Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/aRgiktBLvmcj8L2iZ5oSf-3GNWI.roa
File: aRgiktBLvmcj8L2iZ5oSf-3GNWI.roa (raw, json)
Hash identifier: H6ChWwQachk9j1OcOdZ2RPeSFWYwiDUb0G1OomJpvb0=
Subject key identifier: 69:18:22:92:D0:4B:BE:67:23:F0:BD:A2:67:9A:12:7F:ED:C6:35:62
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 01858B41C69FFC077FFCB25B8BDBF205B9D3
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/aRgiktBLvmcj8L2iZ5oSf-3GNWI.roa
Signing time: Sat 07 Jan 2023 08:03:41 +0000
ROA not before: Sat 07 Jan 2023 08:03:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jan 2023 05:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8b:41:c6:9f:fc:07:7f:fc:b2:5b:8b:db:f2:05:b9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 7 08:03:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69182292d04bbe6723f0bda2679a127fedc63562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:85:1a:90:35:94:40:97:44:d4:27:3b:28:2b:
5c:b8:25:c8:85:4a:1c:46:b8:21:3e:45:97:eb:16:
7e:11:af:a4:f6:10:d9:0e:f7:95:e3:29:9b:91:b3:
5a:5b:b1:70:11:2a:22:98:54:93:7c:9e:7d:17:a4:
dd:0c:f7:1a:32:43:bd:0a:f3:77:c4:d7:7f:a1:0d:
a0:2d:5f:72:cc:72:57:2c:b6:6b:f1:c4:7a:61:88:
20:b4:d7:37:06:a4:2d:e2:08:c9:9a:8d:a3:df:9c:
58:54:44:c0:3b:15:5e:ab:ab:9e:cb:1b:59:fa:29:
5e:40:60:82:51:79:2a:f5:7e:f1:a6:eb:cd:e6:5f:
09:b8:1d:20:54:79:1c:16:d4:4f:97:d5:3a:e7:11:
34:76:73:d8:1c:59:ac:bf:73:17:c5:e2:3a:42:6b:
94:2e:49:ea:4d:9d:45:93:b0:78:30:9a:fe:12:e8:
9f:2a:df:a5:95:07:f3:ad:86:8f:a6:f4:c7:e1:ed:
66:62:a6:9d:8f:16:36:3f:b9:fc:ee:6f:11:d0:4e:
ff:ed:e1:78:5a:88:21:7e:31:80:ec:bf:6b:10:29:
f3:c9:5b:57:eb:f8:a4:f5:91:ac:ed:df:8f:d1:be:
99:06:c2:b9:c3:23:36:ca:50:1c:34:ce:3b:2f:56:
fe:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:18:22:92:D0:4B:BE:67:23:F0:BD:A2:67:9A:12:7F:ED:C6:35:62
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/aRgiktBLvmcj8L2iZ5oSf-3GNWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.240.0/22
84.54.36.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:a4:49:8f:bb:24:d1:96:43:c0:19:66:e4:67:b4:b6:c3:15:
6d:fc:78:23:ec:93:43:08:8a:e5:14:34:e5:32:d7:32:7f:33:
27:a3:3f:6e:bb:3a:21:f1:a8:8b:47:e1:e9:d1:0d:13:a6:19:
c4:42:9f:07:f2:51:a7:d0:7f:76:0e:05:31:9c:b7:27:81:04:
47:03:14:a8:97:8c:e1:c1:2b:8d:cb:ab:6d:0b:03:39:8b:cb:
db:31:a0:e8:54:35:fc:c0:8c:07:35:32:b2:36:de:f4:8a:c9:
12:fe:5e:4d:a1:20:74:4a:72:4d:67:71:bb:98:a2:74:cf:a8:
8a:56:16:e2:a5:4b:ac:90:23:e6:bc:59:13:0e:ce:88:6b:19:
af:66:22:41:ce:25:75:81:e7:fa:5e:b1:74:97:4f:16:2f:bb:
38:56:29:ac:70:68:63:07:08:9c:ce:3d:dc:40:70:8a:6e:fe:
1c:4f:3f:ee:9e:08:88:3c:c2:20:5f:df:45:81:bf:f7:86:e8:
72:8c:eb:58:de:43:d0:14:c5:5d:93:89:72:38:a4:2f:f5:e4:
c0:7c:d5:e3:e0:39:cf:d0:27:2f:a6:48:0d:40:43:9f:a2:ab:
92:ae:57:23:80:af:6a:78:51:30:bb:d0:47:b1:be:d3:fb:ed:
fb:b8:96:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWLQcaf/Ad//LJbi9vyBbnTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTA3MDgwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTE4MjI5MmQwNGJiZTY3MjNmMGJkYTI2NzlhMTI3ZmVkYzYzNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYUakDWUQJdE1Cc7KCtcuCXIhUoc
RrghPkWX6xZ+Ea+k9hDZDveV4ymbkbNaW7FwESoimFSTfJ59F6TdDPcaMkO9CvN3
xNd/oQ2gLV9yzHJXLLZr8cR6YYggtNc3BqQt4gjJmo2j35xYVETAOxVeq6ueyxtZ
+ileQGCCUXkq9X7xpuvN5l8JuB0gVHkcFtRPl9U65xE0dnPYHFmsv3MXxeI6QmuU
LknqTZ1Fk7B4MJr+EuifKt+llQfzrYaPpvTH4e1mYqadjxY2P7n87m8R0E7/7eF4
WoghfjGA7L9rECnzyVtX6/ik9ZGs7d+P0b6ZBsK5wyM2ylAcNM47L1b+DQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkYIpLQS75nI/C9omeaEn/txjViMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvYVJnaWt0Qkx2bWNqOEwyaVo1b1NmLTNHTldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCU6vwAwQA
VDYkMA0GCSqGSIb3DQEBCwUAA4IBAQB9pEmPuyTRlkPAGWbkZ7S2wxVt/Hgj7JND
CIrlFDTlMtcyfzMnoz9uuzoh8aiLR+Hp0Q0TphnEQp8H8lGn0H92DgUxnLcngQRH
AxSol4zhwSuNy6ttCwM5i8vbMaDoVDX8wIwHNTKyNt70iskS/l5NoSB0SnJNZ3G7
mKJ0z6iKVhbipUuskCPmvFkTDs6IaxmvZiJBziV1gef6XrF0l08WL7s4VimscGhj
Bwiczj3cQHCKbv4cTz/ungiIPMIgX99Fgb/3huhyjOtY3kPQFMVdk4lyOKQv9eTA
fNXj4DnP0CcvpkgNQEOfoquSrlcjgK9qeFEwu9BHsb7T++37uJaT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org