Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/4ovcAILiVm8c0_Rgq6I6RhdJECo.roa
File: 4ovcAILiVm8c0_Rgq6I6RhdJECo.roa (raw, json)
Hash identifier: zRtyQGGuaeITX8saz9LyE4ZCsitpdMv/PG/8PtqZzP4=
Subject key identifier: E2:8B:DC:00:82:E2:56:6F:1C:D3:F4:60:AB:A2:3A:46:17:49:10:2A
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018AF9583B3C0FDC18121744A8652B08F2F9
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/4ovcAILiVm8c0_Rgq6I6RhdJECo.roa
Signing time: Wed 04 Oct 2023 06:20:23 +0000
ROA not before: Wed 04 Oct 2023 06:20:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1290
IP address blocks: 193.82.192.0/19 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
154.8.0.0/19 maxlen: 24
154.32.0.0/16 maxlen: 24
195.152.0.0/15 maxlen: 15
193.117.32.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 08:08:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f9:58:3b:3c:0f:dc:18:12:17:44:a8:65:2b:08:f2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Oct 4 06:20:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e28bdc0082e2566f1cd3f460aba23a461749102a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:eb:d0:5e:05:c6:81:e6:d1:a9:be:b7:09:3d:
37:7e:09:57:ed:8c:dd:b6:5f:43:9b:7d:6c:c7:bb:
e9:a2:64:52:3d:30:a1:08:41:2e:f5:80:fd:01:ff:
4f:42:4e:49:24:01:81:1b:1b:79:8e:69:75:30:78:
b6:80:47:f2:c1:9a:3b:2e:19:30:78:c0:4d:17:91:
2c:af:a3:c9:da:35:d0:e8:a0:fd:c9:c6:f4:56:8c:
11:24:09:1a:ee:bf:be:9f:79:fe:24:1c:1a:8d:c7:
b1:73:9a:e5:3d:1c:ec:d2:25:9e:a0:99:5a:82:f8:
63:60:89:a9:8a:55:59:f5:bf:ae:0b:3a:fa:19:dd:
aa:b0:15:eb:99:3c:92:ef:a4:1f:a9:d9:55:0f:0e:
38:67:40:b5:24:b3:5c:b0:ac:71:50:46:a7:05:f3:
0f:2f:31:41:d8:8d:62:92:82:6d:44:54:72:36:e6:
1f:4f:2c:15:02:6f:e3:96:34:fa:a9:08:ff:50:6f:
14:f5:36:c2:ef:1a:7c:08:60:d9:ad:f0:dc:7e:fb:
61:b6:8d:3c:e9:6f:b9:0b:08:dc:9b:9b:48:e8:93:
31:9a:9d:9b:30:2d:ef:e3:39:d0:48:e1:2a:d7:d4:
09:b4:c2:79:81:d2:e4:80:af:4d:d5:a5:c8:88:af:
13:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:8B:DC:00:82:E2:56:6F:1C:D3:F4:60:AB:A2:3A:46:17:49:10:2A
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/4ovcAILiVm8c0_Rgq6I6RhdJECo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.152.0.0/15
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
5a:6b:ce:31:e1:42:c6:b3:86:3e:e8:0d:bd:65:6d:0f:f5:df:
93:f5:14:d5:9d:b2:af:e6:ab:1c:92:26:89:f1:ab:6e:02:70:
1d:02:5d:fd:56:f9:91:3f:02:b8:13:d2:dd:2c:ee:8f:4e:4d:
c8:df:77:b5:fe:3a:7f:08:62:6e:f6:0b:fd:2d:2c:f0:df:3c:
c0:f5:9f:d7:f2:05:e1:59:76:b3:78:d9:56:5c:66:c4:42:ec:
0f:cd:6a:6e:97:93:2c:b3:c6:4f:13:00:e6:ca:38:f4:8a:13:
50:19:42:84:06:de:3b:34:37:76:b4:64:28:a5:8b:2c:d9:78:
be:01:a4:5a:a3:5d:88:d9:48:40:d0:4e:2b:3c:44:ec:be:9f:
b5:5c:0d:0e:4d:92:74:8e:84:b0:f8:7d:af:13:e4:b1:8e:f9:
61:42:1a:5b:a0:4c:17:e6:8b:da:08:90:3c:65:7d:de:9e:01:
53:9a:00:f5:ca:d8:22:4d:ed:1d:f4:bb:d9:4a:e1:85:39:bd:
f9:36:9b:d6:f5:fb:4a:53:88:d5:b8:fc:2a:d2:61:05:77:2a:
89:91:b5:b5:b2:26:ed:a2:63:ba:67:d9:28:48:fe:0d:67:f4:
42:32:51:d9:9f:72:03:e3:59:64:d9:ff:b3:78:c6:8f:27:94:
90:d5:69:8c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYr5WDs8D9wYEhdEqGUrCPL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMxMDA0MDYyMDIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjhiZGMwMDgyZTI1NjZmMWNkM2Y0NjBhYmEyM2E0NjE3NDkxMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOvQXgXGgebRqb63CT03fglX7Yzd
tl9Dm31sx7vpomRSPTChCEEu9YD9Af9PQk5JJAGBGxt5jml1MHi2gEfywZo7Lhkw
eMBNF5Esr6PJ2jXQ6KD9ycb0VowRJAka7r++n3n+JBwajcexc5rlPRzs0iWeoJla
gvhjYImpilVZ9b+uCzr6Gd2qsBXrmTyS76QfqdlVDw44Z0C1JLNcsKxxUEanBfMP
LzFB2I1ikoJtRFRyNuYfTywVAm/jljT6qQj/UG8U9TbC7xp8CGDZrfDcfvthto08
6W+5Cwjcm5tI6JMxmp2bMC3v4znQSOEq19QJtMJ5gdLkgK9N1aXIiK8TcQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOKL3ACC4lZvHNP0YKuiOkYXSRAqMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvNG92Y0FJTGlWbThjMF9SZ3E2STZSaGRKRUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMDAcOYMA0E
AgACMAcDBQAqAhYgMA0GCSqGSIb3DQEBCwUAA4IBAQBaa84x4ULGs4Y+6A29ZW0P
9d+T9RTVnbKv5qsckiaJ8atuAnAdAl39VvmRPwK4E9LdLO6PTk3I33e1/jp/CGJu
9gv9LSzw3zzA9Z/X8gXhWXazeNlWXGbEQuwPzWpul5Mss8ZPEwDmyjj0ihNQGUKE
Bt47NDd2tGQopYss2Xi+AaRao12I2UhA0E4rPETsvp+1XA0OTZJ0joSw+H2vE+Sx
jvlhQhpboEwX5ovaCJA8ZX3engFTmgD1ytgiTe0d9LvZSuGFOb35NpvW9ftKU4jV
uPwq0mEFdyqJkbW1sibtomO6Z9koSP4NZ/RCMlHZn3ID41lk2f+zeMaPJ5SQ1WmM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org