Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/tOgdRggb7G_jlpaiwQ51J0U-P_s.roa
File: tOgdRggb7G_jlpaiwQ51J0U-P_s.roa (raw, json)
Hash identifier: nUP00AIDNp5l6cBzKVAWPR6OiWwSaLAauFD2iMS5M4E=
Subject key identifier: B4:E8:1D:46:08:1B:EC:6F:E3:96:96:A2:C1:0E:75:27:45:3E:3F:FB
Certificate issuer: /CN=3aedd3c7273d9ab364a314da481e5ba51f84296f
Certificate serial: 01857039886BA1D3B819B62060CB60CDD161
Authority key identifier: 3A:ED:D3:C7:27:3D:9A:B3:64:A3:14:DA:48:1E:5B:A5:1F:84:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ou3Txyc9mrNkoxTaSB5bpR-EKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/tOgdRggb7G_jlpaiwQ51J0U-P_s.roa
Signing time: Mon 02 Jan 2023 02:04:56 +0000
ROA not before: Mon 02 Jan 2023 02:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21161
IP address blocks: 193.138.83.0/24 maxlen: 24
185.195.180.0/22 maxlen: 22
194.110.196.0/24 maxlen: 24
178.249.84.0/22 maxlen: 22
178.249.80.0/22 maxlen: 22
194.121.11.0/24 maxlen: 24
2a02:2198::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:88:6b:a1:d3:b8:19:b6:20:60:cb:60:cd:d1:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aedd3c7273d9ab364a314da481e5ba51f84296f
Validity
Not Before: Jan 2 02:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4e81d46081bec6fe39696a2c10e7527453e3ffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ff:b6:55:58:e8:fe:7e:9d:0d:fe:51:2b:c8:
a1:0c:56:3d:cd:9b:14:43:06:0c:59:5b:42:e6:a8:
f6:25:c6:ab:e6:68:09:0d:e5:ef:69:14:aa:2c:28:
60:96:fc:b3:b7:7f:3e:51:8d:5c:5e:45:73:e5:80:
ee:e7:a9:19:da:56:c8:53:6e:ea:ce:38:20:63:52:
a9:4a:29:52:63:ac:ce:ae:ed:05:d6:9a:c5:41:c5:
f7:ac:21:f5:3e:1b:2a:27:65:90:f5:90:57:0d:be:
df:59:0d:bc:93:a3:70:ec:96:83:f8:8f:b8:97:db:
df:a5:a6:1e:b8:35:40:18:c5:39:8d:05:4a:c4:a5:
68:df:a7:74:09:49:7d:ca:57:d9:f8:2e:46:8f:50:
f8:19:24:be:5f:0b:8d:4d:91:ef:c2:a0:0b:6a:86:
7e:28:a7:0d:d3:c7:4c:22:41:3f:bc:ad:c7:b2:6c:
f5:80:4a:92:12:67:59:af:bb:c6:73:a9:df:ea:fd:
f8:e0:9c:f6:31:df:50:dc:5a:ab:d6:2f:0b:a3:7a:
20:00:2e:38:ca:ba:d6:22:70:92:0a:4f:72:76:83:
b9:85:37:6d:5e:11:68:ae:e9:7c:0d:bc:10:f5:91:
fe:77:e3:6b:7b:76:f8:62:52:4a:8f:bf:89:19:dd:
71:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E8:1D:46:08:1B:EC:6F:E3:96:96:A2:C1:0E:75:27:45:3E:3F:FB
X509v3 Authority Key Identifier:
keyid:3A:ED:D3:C7:27:3D:9A:B3:64:A3:14:DA:48:1E:5B:A5:1F:84:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ou3Txyc9mrNkoxTaSB5bpR-EKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/tOgdRggb7G_jlpaiwQ51J0U-P_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/62c92a-5c23-48d7-bca2-63f04095a4c4/1/Ou3Txyc9mrNkoxTaSB5bpR-EKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.249.80.0/21
185.195.180.0/22
