Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/oUldTcvuBOQgqWYTuUfPNq6zUs8.roa
File: oUldTcvuBOQgqWYTuUfPNq6zUs8.roa (raw, json)
Hash identifier: 9KZmMYPJE9WF9O8fmKvcQSZ2CR2H/IXuMOu/FMOmuyo=
Subject key identifier: A1:49:5D:4D:CB:EE:04:E4:20:A9:66:13:B9:47:CF:36:AE:B3:52:CF
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018E0DA5EC39EA7054662A373D6E97E39E1C
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/oUldTcvuBOQgqWYTuUfPNq6zUs8.roa
Signing time: Tue 05 Mar 2024 08:06:01 +0000
ROA not before: Tue 05 Mar 2024 08:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
94.73.192.0/18 maxlen: 24
109.226.192.0/18 maxlen: 24
171.33.248.0/21 maxlen: 24
2a05:7400::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 13 May 2024 08:25:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:a5:ec:39:ea:70:54:66:2a:37:3d:6e:97:e3:9e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Mar 5 08:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1495d4dcbee04e420a96613b947cf36aeb352cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ce:55:bf:82:d4:83:0d:1e:ae:d2:fa:49:70:
cd:bb:a3:35:b1:52:36:7a:01:83:ba:85:76:4d:3f:
3d:35:53:69:ff:11:ae:1e:d9:bd:b3:1c:98:fc:68:
16:a8:dc:24:35:ce:4b:97:69:88:1e:08:5c:8f:16:
8c:20:c7:e2:4a:27:f2:a8:5c:75:75:e3:b2:2b:61:
e1:b8:50:50:a8:4b:05:5f:ff:62:69:f9:38:57:c3:
8c:c6:54:1d:51:66:95:98:e3:70:1c:4a:e2:38:94:
6e:7a:4c:e0:83:32:c7:04:38:7b:21:f4:44:cc:8c:
0d:a4:ca:30:b0:91:cb:2f:b0:29:f4:c8:b5:a8:a9:
e1:7e:85:dd:d4:ee:23:e3:b3:77:e3:f0:53:31:58:
b0:61:f1:cd:cb:6a:18:15:11:e7:8e:b4:4d:b2:6c:
cb:88:59:33:38:14:5a:19:e6:7c:79:02:12:60:69:
a3:30:a1:2c:4f:d3:9a:a1:aa:85:7b:f3:9b:73:5a:
74:c4:9d:19:8b:e5:4b:bb:2a:bc:ef:c2:dc:b9:d5:
60:90:d8:88:8c:8f:dc:2d:7a:57:e0:ad:e5:54:94:
53:79:e9:8a:22:3d:c2:38:8b:63:25:eb:07:67:5c:
76:60:28:ab:3e:c2:46:73:ac:51:9d:42:43:05:09:
bf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:49:5D:4D:CB:EE:04:E4:20:A9:66:13:B9:47:CF:36:AE:B3:52:CF
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/oUldTcvuBOQgqWYTuUfPNq6zUs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0/18
171.33.248.0/21
IPv6:
2a05:7400::/34
Signature Algorithm: sha256WithRSAEncryption
a0:19:c4:d2:cc:d2:13:ce:cd:37:81:e4:49:c1:4b:66:f2:47:
56:c1:06:59:d8:b5:0e:f6:f2:01:55:d8:10:ad:09:06:b0:f8:
6c:6a:1d:55:53:77:d0:ad:29:88:31:2e:3f:9b:5d:b2:5f:e5:
1e:65:ef:50:ac:43:60:8d:72:41:18:8a:12:e4:62:e0:c1:38:
e0:6b:b3:52:93:96:d9:1c:c3:39:d5:c5:41:b0:dc:fb:e2:9b:
0a:81:c9:f6:c2:8b:09:5c:cb:5b:43:95:65:e3:fd:1a:cf:43:
cb:f4:97:9c:7f:7e:d0:90:81:0e:cd:34:0b:94:48:75:99:b4:
db:0c:f9:56:b9:91:65:d9:d6:2d:87:14:59:0f:bc:82:e9:03:
e1:4f:54:b8:ab:a8:08:55:dd:74:84:27:62:32:c8:1d:52:0b:
bd:c5:90:62:94:31:cf:c5:2d:8d:22:f0:0c:be:cf:87:0d:25:
06:63:6e:41:37:55:a1:26:08:48:73:dd:da:61:42:2e:0c:18:
11:31:26:ef:ae:64:70:fc:c9:94:de:e3:b5:2b:d7:6b:a0:17:
c1:c3:92:7b:9e:cb:38:76:73:02:ba:52:5c:0e:6b:9c:fb:e1:
c8:b9:1f:04:4a:e9:00:f0:4c:41:92:b7:f6:8e:43:62:84:5b:
db:f0:13:25
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY4Npew56nBUZio3PW6X454cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMzA1MDgwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ5NWQ0ZGNiZWUwNGU0MjBhOTY2MTNiOTQ3Y2YzNmFlYjM1MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiM5Vv4LUgw0ertL6SXDNu6M1sVI2
egGDuoV2TT89NVNp/xGuHtm9sxyY/GgWqNwkNc5Ll2mIHghcjxaMIMfiSifyqFx1
deOyK2HhuFBQqEsFX/9iafk4V8OMxlQdUWaVmONwHEriOJRuekzggzLHBDh7IfRE
zIwNpMowsJHLL7Ap9Mi1qKnhfoXd1O4j47N34/BTMViwYfHNy2oYFRHnjrRNsmzL
iFkzOBRaGeZ8eQISYGmjMKEsT9OaoaqFe/Obc1p0xJ0Zi+VLuyq878LcudVgkNiI
jI/cLXpX4K3lVJRTeemKIj3COItjJesHZ1x2YCirPsJGc6xRnUJDBQm/wwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKFJXU3L7gTkIKlmE7lHzzaus1LPMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvb1VsZFRjdnVCT1FncVdZVHVVZlBOcTZ6VXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQEUEEQAwQG
XknAAwQGbeLAAwQDqyH4MA4EAgACMAgDBgYqBXQAADANBgkqhkiG9w0BAQsFAAOC
AQEAoBnE0szSE87NN4HkScFLZvJHVsEGWdi1DvbyAVXYEK0JBrD4bGodVVN30K0p
iDEuP5tdsl/lHmXvUKxDYI1yQRiKEuRi4ME44GuzUpOW2RzDOdXFQbDc++KbCoHJ
9sKLCVzLW0OVZeP9Gs9Dy/SXnH9+0JCBDs00C5RIdZm02wz5VrmRZdnWLYcUWQ+8
gukD4U9UuKuoCFXddIQnYjLIHVILvcWQYpQxz8UtjSLwDL7Phw0lBmNuQTdVoSYI
SHPd2mFCLgwYETEm765kcPzJlN7jtSvXa6AXwcOSe57LOHZzArpSXA5rnPvhyLkf
BErpAPBMQZK39o5DYoRb2/ATJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org