Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/yOMYw9qKXNRxmCVGB4mwqGRUP1c.roa
File: yOMYw9qKXNRxmCVGB4mwqGRUP1c.roa (raw, json)
Hash identifier: uDxnIGYlZmln/5ndiVwZD0zYsM7Fud3tlVlaZtY7UgM=
Subject key identifier: C8:E3:18:C3:DA:8A:5C:D4:71:98:25:46:07:89:B0:A8:64:54:3F:57
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018E0C9258836FDC545183977E4DD97D9155
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/yOMYw9qKXNRxmCVGB4mwqGRUP1c.roa
Signing time: Tue 05 Mar 2024 03:05:01 +0000
ROA not before: Tue 05 Mar 2024 03:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31257
IP address blocks: 80.65.16.0/20 maxlen: 24
94.73.192.0/18 maxlen: 24
109.226.192.0/18 maxlen: 24
171.33.248.0/21 maxlen: 24
185.84.172.0/23 maxlen: 23
185.84.172.0/24 maxlen: 24
185.84.173.0/24 maxlen: 24
2a05:7400::/29 maxlen: 29
2a05:7400::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 05 Mar 2024 05:55:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0c:92:58:83:6f:dc:54:51:83:97:7e:4d:d9:7d:91:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Mar 5 03:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8e318c3da8a5cd4719825460789b0a864543f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6d:56:b0:a1:7b:1c:a0:52:03:7f:e2:d2:d0:
8c:d9:2d:45:e2:44:a1:08:3b:48:e6:29:a4:bc:df:
5d:8f:cd:fb:78:87:b2:98:75:2b:36:f9:0e:c7:4c:
79:dd:be:2a:ac:52:7f:f7:79:c0:86:85:19:22:88:
83:3c:4a:e4:7a:88:7f:1e:04:5b:a9:03:2b:d5:a0:
44:15:59:28:51:d5:44:0f:f4:14:a0:f9:9d:ec:62:
da:4a:87:70:30:41:ac:17:8c:fd:5c:3b:e7:f1:59:
24:ef:93:70:95:9f:8c:ba:4c:2a:23:6e:3e:fe:95:
db:f8:bd:2f:a3:3e:2c:a4:28:1d:f2:96:f3:ec:65:
02:37:4e:46:9d:f1:20:47:eb:24:19:55:57:cd:6d:
56:ef:ef:9e:d6:ad:9d:4b:76:51:7a:2d:a2:60:05:
07:e8:04:d2:ba:b6:56:4a:96:78:0e:71:a9:59:50:
8d:ec:73:ee:aa:86:45:c7:0e:43:8b:45:ce:44:1f:
6f:41:7d:84:e7:db:c0:dc:e4:ba:80:08:2d:4d:26:
ad:34:44:3d:6f:21:3c:31:ca:b3:78:3d:19:ff:fb:
90:2e:11:79:5d:16:f1:1b:7e:ac:93:7c:b5:7c:4a:
c1:e5:c2:8b:92:4f:f3:85:ff:d2:57:74:d4:08:77:
d5:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:E3:18:C3:DA:8A:5C:D4:71:98:25:46:07:89:B0:A8:64:54:3F:57
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/yOMYw9qKXNRxmCVGB4mwqGRUP1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.65.16.0/20
94.73.192.0/18
109.226.192.0/18
171.33.248.0/21
185.84.172.0/23
IPv6:
2a05:7400::/29
Signature Algorithm: sha256WithRSAEncryption
38:64:9b:fc:e4:5e:22:4f:f8:7d:e6:82:41:cf:a5:28:06:2c:
be:87:c8:2b:e7:97:b0:ba:68:95:4f:23:1f:b0:76:59:a8:25:
3a:03:90:45:ba:4b:55:9a:9f:42:03:26:05:fb:84:d2:29:35:
d0:2a:d5:cf:a3:ca:0e:69:2b:46:64:53:51:a0:13:dd:91:cc:
1e:2d:b7:4e:2b:37:8a:56:51:31:3b:ef:59:b3:44:3b:04:16:
29:38:b6:70:c3:f3:af:67:70:df:a8:6a:c6:b3:82:f7:8d:76:
f9:ef:1b:a3:18:0a:75:84:c2:59:79:9b:8d:99:fc:b0:88:50:
87:ba:a3:f2:10:b9:cc:48:98:7d:ad:56:d7:1a:d1:7a:38:53:
57:74:55:ae:11:1b:b8:b5:a8:b5:fe:80:09:0a:cb:b3:b8:24:
17:68:46:ce:87:4e:f5:00:9b:07:e1:2f:84:4e:c0:d9:2f:96:
36:32:0f:36:e9:84:79:63:ca:eb:f3:03:64:df:af:42:db:cc:
64:d1:c8:35:21:c7:38:2d:b9:dc:64:9b:e0:ef:1e:64:b4:e5:
61:30:ea:77:a9:56:24:53:f0:0d:13:c2:28:6b:9b:f6:e5:8b:
cb:45:5d:38:7f:b0:67:3e:15:09:9a:23:9b:05:2a:eb:cc:c1:
79:0f:02:2a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY4MkliDb9xUUYOXfk3ZfZFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMzA1MDMwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGUzMThjM2RhOGE1Y2Q0NzE5ODI1NDYwNzg5YjBhODY0NTQzZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlm1WsKF7HKBSA3/i0tCM2S1F4kSh
CDtI5imkvN9dj837eIeymHUrNvkOx0x53b4qrFJ/93nAhoUZIoiDPErkeoh/HgRb
qQMr1aBEFVkoUdVED/QUoPmd7GLaSodwMEGsF4z9XDvn8Vkk75NwlZ+MukwqI24+
/pXb+L0voz4spCgd8pbz7GUCN05GnfEgR+skGVVXzW1W7++e1q2dS3ZRei2iYAUH
6ATSurZWSpZ4DnGpWVCN7HPuqoZFxw5Di0XORB9vQX2E59vA3OS6gAgtTSatNEQ9
byE8McqzeD0Z//uQLhF5XRbxG36sk3y1fErB5cKLkk/zhf/SV3TUCHfVEQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMjjGMPailzUcZglRgeJsKhkVD9XMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEveU9NWXc5cUtYTlJ4bUNWR0I0bXdxR1JVUDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEUEEQAwQG
XknAAwQGbeLAAwQDqyH4AwQBuVSsMA0EAgACMAcDBQMqBXQAMA0GCSqGSIb3DQEB
CwUAA4IBAQA4ZJv85F4iT/h95oJBz6UoBiy+h8gr55ewumiVTyMfsHZZqCU6A5BF
uktVmp9CAyYF+4TSKTXQKtXPo8oOaStGZFNRoBPdkcweLbdOKzeKVlExO+9Zs0Q7
BBYpOLZww/OvZ3DfqGrGs4L3jXb57xujGAp1hMJZeZuNmfywiFCHuqPyELnMSJh9
rVbXGtF6OFNXdFWuERu4tai1/oAJCsuzuCQXaEbOh071AJsH4S+ETsDZL5Y2Mg82
6YR5Y8rr8wNk369C28xk0cg1Icc4LbncZJvg7x5ktOVhMOp3qVYkU/ANE8Ioa5v2
5YvLRV04f7BnPhUJmiObBSrrzMF5DwIq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:18 2024 by rpki-client on console-ams.rpki-client.org