193.138.83.0/24
194.110.196.0/24
194.121.11.0/24
IPv6:
2a02:2198::/32
Signature Algorithm: sha256WithRSAEncryption
2c:e6:60:32:0d:5f:0f:2b:6b:16:9e:ca:81:93:9a:37:a1:7e:
78:58:74:7d:5d:25:96:de:40:63:1a:5a:b7:ee:e5:a0:64:98:
97:45:63:6d:28:96:63:95:e7:89:58:00:e6:a0:48:78:b5:87:
00:9f:2e:47:d1:5d:9d:0d:93:de:d4:08:9c:04:d6:e7:dc:65:
de:e6:a9:0e:a5:8d:10:a9:9a:de:43:93:68:93:a0:90:72:60:
ff:7c:71:a1:8d:45:71:8a:34:32:4b:92:a8:5a:2e:fd:95:36:
d6:13:8d:3d:07:03:96:9f:f8:3c:45:27:d3:a3:e4:5b:91:69:
b3:77:a5:c4:29:ea:0f:23:a9:d0:05:d3:74:a7:12:51:d0:c4:
ee:8a:4e:d4:bf:ae:37:a5:64:b1:35:64:13:3d:9c:f9:25:e2:
1d:55:5c:59:49:0a:02:3b:9a:7b:55:b7:65:f9:47:0a:ed:aa:
39:44:17:9f:eb:f7:fd:5a:5b:a7:73:55:c5:71:ae:06:1c:f9:
61:55:16:4c:d2:29:bb:eb:73:46:49:12:64:de:4f:d4:12:5e:
76:9e:50:fd:c2:a7:c0:39:aa:4b:e6:fc:70:9a:6e:fe:31:f2:
42:70:61:9a:52:c8:68:50:e4:4d:41:d9:6e:a2:ce:f0:9a:f9:
8d:81:20:a0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVwOYhrodO4GbYgYMtgzdFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZWRkM2M3MjczZDlhYjM2NGEzMTRkYTQ4MWU1YmE1MWY4
NDI5NmYwHhcNMjMwMTAyMDIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU4MWQ0NjA4MWJlYzZmZTM5Njk2YTJjMTBlNzUyNzQ1M2UzZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif+2VVjo/n6dDf5RK8ihDFY9zZsU
QwYMWVtC5qj2Jcar5mgJDeXvaRSqLChglvyzt38+UY1cXkVz5YDu56kZ2lbIU27q
zjggY1KpSilSY6zOru0F1prFQcX3rCH1PhsqJ2WQ9ZBXDb7fWQ28k6Nw7JaD+I+4
l9vfpaYeuDVAGMU5jQVKxKVo36d0CUl9ylfZ+C5Gj1D4GSS+XwuNTZHvwqALaoZ+
KKcN08dMIkE/vK3Hsmz1gEqSEmdZr7vGc6nf6v344Jz2Md9Q3Fqr1i8Lo3ogAC44
yrrWInCSCk9ydoO5hTdtXhForul8DbwQ9ZH+d+Nre3b4YlJKj7+JGd1x6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLToHUYIG+xv45aWosEOdSdFPj/7MB8GA1UdIwQY
MBaAFDrt08cnPZqzZKMU2kgeW6UfhClvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3UzVHh5Yzltck5rb3hUYVNCNWJwUi1FS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS82MmM5MmEtNWMyMy00OGQ3LWJjYTIt
NjNmMDQwOTVhNGM0LzEvdE9nZFJnZ2I3R19qbHBhaXdRNTFKMFUtUF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS82MmM5MmEtNWMyMy00OGQ3LWJjYTItNjNmMDQwOTVhNGM0
LzEvT3UzVHh5Yzltck5rb3hUYVNCNWJwUi1FS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDsvlQAwQC
ucO0AwQAwYpTAwQAwm7EAwQAwnkLMA0EAgACMAcDBQAqAiGYMA0GCSqGSIb3DQEB
CwUAA4IBAQAs5mAyDV8PK2sWnsqBk5o3oX54WHR9XSWW3kBjGlq37uWgZJiXRWNt
KJZjleeJWADmoEh4tYcAny5H0V2dDZPe1AicBNbn3GXe5qkOpY0QqZreQ5Nok6CQ
cmD/fHGhjUVxijQyS5KoWi79lTbWE409BwOWn/g8RSfTo+RbkWmzd6XEKeoPI6nQ
BdN0pxJR0MTuik7Uv643pWSxNWQTPZz5JeIdVVxZSQoCO5p7Vbdl+UcK7ao5RBef
6/f9Wlunc1XFca4GHPlhVRZM0im763NGSRJk3k/UEl52nlD9wqfAOapL5vxwmm7+
MfJCcGGaUshoUORNQdluos7wmvmNgSCg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:17 2024 by rpki-client on console-fra.rpki-client.org