Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/1qah3r8LNGUOevEZS0_4v8iuT2o.roa
File: 1qah3r8LNGUOevEZS0_4v8iuT2o.roa (raw, json)
Hash identifier: g5S6KB3nVBaMYfodUZg59fMkI3/4igpQ2w2Y1fQNktQ=
Subject key identifier: D6:A6:A1:DE:BF:0B:34:65:0E:7A:F1:19:4B:4F:F8:BF:C8:AE:4F:6A
Certificate issuer: /CN=3016b10d0ac218017c749394e4f2519cf2c0514e
Certificate serial: 01856FA6F42CF7D49E833BD4ED5919C3EFDA
Authority key identifier: 30:16:B1:0D:0A:C2:18:01:7C:74:93:94:E4:F2:51:9C:F2:C0:51:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBaxDQrCGAF8dJOU5PJRnPLAUU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/1qah3r8LNGUOevEZS0_4v8iuT2o.roa
Signing time: Sun 01 Jan 2023 23:24:50 +0000
ROA not before: Sun 01 Jan 2023 23:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47834
IP address blocks: 213.129.128.0/21 maxlen: 21
95.129.240.0/21 maxlen: 21
213.129.136.0/21 maxlen: 21
213.129.144.0/21 maxlen: 21
213.129.152.0/21 maxlen: 21
45.85.172.0/22 maxlen: 22
2a03:f300::/32 maxlen: 32
2a03:f300::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:32:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:f4:2c:f7:d4:9e:83:3b:d4:ed:59:19:c3:ef:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3016b10d0ac218017c749394e4f2519cf2c0514e
Validity
Not Before: Jan 1 23:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a6a1debf0b34650e7af1194b4ff8bfc8ae4f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bc:b1:76:86:23:c9:e5:b4:62:a5:55:f3:f2:
03:dd:41:1e:3c:17:69:fc:42:66:25:3a:a8:17:25:
43:dd:18:5d:60:3c:17:1a:b2:e7:73:3e:26:d2:d4:
4b:4c:17:a4:f9:e5:36:34:2b:5f:a6:d8:5f:94:4d:
07:09:82:58:c2:f7:1e:ae:c8:a7:7d:b1:f7:0d:de:
a6:5a:70:b5:9e:f3:0a:a9:b2:79:7c:34:b7:94:e1:
ad:bd:61:d4:e3:86:55:1c:e2:aa:a8:85:46:d8:05:
f2:fa:4e:2f:8f:b2:7e:54:83:bf:47:7c:c2:aa:4f:
70:bf:e7:89:29:ef:60:7f:f6:65:cc:24:e3:8f:10:
1d:82:42:d7:fb:6f:a5:d4:35:71:fd:22:cb:ab:8b:
4f:b3:f1:fb:c9:6a:54:76:ea:31:5f:5b:10:56:3d:
db:4a:a1:71:e4:42:a7:4b:69:e8:7d:9d:1e:34:7c:
e9:ad:01:9c:d5:c5:fe:62:40:c7:6a:f9:53:6f:15:
16:a7:64:de:5b:6e:69:20:86:d0:4b:62:62:88:50:
e5:3f:0f:41:17:b4:26:db:1d:f2:a1:d6:93:7e:20:
d8:18:cf:2a:63:e9:42:53:db:6c:33:f2:10:91:e1:
b6:70:28:9a:56:74:14:95:db:78:ab:f0:0f:17:1c:
d0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A6:A1:DE:BF:0B:34:65:0E:7A:F1:19:4B:4F:F8:BF:C8:AE:4F:6A
X509v3 Authority Key Identifier:
keyid:30:16:B1:0D:0A:C2:18:01:7C:74:93:94:E4:F2:51:9C:F2:C0:51:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBaxDQrCGAF8dJOU5PJRnPLAUU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/1qah3r8LNGUOevEZS0_4v8iuT2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/3eb64a-e6de-45f5-b68c-6936762d2fce/1/MBaxDQrCGAF8dJOU5PJRnPLAUU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.172.0/22
