Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/9lBO8L7yc2Krz0uKF3UQNWljajg.roa
File: 9lBO8L7yc2Krz0uKF3UQNWljajg.roa (raw, json)
Hash identifier: k87BhsMNYk0fevI6T1Y/ACe2hTy16yURhxjucqKVf54=
Subject key identifier: F6:50:4E:F0:BE:F2:73:62:AB:CF:4B:8A:17:75:10:35:69:63:6A:38
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC72774FDBE1116B10F7F1808FE4E2748
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/9lBO8L7yc2Krz0uKF3UQNWljajg.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34707
IP address blocks: 82.179.0.0/20 maxlen: 24
82.179.0.0/21 maxlen: 21
82.179.8.0/22 maxlen: 22
82.179.12.0/24 maxlen: 24
82.179.13.0/24 maxlen: 24
82.179.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 12 Apr 2024 13:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:74:fd:be:11:16:b1:0f:7f:18:08:fe:4e:27:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6504ef0bef27362abcf4b8a1775103569636a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bc:26:a0:63:da:cc:b5:dd:04:5a:54:5d:89:
89:ba:b0:d6:a7:96:49:98:7c:65:d6:aa:5e:fe:8d:
d1:d8:2a:47:31:56:0f:9b:8a:6c:05:f0:45:30:c6:
d8:31:db:6c:62:d8:6e:82:72:69:cf:bd:64:a0:38:
cc:8f:93:07:d4:0c:b2:cb:8c:5d:fc:0e:98:83:1b:
c9:b3:d2:a3:8c:45:0d:bc:d3:be:db:80:ab:a7:c2:
3a:e5:6d:98:f9:6e:a9:4c:fb:72:a7:9d:f2:75:55:
e3:c4:34:bf:17:02:32:be:91:3c:93:02:c5:32:3f:
68:a6:32:94:43:14:cc:f5:1a:16:ba:58:95:83:18:
c9:85:17:c3:b5:26:7c:1a:90:fc:8e:83:83:e9:81:
96:4c:f6:09:51:3b:10:a9:d5:31:b6:1a:33:36:b6:
24:8b:44:49:63:d8:21:0c:86:60:7b:64:ca:1b:58:
ce:8d:92:47:8b:68:6b:75:43:2f:50:d9:d8:dd:1a:
e7:c6:0b:21:dd:7e:5a:0f:ce:d5:f6:bc:96:77:a9:
cb:2c:ac:95:47:a1:84:e3:05:9f:2d:99:85:6d:a8:
89:64:b6:4e:c4:09:34:c8:2d:e9:a9:4e:de:fa:f0:
34:b1:2e:78:57:ff:d7:1a:23:8d:95:48:de:4a:c7:
f8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:50:4E:F0:BE:F2:73:62:AB:CF:4B:8A:17:75:10:35:69:63:6A:38
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/9lBO8L7yc2Krz0uKF3UQNWljajg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.0.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:27:2c:4f:c1:9f:cb:03:57:91:e3:36:dc:ad:94:6d:e3:fa:
a6:81:03:cc:06:a9:2a:9d:67:66:3f:62:2a:da:6e:c3:fa:67:
19:8f:bb:c3:49:ba:f1:81:bf:ba:41:3e:87:d8:82:5a:2e:5c:
d8:f3:6e:5a:a4:c6:d6:cd:2d:7f:dc:fc:14:bf:f2:a9:d1:a6:
cd:40:72:6d:80:5a:e6:ba:5f:f1:2e:f8:fd:dd:8d:ec:89:b6:
fe:ff:a4:24:88:0e:d7:bd:38:3e:17:91:04:d4:37:77:75:14:
a2:c1:e0:dc:5f:2a:ba:a8:3d:5a:57:d7:76:ac:7c:73:cc:2b:
ec:3f:d3:d2:38:71:09:4a:55:7d:6a:f6:8f:2e:30:70:1c:84:
8c:37:84:b3:fa:a1:27:ee:6a:1d:ea:09:6f:b9:02:83:5b:fb:
e4:2d:ea:9a:7d:4b:ef:69:1b:4e:9d:36:cb:f2:28:13:63:30:
55:ee:46:e4:ae:64:99:95:63:4e:46:b1:e1:d7:de:6a:fe:49:
a1:9d:ab:f3:fa:dd:6a:f5:7e:7a:14:39:9f:84:be:b9:00:b9:
57:30:97:dd:b1:b7:62:00:87:a9:06:c1:0f:1d:0f:71:82:5e:
ec:9b:28:9f:57:3c:3c:80:26:21:42:b1:d2:7b:ab:31:42:99:
c6:86:d8:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ3T9vhEWsQ9/GAj+TidIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjUwNGVmMGJlZjI3MzYyYWJjZjRiOGExNzc1MTAzNTY5NjM2YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbwmoGPazLXdBFpUXYmJurDWp5ZJ
mHxl1qpe/o3R2CpHMVYPm4psBfBFMMbYMdtsYthugnJpz71koDjMj5MH1Ayyy4xd
/A6YgxvJs9KjjEUNvNO+24Crp8I65W2Y+W6pTPtyp53ydVXjxDS/FwIyvpE8kwLF
Mj9opjKUQxTM9RoWuliVgxjJhRfDtSZ8GpD8joOD6YGWTPYJUTsQqdUxthozNrYk
i0RJY9ghDIZge2TKG1jOjZJHi2hrdUMvUNnY3Rrnxgsh3X5aD87V9ryWd6nLLKyV
R6GE4wWfLZmFbaiJZLZOxAk0yC3pqU7e+vA0sS54V//XGiONlUjeSsf4oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPZQTvC+8nNiq89Lihd1EDVpY2o4MB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvOWxCTzhMN3ljMktyejB1S0YzVVFOV2xqYWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUrMAMA0G
CSqGSIb3DQEBCwUAA4IBAQAMJyxPwZ/LA1eR4zbcrZRt4/qmgQPMBqkqnWdmP2Iq
2m7D+mcZj7vDSbrxgb+6QT6H2IJaLlzY825apMbWzS1/3PwUv/Kp0abNQHJtgFrm
ul/xLvj93Y3sibb+/6QkiA7XvTg+F5EE1Dd3dRSiweDcXyq6qD1aV9d2rHxzzCvs
P9PSOHEJSlV9avaPLjBwHISMN4Sz+qEn7mod6glvuQKDW/vkLeqafUvvaRtOnTbL
8igTYzBV7kbkrmSZlWNORrHh195q/kmhnavz+t1q9X56FDmfhL65ALlXMJfdsbdi
AIepBsEPHQ9xgl7smyifVzw8gCYhQrHSe6sxQpnGhtj1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org