Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/v6MtOADSZCmhNQApzoFOWrzMqnU.roa
File: v6MtOADSZCmhNQApzoFOWrzMqnU.roa (raw, json)
Hash identifier: 5/liJkbvkbNeAMBGEIWNTjVVisIFOsI8TFZ99kCXDD0=
Subject key identifier: BF:A3:2D:38:00:D2:64:29:A1:35:00:29:CE:81:4E:5A:BC:CC:AA:75
Certificate issuer: /CN=c334a35abfa82d549e490704d68bbe658005d63c
Certificate serial: 018B91909E17A0609E4BB9ECD2230FCD1676
Authority key identifier: C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/v6MtOADSZCmhNQApzoFOWrzMqnU.roa
Signing time: Thu 02 Nov 2023 19:44:15 +0000
ROA not before: Thu 02 Nov 2023 19:44:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21371
IP address blocks: 80.69.0.0/19 maxlen: 19
89.187.96.0/19 maxlen: 19
185.2.164.0/22 maxlen: 22
37.46.0.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:91:90:9e:17:a0:60:9e:4b:b9:ec:d2:23:0f:cd:16:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c334a35abfa82d549e490704d68bbe658005d63c
Validity
Not Before: Nov 2 19:44:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfa32d3800d26429a1350029ce814e5abcccaa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:86:e0:d6:25:72:1e:8a:f7:c3:37:94:f7:3e:
76:67:d8:3d:52:5a:ce:ca:58:c8:ed:f0:04:6a:b8:
e1:bd:d1:f6:8c:80:1c:ef:35:43:e8:dc:8d:6c:59:
de:c8:49:56:0c:78:e4:f4:b7:39:50:73:9f:0b:9a:
99:3d:5e:23:85:b3:16:1c:49:e7:2b:cc:05:de:60:
8d:a5:b6:89:20:15:b0:84:1b:30:00:8f:5c:05:e8:
e7:56:50:49:71:4b:a3:eb:14:b6:f5:14:70:26:c1:
23:b3:d2:6b:bc:95:92:8a:b3:fd:ef:2a:bb:7f:e5:
f8:2a:5a:df:d5:96:e7:8b:61:03:ba:bd:3e:ce:53:
4b:14:e0:86:22:6d:60:c3:db:fc:99:ca:07:46:7c:
56:b3:60:f6:5b:b3:92:37:49:d4:49:d3:cb:80:2e:
18:a8:f8:86:46:8d:0f:ae:1c:9a:28:5a:6e:45:dc:
91:6b:8f:52:16:77:1f:7c:74:8c:0e:72:59:51:23:
ee:91:c9:5c:fb:c2:20:67:be:87:61:b1:cc:eb:a1:
7d:15:33:bd:f1:06:72:b8:75:1b:a2:1f:03:62:a2:
35:75:b4:37:f6:8a:a4:52:b9:09:f0:1b:f5:15:87:
e3:dd:5d:84:51:31:2e:23:35:47:12:28:36:30:8f:
60:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A3:2D:38:00:D2:64:29:A1:35:00:29:CE:81:4E:5A:BC:CC:AA:75
X509v3 Authority Key Identifier:
keyid:C3:34:A3:5A:BF:A8:2D:54:9E:49:07:04:D6:8B:BE:65:80:05:D6:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/v6MtOADSZCmhNQApzoFOWrzMqnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/39b08d-eb01-43b0-b56c-273884b53c6e/1/wzSjWr-oLVSeSQcE1ou-ZYAF1jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.0.0/21
80.69.0.0/19
89.187.96.0/19