95.129.240.0/21
213.129.128.0/19
IPv6:
2a03:f300::/29
Signature Algorithm: sha256WithRSAEncryption
b7:f6:03:ed:64:38:ea:6e:d0:94:5b:88:9a:48:57:7a:e2:71:
56:2b:83:5c:17:1e:22:ee:53:a8:f8:d7:92:da:65:07:2d:10:
84:9b:c5:ec:56:59:f1:6c:d4:8d:8a:05:4b:91:c3:16:60:24:
7c:fc:0e:dd:87:97:0a:b7:01:cb:b4:3c:b7:b2:20:1a:98:df:
df:cd:77:84:f7:20:06:41:1b:f9:44:73:6e:31:f6:14:90:41:
74:73:c6:25:a4:d2:37:7b:3c:36:00:fa:30:a2:8e:44:cd:f0:
1d:b1:74:89:37:f3:38:db:2b:94:0e:18:81:ac:76:57:71:a5:
8f:8e:32:70:1f:24:2a:04:50:cf:0d:4d:ec:3f:20:bc:1e:18:
6b:33:c3:16:d0:b2:1e:5c:c1:fd:49:ec:35:e6:3f:9d:f2:55:
40:60:dc:6b:58:df:24:d6:5a:0a:fa:85:12:1d:bb:ae:c1:33:
e7:f2:7f:f4:7f:8c:7a:96:b5:db:be:07:e2:73:c3:32:82:9c:
d7:c4:7b:9c:71:19:b6:9d:f2:e1:80:f1:21:2c:d3:ce:36:7a:
09:bf:23:6e:c7:7d:df:6c:23:1b:e6:70:81:d5:f0:b0:8c:bc:
08:0f:b3:a8:b6:11:a1:9c:ad:cf:8b:f8:3b:de:a8:16:89:5d:
c1:e5:f2:4f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvpvQs99SegzvU7VkZw+/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTZiMTBkMGFjMjE4MDE3Yzc0OTM5NGU0ZjI1MTljZjJj
MDUxNGUwHhcNMjMwMTAxMjMyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE2YTFkZWJmMGIzNDY1MGU3YWYxMTk0YjRmZjhiZmM4YWU0ZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhryxdoYjyeW0YqVV8/ID3UEePBdp
/EJmJTqoFyVD3RhdYDwXGrLncz4m0tRLTBek+eU2NCtfpthflE0HCYJYwvcersin
fbH3Dd6mWnC1nvMKqbJ5fDS3lOGtvWHU44ZVHOKqqIVG2AXy+k4vj7J+VIO/R3zC
qk9wv+eJKe9gf/ZlzCTjjxAdgkLX+2+l1DVx/SLLq4tPs/H7yWpUduoxX1sQVj3b
SqFx5EKnS2nofZ0eNHzprQGc1cX+YkDHavlTbxUWp2TeW25pIIbQS2JiiFDlPw9B
F7Qm2x3yodaTfiDYGM8qY+lCU9tsM/IQkeG2cCiaVnQUldt4q/APFxzQ9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNamod6/CzRlDnrxGUtP+L/Irk9qMB8GA1UdIwQY
MBaAFDAWsQ0KwhgBfHSTlOTyUZzywFFOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJheERRckNHQUY4ZEpPVTVQSlJuUExBVVU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zZWI2NGEtZTZkZS00NWY1LWI2OGMt
NjkzNjc2MmQyZmNlLzEvMXFhaDNyOExOR1VPZXZFWlMwXzR2OGl1VDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zZWI2NGEtZTZkZS00NWY1LWI2OGMtNjkzNjc2MmQyZmNl
LzEvTUJheERRckNHQUY4ZEpPVTVQSlJuUExBVVU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLVWsAwQD
X4HwAwQF1YGAMA0EAgACMAcDBQMqA/MAMA0GCSqGSIb3DQEBCwUAA4IBAQC39gPt
ZDjqbtCUW4iaSFd64nFWK4NcFx4i7lOo+NeS2mUHLRCEm8XsVlnxbNSNigVLkcMW
YCR8/A7dh5cKtwHLtDy3siAamN/fzXeE9yAGQRv5RHNuMfYUkEF0c8YlpNI3ezw2
APowoo5EzfAdsXSJN/M42yuUDhiBrHZXcaWPjjJwHyQqBFDPDU3sPyC8HhhrM8MW
0LIeXMH9Sew15j+d8lVAYNxrWN8k1loK+oUSHbuuwTPn8n/0f4x6lrXbvgfic8My
gpzXxHuccRm2nfLhgPEhLNPONnoJvyNux33fbCMb5nCB1fCwjLwID7OothGhnK3P
i/g73qgWiV3B5fJP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org