xyW2FXeUkdkvvUB1jl3rcN3SA0X
zJ3zMJKqJh1SRw9NBzc9Frfq8JTpTyMr0nbUAOy3ha5JrNswr8X8MWR+jwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFLCJDZkwON8A8fMDUTik2O0q/o1uMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0lrTm1UQTQzd0R4OHdOUk9LVFk3U3Italc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAUah3AwQC
UpmIAwQAUpn2MAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBAJZ1bQDBABtsP0DBAG5MX4D
BADVmCowDQYJKoZIhvcNAQELBQADggEBAGUQX7PJAMDLFCgn4Eq23QZK+4KVAH5y
WeCsR+eLj+Vn32zQiHP3qCM0O84lbBYxsbW+XOzkY4fQ2I8TE9x9MyQO4iWyqZ3P
BG/ZfpyPefKnOQt8gh5QteUG6YgyYdppTCi64wypV5XuRi1c6OsINSpg+9CvVJvd
TY9zJ2ILNwgkrJohsmxppKJGKG/ug2Z8CHpVfByv74cIMiKE6IBWDWVJkf/rps0r
ObVwtbr2i5OrCS0tnhSk7dw3Ac52dHquoUQz9TkahY9kL2lfqKOFezb89mhwcUm7
aR+R6+0ApulDYVAtscyUs5/rX6CbJ5Osx9uLVTzeB5u5clg1NZg7shc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org