Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/I6kEt3ovzW-4AODg1oUNxqgTdOw.roa
File: I6kEt3ovzW-4AODg1oUNxqgTdOw.roa (raw, json)
Hash identifier: H8/dWSWYEfYVTrih/+D8kgMWahEm4Mlyu7MgxapPgz8=
Subject key identifier: 23:A9:04:B7:7A:2F:CD:6F:B8:00:E0:E0:D6:85:0D:C6:A8:13:74:EC
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE65AAEE7A3A856FF9349E80E0A3B57
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/I6kEt3ovzW-4AODg1oUNxqgTdOw.roa
Signing time: Sun 01 Jan 2023 10:35:13 +0000
ROA not before: Sun 01 Jan 2023 10:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44586
IP address blocks: 213.91.173.0/24 maxlen: 24
213.91.191.0/24 maxlen: 24
83.228.89.0/24 maxlen: 24
2a01:5a8:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:5a:ae:e7:a3:a8:56:ff:93:49:e8:0e:0a:3b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23a904b77a2fcd6fb800e0e0d6850dc6a81374ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:84:1d:aa:06:31:f0:f4:54:b9:00:83:5c:cb:
7f:38:a5:a7:5b:ef:0f:28:14:dc:3c:17:7a:b7:99:
4a:94:54:1d:55:e6:bf:a0:34:5e:a1:ee:7c:ed:c7:
1f:c0:37:ec:4d:dd:9a:f0:cf:87:ca:6a:a9:aa:d6:
58:18:7e:18:92:92:9c:cd:a2:ef:22:c4:42:3c:54:
41:86:c3:b5:30:9f:0f:b0:42:cb:80:65:80:60:29:
0d:1f:fa:db:82:35:06:3e:24:3d:22:2a:7b:2d:6b:
e7:a9:ba:65:94:31:e1:a4:01:8e:83:ee:b9:ab:63:
95:92:56:32:25:4f:13:b1:a0:34:05:a4:79:28:29:
bc:98:b0:81:3d:4b:80:29:65:c6:2e:3a:0c:77:87:
fb:a8:46:9f:d1:90:36:7f:43:10:76:f7:f7:f1:ce:
77:b0:8d:ec:68:ae:99:0e:fc:4f:71:ae:3f:1c:f5:
8b:da:4c:5a:8b:84:de:bf:19:b2:04:55:47:d8:58:
89:cd:63:e0:be:c8:87:13:52:96:7d:e5:ca:ae:18:
2c:a1:54:b9:68:fa:91:34:c3:6c:5e:8a:84:51:ac:
52:0b:60:02:9b:37:49:7d:e2:ce:cd:a9:93:ff:a4:
54:ca:0b:25:53:19:6c:19:3e:18:57:b7:e9:69:81:
11:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A9:04:B7:7A:2F:CD:6F:B8:00:E0:E0:D6:85:0D:C6:A8:13:74:EC
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/I6kEt3ovzW-4AODg1oUNxqgTdOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.228.89.0/24
213.91.173.0/24
213.91.191.0/24
IPv6:
2a01:5a8:8::/48
Signature Algorithm: sha256WithRSAEncryption
27:9e:54:4a:53:19:db:b3:87:89:9b:1b:24:8d:af:b4:81:f1:
8a:e5:21:31:de:17:24:94:0d:d6:74:b5:44:92:23:ed:f0:e1:
20:48:cc:4b:ff:af:b2:89:1f:92:8f:1b:21:b7:fe:47:90:c1:
4e:73:c4:14:4b:d0:5b:2e:fc:69:e6:b6:d7:88:3f:dd:bd:5b:
a6:76:40:03:f9:6e:75:10:70:47:d3:c2:c0:f8:e1:b0:b9:36:
f7:0e:2b:31:e5:65:0d:c5:17:65:e1:e2:30:e4:a1:68:58:ef:
c3:2d:f5:41:a0:93:c2:a3:78:a6:00:06:db:c3:34:fb:54:ef:
60:5f:68:32:fc:29:2a:f2:12:b2:65:b1:4a:ea:d5:58:7c:52:
41:c8:bd:e3:5a:99:ba:11:6c:19:de:cd:9d:1b:ac:6c:52:05:
06:d6:b6:18:b3:4f:42:b4:3f:1b:0f:6d:75:aa:18:0f:db:74:
0e:73:7c:37:d3:35:2d:7b:0a:4b:08:dc:f0:c1:ae:bd:22:7d:
0e:d7:ce:fc:17:c7:3d:e4:fb:a5:06:6e:e3:b4:4d:9d:94:a7:
fc:80:74:81:64:be:c6:f8:c2:f1:da:31:91:b6:ad:1b:0c:7b:
16:ae:a6:67:b1:d2:92:b0:66:ef:f6:00:8b:e7:b8:13:29:8f:
e6:25:68:b3
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVs5lqu56OoVv+TSegOCjtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E5MDRiNzdhMmZjZDZmYjgwMGUwZTBkNjg1MGRjNmE4MTM3NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYQdqgYx8PRUuQCDXMt/OKWnW+8P
KBTcPBd6t5lKlFQdVea/oDReoe587ccfwDfsTd2a8M+HymqpqtZYGH4YkpKczaLv
IsRCPFRBhsO1MJ8PsELLgGWAYCkNH/rbgjUGPiQ9Iip7LWvnqbpllDHhpAGOg+65
q2OVklYyJU8TsaA0BaR5KCm8mLCBPUuAKWXGLjoMd4f7qEaf0ZA2f0MQdvf38c53
sI3saK6ZDvxPca4/HPWL2kxai4TevxmyBFVH2FiJzWPgvsiHE1KWfeXKrhgsoVS5
aPqRNMNsXoqEUaxSC2ACmzdJfeLOzamT/6RUygslUxlsGT4YV7fpaYERmwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCOpBLd6L81vuADg4NaFDcaoE3TsMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvSTZrRXQzb3Z6Vy00QU9EZzFvVU54cWdUZE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAU+RZAwQA
1VutAwQA1Vu/MA8EAgACMAkDBwAqAQWoAAgwDQYJKoZIhvcNAQELBQADggEBACee
VEpTGduzh4mbGySNr7SB8YrlITHeFySUDdZ0tUSSI+3w4SBIzEv/r7KJH5KPGyG3
/keQwU5zxBRL0Fsu/GnmtteIP929W6Z2QAP5bnUQcEfTwsD44bC5NvcOKzHlZQ3F
F2Xh4jDkoWhY78Mt9UGgk8KjeKYABtvDNPtU72BfaDL8KSryErJlsUrq1Vh8UkHI
veNamboRbBnezZ0brGxSBQbWthizT0K0PxsPbXWqGA/bdA5zfDfTNS17CksI3PDB
rr0ifQ7XzvwXxz3k+6UGbuO0TZ2Up/yAdIFkvsb4wvHaMZG2rRsMexaupmex0pKw
Zu/2AIvnuBMpj+YlaLM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org