Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t6CDp69oZ3vM2q4WDkiqT5Y337c.roa
File: t6CDp69oZ3vM2q4WDkiqT5Y337c.roa (raw, json)
Hash identifier: Us6VqMJ7bJkeOyR72s+6imKJT2DroCsvO3HNCS2BOpM=
Subject key identifier: B7:A0:83:A7:AF:68:67:7B:CC:DA:AE:16:0E:48:AA:4F:96:37:DF:B7
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F304215DA980694D81BFD66422D62CC2F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t6CDp69oZ3vM2q4WDkiqT5Y337c.roa
Signing time: Tue 30 Apr 2024 18:26:28 +0000
ROA not before: Tue 30 Apr 2024 18:26:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 82.152.176.0/23 maxlen: 23
82.153.136.0/22 maxlen: 22
82.153.245.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.148.0/22 maxlen: 24
89.213.152.0/22 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.180.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
185.49.126.0/23 maxlen: 24
194.105.80.0/20 maxlen: 20
213.130.149.0/24 maxlen: 24
213.218.209.0/24 maxlen: 24
213.218.210.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 May 2024 07:34:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:42:15:da:98:06:94:d8:1b:fd:66:42:2d:62:cc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 18:26:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7a083a7af68677bccdaae160e48aa4f9637dfb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ad:73:55:50:b9:17:4d:31:84:37:95:f7:d8:
73:62:9e:6f:1c:94:78:7d:84:ac:85:1c:54:3d:8f:
c0:e3:88:98:06:f4:a6:b1:a5:8d:40:1a:38:0e:40:
99:a5:4a:b6:50:39:ff:b3:7e:7c:f6:ba:0a:26:96:
ce:8a:85:73:36:2d:9c:fb:a8:eb:eb:b7:a2:16:5f:
e4:46:b1:c4:13:1e:23:64:4f:dd:10:d9:99:d5:04:
8b:7d:84:3b:b4:85:a3:d0:3a:c1:e2:5c:45:7a:14:
a7:2e:2d:80:45:b7:68:19:b3:23:c0:d0:0e:fb:2b:
cb:cb:98:e6:aa:8b:1f:8a:1c:38:ac:19:14:56:4f:
fa:84:3d:0d:5c:40:03:a0:d6:7a:c5:f0:40:54:b7:
38:7e:0d:3c:ed:59:45:2b:8f:1a:02:8b:0c:70:0e:
e6:78:d6:6e:d2:c9:80:03:eb:7b:ff:b7:6b:f9:0d:
6d:d8:5d:27:0e:37:a5:34:e2:80:5b:28:75:3a:c1:
fb:c9:02:5a:14:f8:e9:96:89:4a:58:3e:14:91:80:
b0:53:4f:07:9d:37:26:e5:5a:2f:d6:b7:61:cc:aa:
27:c8:c6:9a:f1:7d:6e:f4:1d:17:a4:6f:f1:0b:1f:
71:33:8d:79:26:c1:54:2c:ce:9e:56:50:5a:2f:85:
0c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:A0:83:A7:AF:68:67:7B:CC:DA:AE:16:0E:48:AA:4F:96:37:DF:B7
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t6CDp69oZ3vM2q4WDkiqT5Y337c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.136.0/22
82.153.245.0/24
89.213.133.0/24
89.213.148.0-89.213.159.255
89.213.172.0/22
89.213.180.0/24
109.176.16.0/21
185.49.126.0/23
194.105.80.0/20
213.130.149.0/24
213.218.209.0-213.218.211.255
213.218.213.0/24
213.218.234.0/24
Signature Algorithm: sha256WithRSAEncryption
87:59:16:5d:2b:55:d5:d8:cb:6d:fb:92:87:27:72:fa:b4:be:
0b:56:cc:20:57:f0:f5:45:15:fa:ad:1d:d2:c7:f0:da:82:77:
ee:fa:05:51:11:9f:31:f3:ed:8b:c7:8d:64:2c:39:96:52:19:
7b:2b:a7:26:1a:22:43:4d:ab:74:2e:19:d9:8a:02:8c:c4:94:
1c:1a:5e:9f:7d:e6:94:c8:18:85:9f:6a:9b:08:a8:86:31:99:
91:08:00:16:0b:ed:4a:ef:73:e0:6c:3a:fd:c8:f1:2d:fa:ce:
97:50:e3:22:2e:39:0d:0f:05:a7:e9:10:41:b8:2d:16:c0:59:
5b:00:2e:dd:6a:2f:2c:93:83:6f:6e:b2:e6:c6:03:37:f5:f3:
07:bd:b3:94:5b:0a:e1:77:f0:13:14:b9:c8:2c:e7:76:aa:6f:
40:91:bd:10:7a:4e:cf:86:03:d1:99:42:52:03:48:f5:05:85:
71:f1:a8:ab:98:d4:a2:e7:48:08:24:49:6f:d1:d9:3e:68:ff:
f7:7d:38:0a:6c:18:e0:7f:04:3e:2a:6f:98:16:fb:b4:ee:3d:
59:57:50:f0:50:d3:e4:6b:b5:65:97:6c:99:7b:b6:e2:fb:aa:
6a:3b:6d:18:34:11:29:cf:08:c9:21:85:3d:01:ab:64:d9:74:
f2:da:cb:71
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAY8wQhXamAaU2Bv9ZkItYswvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMTgyNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2EwODNhN2FmNjg2NzdiY2NkYWFlMTYwZTQ4YWE0Zjk2MzdkZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyK1zVVC5F00xhDeV99hzYp5vHJR4
fYSshRxUPY/A44iYBvSmsaWNQBo4DkCZpUq2UDn/s3589roKJpbOioVzNi2c+6jr
67eiFl/kRrHEEx4jZE/dENmZ1QSLfYQ7tIWj0DrB4lxFehSnLi2ARbdoGbMjwNAO
+yvLy5jmqosfihw4rBkUVk/6hD0NXEADoNZ6xfBAVLc4fg087VlFK48aAosMcA7m
eNZu0smAA+t7/7dr+Q1t2F0nDjelNOKAWyh1OsH7yQJaFPjplolKWD4UkYCwU08H
nTcm5Vov1rdhzKonyMaa8X1u9B0XpG/xCx9xM415JsFULM6eVlBaL4UMUwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFLegg6evaGd7zNquFg5Iqk+WN9+3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdDZDRHA2OW9aM3ZNMnE0V0RraXFUNVkzMzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQBUpiwAwQC
UpmIAwQAUpn1AwQAWdWFMAwDBAJZ1ZQDBAVZ1YADBAJZ1awDBABZ1bQDBANtsBAD
BAG5MX4DBATCaVADBADVgpUwDAMEANXa0QMEAtXa0AMEANXa1QMEANXa6jANBgkq
hkiG9w0BAQsFAAOCAQEAh1kWXStV1djLbfuShydy+rS+C1bMIFfw9UUV+q0d0sfw
2oJ37voFURGfMfPti8eNZCw5llIZeyunJhoiQ02rdC4Z2YoCjMSUHBpen33mlMgY
hZ9qmwiohjGZkQgAFgvtSu9z4Gw6/cjxLfrOl1DjIi45DQ8Fp+kQQbgtFsBZWwAu
3WovLJODb26y5sYDN/XzB72zlFsK4XfwExS5yCzndqpvQJG9EHpOz4YD0ZlCUgNI
9QWFcfGoq5jUoudICCRJb9HZPmj/9304CmwY4H8EPipvmBb7tO49WVdQ8FDT5Gu1
ZZdsmXu24vuqajttGDQRKc8IySGFPQGrZNl08trLcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org