Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/J5Rtn7b7Ufk--PIuxXrmHeqRFxE.roa
File: J5Rtn7b7Ufk--PIuxXrmHeqRFxE.roa (raw, json)
Hash identifier: nrfSAZap+wvBuZs7NkQ+fqnlTSIiM8ry3VEIx3TzIKw=
Subject key identifier: 27:94:6D:9F:B6:FB:51:F9:3E:F8:F2:2E:C5:7A:E6:1D:EA:91:17:11
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0191FAFF1D480C9741FD7D916D879182C23D
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/J5Rtn7b7Ufk--PIuxXrmHeqRFxE.roa
Signing time: Mon 16 Sep 2024 13:21:48 +0000
ROA not before: Mon 16 Sep 2024 13:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 195.216.160.0/24 maxlen: 24
195.216.161.0/24 maxlen: 24
213.182.201.0/24 maxlen: 24
213.182.212.0/24 maxlen: 24
213.182.213.0/24 maxlen: 24
213.182.214.0/24 maxlen: 24
213.182.215.0/24 maxlen: 24
213.182.221.0/24 maxlen: 24
213.182.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 07:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:ff:1d:48:0c:97:41:fd:7d:91:6d:87:91:82:c2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 16 13:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27946d9fb6fb51f93ef8f22ec57ae61dea911711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:60:70:dc:78:d4:a6:22:1d:8a:dc:d3:77:2a:
0d:2b:d0:b0:dc:1f:71:e3:2b:d3:93:37:24:12:4f:
d2:c7:a9:f9:88:bc:42:94:dd:da:df:48:87:4a:31:
2f:16:15:26:35:71:76:61:a8:cb:aa:5e:f4:20:35:
03:e7:8b:41:60:c5:69:6a:ba:d2:9f:4c:9d:f3:59:
c2:09:85:29:50:ab:f5:18:6f:c0:07:06:e8:87:d9:
d0:a9:4c:e0:7f:8d:ff:0e:da:53:21:db:81:3e:0d:
b4:c3:a7:40:41:f1:e4:37:35:2f:aa:ad:67:3b:59:
a4:b0:0d:88:08:e9:4f:c4:0b:ed:21:79:7a:a5:d4:
31:a3:80:87:a3:31:6f:89:7c:d1:5a:06:09:7a:3c:
26:f5:ba:bd:8f:5d:3a:23:8e:df:bc:53:51:c3:ba:
3c:64:a1:cb:be:a9:c9:32:e7:00:e3:e1:42:9d:ae:
f1:0a:b2:8c:67:ef:e2:7e:10:81:eb:7a:36:58:31:
87:f5:3c:f5:30:b5:4e:2c:92:0c:c1:c5:fb:f7:9f:
44:66:01:ec:fd:75:3d:ed:cb:6b:7f:53:9a:28:80:
3a:bb:c6:0b:ef:a9:c6:62:e9:fd:5a:ac:41:9a:6d:
ee:5b:79:88:17:c3:43:d3:58:8c:70:d0:0b:91:81:
39:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:94:6D:9F:B6:FB:51:F9:3E:F8:F2:2E:C5:7A:E6:1D:EA:91:17:11
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/J5Rtn7b7Ufk--PIuxXrmHeqRFxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.160.0/23
213.182.201.0/24
213.182.212.0/22
213.182.221.0-213.182.222.255
Signature Algorithm: sha256WithRSAEncryption
82:1d:8e:99:f3:c1:c1:c5:a7:7b:b6:58:6e:cb:f2:e0:ba:08:
81:17:4a:c5:3b:60:6f:c8:af:ed:e7:46:cf:2f:d5:25:4c:9d:
a2:da:b4:12:5f:e3:65:92:83:20:d6:81:11:6c:6c:4d:c6:81:
d1:f0:43:0a:ab:09:59:ba:92:d8:23:05:9b:7f:97:b1:31:93:
ac:20:0f:b2:aa:73:18:45:bc:8d:22:53:bd:91:3f:bd:20:e7:
12:17:c3:28:d1:d5:6c:b3:cc:fe:6e:3f:fa:11:ba:dc:e5:99:
1f:cb:a2:3a:b9:8d:59:cf:d9:1c:a1:b1:fb:4f:d7:d4:4e:82:
0b:2f:0e:67:3a:23:c1:3c:da:87:24:b6:99:7d:33:d4:4b:1c:
01:bf:09:57:7a:01:57:5e:e4:a0:f5:ae:4d:e6:a9:46:e6:e6:
bd:93:0a:f6:e0:8a:60:30:0a:fa:6d:6c:51:f8:45:3d:4b:da:
00:f0:29:b4:64:28:e6:f5:cc:bf:ad:f3:16:d6:b1:a4:f6:30:
93:9f:b4:40:e3:d0:45:e3:b9:29:04:6e:88:58:52:6c:02:6e:
68:e6:f3:73:57:e3:5f:62:fb:a4:af:e9:b0:fc:61:18:9e:f5:
93:aa:56:b6:56:b6:30:35:c6:35:3a:4d:83:f5:8e:31:fd:b3:
5c:47:49:53
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZH6/x1IDJdB/X2RbYeRgsI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTE2MTMyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzk0NmQ5ZmI2ZmI1MWY5M2VmOGYyMmVjNTdhZTYxZGVhOTExNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmBw3HjUpiIditzTdyoNK9Cw3B9x
4yvTkzckEk/Sx6n5iLxClN3a30iHSjEvFhUmNXF2YajLql70IDUD54tBYMVparrS
n0yd81nCCYUpUKv1GG/ABwboh9nQqUzgf43/DtpTIduBPg20w6dAQfHkNzUvqq1n
O1mksA2ICOlPxAvtIXl6pdQxo4CHozFviXzRWgYJejwm9bq9j106I47fvFNRw7o8
ZKHLvqnJMucA4+FCna7xCrKMZ+/ifhCB63o2WDGH9Tz1MLVOLJIMwcX7959EZgHs
/XU97ctrf1OaKIA6u8YL76nGYun9WqxBmm3uW3mIF8ND01iMcNALkYE5/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCeUbZ+2+1H5PvjyLsV65h3qkRcRMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvSjVSdG43YjdVZmstLVBJdXhYcm1IZXFSRnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBw9igAwQA
1bbJAwQC1bbUMAwDBADVtt0DBADVtt4wDQYJKoZIhvcNAQELBQADggEBAIIdjpnz
wcHFp3u2WG7L8uC6CIEXSsU7YG/Ir+3nRs8v1SVMnaLatBJf42WSgyDWgRFsbE3G
gdHwQwqrCVm6ktgjBZt/l7Exk6wgD7KqcxhFvI0iU72RP70g5xIXwyjR1WyzzP5u
P/oRutzlmR/Lojq5jVnP2RyhsftP19ROggsvDmc6I8E82ocktpl9M9RLHAG/CVd6
AVde5KD1rk3mqUbm5r2TCvbgimAwCvptbFH4RT1L2gDwKbRkKOb1zL+t8xbWsaT2
MJOftEDj0EXjuSkEbohYUmwCbmjm83NX419i+6Sv6bD8YRie9ZOqVrZWtjA1xjU6
TYP1jjH9s1xHSVM=
-----END CERTIFICATE-----
Generated at Wed Sep 18 09:18:33 2024 by rpki-client on console-fra.rpki-client.org