Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/1-_0tn6GHa7tFwIoq_AWu3DxLpqE.roa
File: 1-_0tn6GHa7tFwIoq_AWu3DxLpqE.roa (raw, json)
Hash identifier: 9g5OMqr9Lkffn87PezVW3iS9Ue2pnTRQMaOOEtl0qI4=
Subject key identifier: FB:FD:2D:9F:A1:87:6B:BB:45:C0:8A:2A:FC:05:AE:DC:3C:4B:A6:A1
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01870E140A19C3A74BCC8297EFA72BF90679
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/1-_0tn6GHa7tFwIoq_AWu3DxLpqE.roa
Signing time: Thu 23 Mar 2023 10:46:46 +0000
ROA not before: Thu 23 Mar 2023 10:46:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 195.149.87.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Mar 2023 10:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0e:14:0a:19:c3:a7:4b:cc:82:97:ef:a7:2b:f9:06:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Mar 23 10:46:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbfd2d9fa1876bbb45c08a2afc05aedc3c4ba6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d7:6c:13:e5:a6:df:27:35:1d:96:ef:79:67:
17:63:97:5d:03:73:7e:2c:3a:30:60:0e:31:6e:df:
3f:37:bd:20:dc:fe:23:3b:a7:9b:85:f8:a0:77:eb:
65:8c:52:22:09:32:ad:31:b6:cc:66:b6:07:26:60:
55:20:c2:ad:3c:d9:12:33:b2:07:fd:a8:2c:cb:e4:
5c:bb:aa:9a:29:5f:86:34:de:89:1e:93:70:b2:6a:
5c:aa:f7:c8:16:c5:b3:b4:99:90:a8:1e:9a:57:3b:
41:8f:d4:a9:7e:cf:cb:a3:8a:b2:cb:47:8f:54:c8:
69:9e:b2:e6:ba:1d:6d:02:88:43:2a:d2:1a:f4:88:
b2:43:e2:a5:45:23:ff:ce:6a:4c:a3:41:b0:bc:ce:
10:d6:b3:23:55:90:80:c3:a9:c1:d4:e3:e4:fd:ee:
6f:b8:f1:7f:e1:79:74:b0:f3:31:e6:eb:0d:f3:d4:
7d:16:35:4e:48:c7:42:b5:58:9c:ef:9f:5d:d9:d3:
87:b9:a6:c6:91:d0:a0:a3:ef:33:db:c5:4f:a8:c6:
fd:77:90:1c:4c:a6:03:2b:77:77:61:dd:12:b5:b7:
b8:4c:66:52:d6:b4:00:6c:56:ff:3e:55:af:c9:4d:
7c:09:57:f9:9d:1a:ea:e0:0b:c5:ca:fd:19:f3:56:
53:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FD:2D:9F:A1:87:6B:BB:45:C0:8A:2A:FC:05:AE:DC:3C:4B:A6:A1
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/1-_0tn6GHa7tFwIoq_AWu3DxLpqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.119.194.0/24
80.92.204.0/23
185.250.151.0/24
195.149.87.0/24
IPv6:
2a09:7c41::-2a09:7c42:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7e:37:38:22:4b:a9:a1:6b:98:cf:23:72:ce:a6:78:d0:a7:a9:
69:d7:8e:e5:fe:a1:b5:d5:d0:1d:78:9f:b8:e9:db:8d:09:b9:
a5:28:e1:ba:cc:20:af:6b:58:38:5d:38:a1:f6:11:56:5d:82:
6c:d4:d8:3e:cc:15:9a:30:37:75:3b:d4:bf:3c:b6:77:3f:98:
24:a5:26:9e:23:68:70:4d:f0:50:b4:66:b3:4b:d1:16:7d:9c:
4b:58:54:46:82:6b:55:ef:28:14:3a:c1:99:4e:b1:3e:c2:32:
fc:3c:70:14:c3:db:18:fe:7e:8f:9d:35:43:f6:6a:7c:85:7e:
26:d7:93:37:f7:6b:ef:4a:c4:91:c2:dc:e3:d1:84:b0:24:06:
a0:0d:2c:36:73:02:d7:48:c4:52:0e:a1:a9:30:91:50:b3:75:
1f:64:22:ad:5e:82:77:6d:86:78:a0:d1:30:7c:75:7e:2e:40:
1d:6c:df:f1:21:65:fb:57:bb:7f:90:f6:98:f6:02:f2:6b:a1:
d6:9c:a9:b6:2e:58:f9:16:1f:02:66:5d:75:8f:96:29:c0:95:
84:b4:ee:f7:f2:78:f1:f3:a0:8b:b2:8b:29:49:36:cb:f2:5f:
9e:f0:10:e6:4f:73:a0:4e:1c:e3:e2:62:8c:a0:ac:2a:9e:b0:
43:ad:11:28
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYcOFAoZw6dLzIKX76cr+QZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjMwMzIzMTA0NjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZkMmQ5ZmExODc2YmJiNDVjMDhhMmFmYzA1YWVkYzNjNGJhNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArddsE+Wm3yc1HZbveWcXY5ddA3N+
LDowYA4xbt8/N70g3P4jO6ebhfigd+tljFIiCTKtMbbMZrYHJmBVIMKtPNkSM7IH
/agsy+Rcu6qaKV+GNN6JHpNwsmpcqvfIFsWztJmQqB6aVztBj9Spfs/Lo4qyy0eP
VMhpnrLmuh1tAohDKtIa9IiyQ+KlRSP/zmpMo0GwvM4Q1rMjVZCAw6nB1OPk/e5v
uPF/4Xl0sPMx5usN89R9FjVOSMdCtVic759d2dOHuabGkdCgo+8z28VPqMb9d5Ac
TKYDK3d3Yd0Stbe4TGZS1rQAbFb/PlWvyU18CVf5nRrq4AvFyv0Z81ZTFwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPv9LZ+hh2u7RcCKKvwFrtw8S6ahMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvMS1fMHRuNkdIYTd0RndJb3FfQVd1M0R4THBxRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWUvZjc2ZTIwLTU4NTktNDE1ZC04NmIzLTExOWVmY2JiMjAy
My8xL3U0TUdNUEk3QndvcmU5OVNuM09VakpmcXpVQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEAEp3wgME
AVBczAMEALn6lwMEAMOVVzAWBAIAAjAQMA4DBQAqCXxBAwUAKgl8QjANBgkqhkiG
9w0BAQsFAAOCAQEAfjc4IkupoWuYzyNyzqZ40KepadeO5f6htdXQHXifuOnbjQm5
pSjhuswgr2tYOF04ofYRVl2CbNTYPswVmjA3dTvUvzy2dz+YJKUmniNocE3wULRm
s0vRFn2cS1hURoJrVe8oFDrBmU6xPsIy/DxwFMPbGP5+j501Q/ZqfIV+JteTN/dr
70rEkcLc49GEsCQGoA0sNnMC10jEUg6hqTCRULN1H2QirV6Cd22GeKDRMHx1fi5A
HWzf8SFl+1e7f5D2mPYC8muh1pypti5Y+RYfAmZddY+WKcCVhLTu9/J48fOgi7KL
KUk2y/JfnvAQ5k9zoE4c4+JijKCsKp6wQ60RKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:28 2024 by rpki-client on console-ams.rpki-client.org