Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u69U-mrz3zO7EmOgD31G3CyoMmM.roa
File: u69U-mrz3zO7EmOgD31G3CyoMmM.roa (raw, json)
Hash identifier: gCCaUKBL3oVFobHTyk/nOQoNSWfp/ZUjqs31EE5buJM=
Subject key identifier: BB:AF:54:FA:6A:F3:DF:33:BB:12:63:A0:0F:7D:46:DC:2C:A8:32:63
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018870D8ECE4EBB0ED3ADA1C10B68F7CBED4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u69U-mrz3zO7EmOgD31G3CyoMmM.roa
Signing time: Wed 31 May 2023 08:07:24 +0000
ROA not before: Wed 31 May 2023 08:07:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.248.0/24 maxlen: 24
82.153.249.0/24 maxlen: 24
82.153.64.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.249.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 May 2023 08:14:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:d8:ec:e4:eb:b0:ed:3a:da:1c:10:b6:8f:7c:be:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 31 08:07:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbaf54fa6af3df33bb1263a00f7d46dc2ca83263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1f:64:75:65:34:57:44:73:e8:1c:26:61:44:
ef:cd:21:4d:73:1f:e9:44:ed:ff:09:b5:a6:59:19:
20:ba:c6:ae:22:96:1a:ed:4b:9a:f7:48:cf:89:df:
eb:1f:a6:a6:72:97:91:81:cb:12:b5:b2:46:86:9e:
fb:06:cc:8b:f0:1c:9e:22:ef:a3:72:9d:5e:d1:ec:
05:81:8a:eb:75:31:5d:4b:9f:70:23:7d:92:e7:cf:
07:08:b2:99:a4:ea:31:68:3e:8a:7a:ab:f7:f2:b3:
79:1d:42:44:fd:24:a3:2f:d0:f8:9a:45:ad:da:fa:
ff:16:33:df:f2:8f:92:2c:2f:4a:78:85:06:17:cd:
3f:d0:b7:e0:30:ca:44:f7:f5:2c:e5:a0:fb:80:8c:
d7:b8:82:9f:4d:3c:3b:8f:3f:25:44:c0:7b:0a:16:
90:cb:54:c1:13:ae:04:1d:94:a3:ac:0f:bb:cf:69:
1e:18:d6:c5:30:52:2d:84:99:54:62:9e:c8:a3:3f:
08:33:ef:55:83:cb:70:24:9a:70:01:ec:b5:6e:c0:
1c:1c:67:f8:46:fd:08:83:d7:bf:b3:e9:9d:bd:5c:
9b:6b:61:0a:ec:62:d6:0c:45:17:05:31:32:13:e6:
f9:82:b5:6a:ba:06:83:d1:6c:ca:ad:73:77:12:dd:
da:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AF:54:FA:6A:F3:DF:33:BB:12:63:A0:0F:7D:46:DC:2C:A8:32:63
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u69U-mrz3zO7EmOgD31G3CyoMmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
81.168.123.0/24
82.152.174.0/23
82.152.249.0/24
82.152.251.0/24
82.152.253.0/24
82.152.255.0/24
82.153.64.0/24
82.153.73.0/24
82.153.222.0/24
82.153.248.0/23
Signature Algorithm: sha256WithRSAEncryption
57:48:e6:52:59:3f:5e:0d:86:f0:be:e5:df:18:05:84:ed:c9:
d5:ee:5e:79:1e:cd:0c:96:43:bd:90:5b:6a:f1:a9:27:11:2d:
b1:9d:ed:dc:a4:45:41:0a:cf:97:3d:aa:52:bf:57:35:57:93:
00:81:05:e4:64:9d:e5:80:dd:61:7d:7e:0e:7a:8a:b9:1a:18:
1a:8b:f7:62:77:be:c3:7f:d5:47:0c:19:ef:bd:5c:e9:2c:9b:
56:9b:a0:24:b0:0a:a4:b0:67:3a:36:bc:9c:dc:8e:26:e4:ae:
18:b6:a8:10:4d:99:19:c4:f7:89:2c:a2:4e:4b:be:d8:12:ca:
88:8d:ce:33:f3:64:f5:c1:32:c0:81:71:84:46:00:01:31:e2:
89:82:43:69:bb:b2:de:3e:ff:35:4a:a4:ad:ba:bb:81:a9:c5:
61:26:c5:b4:80:41:4c:88:af:b5:2c:4d:cc:76:27:2f:df:6b:
27:f3:0d:9a:6f:e1:03:a7:5d:74:84:9c:bf:d7:dc:89:6a:6d:
b3:c1:83:8e:61:95:b2:3f:19:96:1c:dd:12:04:c8:4b:8a:7b:
4f:99:58:62:bb:04:86:d8:66:a0:36:95:9d:75:ad:46:a5:77:
ff:bc:72:6f:6a:e2:7d:1d:35:e4:e4:ed:5f:a1:d8:89:53:70:
d6:7c:ce:e9
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYhw2Ozk67DtOtocELaPfL7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNTMxMDgwNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmFmNTRmYTZhZjNkZjMzYmIxMjYzYTAwZjdkNDZkYzJjYTgzMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB9kdWU0V0Rz6BwmYUTvzSFNcx/p
RO3/CbWmWRkgusauIpYa7Uua90jPid/rH6amcpeRgcsStbJGhp77BsyL8ByeIu+j
cp1e0ewFgYrrdTFdS59wI32S588HCLKZpOoxaD6Keqv38rN5HUJE/SSjL9D4mkWt
2vr/FjPf8o+SLC9KeIUGF80/0LfgMMpE9/Us5aD7gIzXuIKfTTw7jz8lRMB7ChaQ
y1TBE64EHZSjrA+7z2keGNbFMFIthJlUYp7Ioz8IM+9Vg8twJJpwAey1bsAcHGf4
Rv0Ig9e/s+mdvVyba2EK7GLWDEUXBTEyE+b5grVqugaD0WzKrXN3Et3aFQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLuvVPpq898zuxJjoA99RtwsqDJjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdTY5VS1tcnozek83RW1PZ0QzMUczQ3lvTW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUah3AwQA
Uah7AwQBUpiuAwQAUpj5AwQAUpj7AwQAUpj9AwQAUpj/AwQAUplAAwQAUplJAwQA
UpneAwQBUpn4MA0GCSqGSIb3DQEBCwUAA4IBAQBXSOZSWT9eDYbwvuXfGAWE7cnV
7l55Hs0MlkO9kFtq8aknES2xne3cpEVBCs+XPapSv1c1V5MAgQXkZJ3lgN1hfX4O
eoq5Ghgai/did77Df9VHDBnvvVzpLJtWm6AksAqksGc6Nryc3I4m5K4YtqgQTZkZ
xPeJLKJOS77YEsqIjc4z82T1wTLAgXGERgABMeKJgkNpu7LePv81SqSturuBqcVh
JsW0gEFMiK+1LE3Mdicv32sn8w2ab+EDp110hJy/19yJam2zwYOOYZWyPxmWHN0S
BMhLintPmVhiuwSG2GagNpWdda1GpXf/vHJvauJ9HTXk5O1fodiJU3DWfM7p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:18 2024 by rpki-client on console-fra.rpki-client.org