185.2.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:9c:19:2e:fb:a2:e8:f7:43:22:55:ac:a1:a6:14:c0:c6:7c:
b6:a0:60:23:10:9b:b3:af:b9:d1:54:30:4c:9a:ca:26:8e:01:
97:35:3e:ae:a8:0e:3e:57:5c:ab:32:df:4a:6d:5b:7d:24:aa:
91:13:f3:c1:59:46:f3:7a:4c:18:7f:a9:56:a1:c4:fb:9e:58:
20:06:37:4c:09:ae:a7:e6:55:75:9b:48:d7:67:5f:05:b4:f7:
82:25:3c:bd:a9:66:f8:7e:79:e8:24:e1:0f:5b:49:93:76:db:
31:50:7d:a7:0a:cb:f2:d6:56:cf:95:e2:40:12:e0:c3:73:79:
8f:4d:ac:3e:fd:99:e9:54:2c:99:5d:a3:a3:4e:61:2c:a2:13:
0a:ca:6c:96:09:d8:39:e7:87:38:16:56:dc:bd:0b:f7:05:ec:
b3:82:f3:42:72:d1:0c:4c:cf:38:e5:68:d3:6a:c7:74:a8:e9:
46:5c:36:93:ff:8e:24:8e:1c:57:23:47:00:9c:0a:3a:eb:5d:
ed:41:b4:db:f1:2c:2b:7c:c7:9b:7c:d3:4b:33:6b:0b:8b:78:
10:1b:fd:90:ca:12:5a:2a:9b:a0:39:45:1a:7f:32:35:01:7f:
95:05:c4:9e:32:28:0f:c8:25:b9:ae:7b:22:e1:87:95:15:3d:
c3:b5:a8:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYuRkJ4XoGCeS7ns0iMPzRZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzRhMzVhYmZhODJkNTQ5ZTQ5MDcwNGQ2OGJiZTY1ODAw
NWQ2M2MwHhcNMjMxMTAyMTk0NDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmEzMmQzODAwZDI2NDI5YTEzNTAwMjljZTgxNGU1YWJjY2NhYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIbg1iVyHor3wzeU9z52Z9g9UlrO
yljI7fAEarjhvdH2jIAc7zVD6NyNbFneyElWDHjk9Lc5UHOfC5qZPV4jhbMWHEnn
K8wF3mCNpbaJIBWwhBswAI9cBejnVlBJcUuj6xS29RRwJsEjs9JrvJWSirP97yq7
f+X4Klrf1Zbni2EDur0+zlNLFOCGIm1gw9v8mcoHRnxWs2D2W7OSN0nUSdPLgC4Y
qPiGRo0PrhyaKFpuRdyRa49SFncffHSMDnJZUSPukclc+8IgZ76HYbHM66F9FTO9
8QZyuHUboh8DYqI1dbQ39oqkUrkJ8Bv1FYfj3V2EUTEuIzVHEig2MI9gnwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL+jLTgA0mQpoTUAKc6BTlq8zKp1MB8GA1UdIwQY
MBaAFMM0o1q/qC1UnkkHBNaLvmWABdY8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMt
MjczODg0YjUzYzZlLzEvdjZNdE9BRFNaQ21oTlFBcHpvRk9XcnpNcW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8zOWIwOGQtZWIwMS00M2IwLWI1NmMtMjczODg0YjUzYzZl
LzEvd3pTaldyLW9MVlNlU1FjRTFvdS1aWUFGMWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDJS4AAwQF
UEUAAwQFWbtgAwQCuQKkMA0GCSqGSIb3DQEBCwUAA4IBAQBNnBku+6Lo90MiVayh
phTAxny2oGAjEJuzr7nRVDBMmsomjgGXNT6uqA4+V1yrMt9KbVt9JKqRE/PBWUbz
ekwYf6lWocT7nlggBjdMCa6n5lV1m0jXZ18FtPeCJTy9qWb4fnnoJOEPW0mTdtsx
UH2nCsvy1lbPleJAEuDDc3mPTaw+/ZnpVCyZXaOjTmEsohMKymyWCdg554c4Flbc
vQv3BeyzgvNCctEMTM845WjTasd0qOlGXDaT/44kjhxXI0cAnAo6613tQbTb8Swr
fMebfNNLM2sLi3gQG/2QyhJaKpugOUUafzI1AX+VBcSeMigPyCW5rnsi4YeVFT3D
tag2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:24 2024 by rpki-client on console-ams.rpki-client.org