Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/Ar8bKKM-803fvj_TK1R-GEfunEY.roa
File: Ar8bKKM-803fvj_TK1R-GEfunEY.roa (raw, json)
Hash identifier: HSzB6hyBawmY6T8RwdF37LHYap986gmu7Y5ziAXLCK4=
Subject key identifier: 02:BF:1B:28:A3:3E:F3:4D:DF:BE:3F:D3:2B:54:7E:18:47:EE:9C:46
Certificate issuer: /CN=230340d27e4b24f9124977322edb36942e2d160c
Certificate serial: 01857102D7B7D6713330B8BF37C570225D5D
Authority key identifier: 23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/Ar8bKKM-803fvj_TK1R-GEfunEY.roa
Signing time: Mon 02 Jan 2023 05:44:49 +0000
ROA not before: Mon 02 Jan 2023 05:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30778
IP address blocks: 81.6.138.0/24 maxlen: 24
81.6.136.0/23 maxlen: 23
81.6.140.0/22 maxlen: 22
81.6.128.0/21 maxlen: 21
2a00:cd80:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:d7:b7:d6:71:33:30:b8:bf:37:c5:70:22:5d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=230340d27e4b24f9124977322edb36942e2d160c
Validity
Not Before: Jan 2 05:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02bf1b28a33ef34ddfbe3fd32b547e1847ee9c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ac:4a:37:a0:02:12:e1:ac:a7:67:28:bf:c2:
e5:04:21:d1:4c:fb:0b:57:22:26:6c:39:f2:ee:a4:
ad:24:4d:c4:4c:6b:d4:87:98:b0:06:9d:f7:20:69:
32:26:b3:75:f2:49:40:40:b3:87:45:63:83:2f:c6:
f6:af:6e:19:ae:00:24:ec:03:42:e5:11:11:f1:32:
8b:e1:f6:7a:f0:69:d8:bb:a7:8a:76:4e:e7:a0:50:
53:60:b6:8e:d7:5a:6b:68:8c:d9:64:e1:0b:45:fb:
34:86:a9:83:09:40:01:0d:6b:c7:db:0a:9c:dc:86:
ad:71:ed:d5:f8:0a:7e:24:0f:9d:71:4b:c0:bc:96:
56:dc:f3:1a:8e:c1:ee:47:84:5c:bf:25:8b:74:d4:
74:47:a5:2f:b1:2f:11:94:a9:23:69:98:10:ac:82:
be:de:2e:b6:84:d8:c4:78:76:d5:df:f7:73:27:40:
3d:54:4a:42:d5:a5:ee:35:eb:b5:35:9b:2b:b7:d2:
af:25:9d:06:d3:db:0b:9f:ed:c3:03:45:22:af:c7:
5e:97:2e:72:c8:d2:92:bf:49:4b:da:5c:cc:85:c0:
a7:7e:e5:68:2c:22:4c:4a:1d:17:87:bf:56:7c:ae:
a8:9c:41:29:26:1d:c4:6b:aa:ff:50:68:19:e4:38:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BF:1B:28:A3:3E:F3:4D:DF:BE:3F:D3:2B:54:7E:18:47:EE:9C:46
X509v3 Authority Key Identifier:
keyid:23:03:40:D2:7E:4B:24:F9:12:49:77:32:2E:DB:36:94:2E:2D:16:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwNA0n5LJPkSSXcyLts2lC4tFgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/Ar8bKKM-803fvj_TK1R-GEfunEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/7bdf52-6ac5-4c24-bfd0-b570907b59eb/1/IwNA0n5LJPkSSXcyLts2lC4tFgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.6.128.0-81.6.138.255
81.6.140.0/22
IPv6:
2a00:cd80:8000::/33
Signature Algorithm: sha256WithRSAEncryption
48:b3:22:2d:12:6d:0a:ef:73:94:94:df:50:89:b6:4d:98:ca:
8c:cb:7e:ff:34:11:b5:55:52:42:2e:2a:91:93:3e:3d:dc:9d:
f7:b6:41:d7:cf:b0:70:dd:56:36:49:e1:bb:99:2c:61:34:38:
77:f8:58:aa:1c:85:d2:94:1f:ef:1c:8c:b4:78:9e:bd:5f:ba:
d1:84:d9:19:b4:c5:c2:9f:2a:7c:c3:00:72:0c:de:7e:f8:3b:
37:4c:c1:b9:49:59:13:68:e6:fd:24:8e:c1:7a:50:6f:7f:08:
f8:31:c2:e1:dd:64:ec:7b:37:91:5c:c4:3f:0d:87:4d:79:6b:
85:3e:57:11:34:e8:3e:97:5f:c4:f7:b2:c9:45:f4:21:c1:b9:
ba:1e:6a:6f:49:e8:74:7a:e9:ac:11:28:40:00:c5:54:fd:43:
aa:5e:ad:90:1d:41:6e:4b:a1:1b:93:db:c2:d0:c5:e9:a8:09:
d7:f2:c2:65:80:6f:65:db:1e:53:27:0d:9a:78:e7:ba:c3:d2:
bc:2f:47:48:f7:a2:24:d3:e9:25:95:3c:fb:a2:74:cd:39:da:
47:54:1a:26:bc:48:88:f7:34:fb:7d:0d:5e:4a:42:af:84:b7:
28:14:90:a8:eb:2d:8b:bb:3d:e3:e3:47:3a:03:e3:5e:bc:e0:
17:d4:9f:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVxAte31nEzMLi/N8VwIl1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMDM0MGQyN2U0YjI0ZjkxMjQ5NzczMjJlZGIzNjk0MmUy
ZDE2MGMwHhcNMjMwMTAyMDU0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJmMWIyOGEzM2VmMzRkZGZiZTNmZDMyYjU0N2UxODQ3ZWU5YzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2axKN6ACEuGsp2cov8LlBCHRTPsL
VyImbDny7qStJE3ETGvUh5iwBp33IGkyJrN18klAQLOHRWODL8b2r24ZrgAk7ANC
5RER8TKL4fZ68GnYu6eKdk7noFBTYLaO11praIzZZOELRfs0hqmDCUABDWvH2wqc
3Iatce3V+Ap+JA+dcUvAvJZW3PMajsHuR4RcvyWLdNR0R6UvsS8RlKkjaZgQrIK+
3i62hNjEeHbV3/dzJ0A9VEpC1aXuNeu1NZsrt9KvJZ0G09sLn+3DA0Uir8dely5y
yNKSv0lL2lzMhcCnfuVoLCJMSh0Xh79WfK6onEEpJh3Ea6r/UGgZ5DiA9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAK/GyijPvNN374/0ytUfhhH7pxGMB8GA1UdIwQY
MBaAFCMDQNJ+SyT5Ekl3Mi7bNpQuLRYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAt
YjU3MDkwN2I1OWViLzEvQXI4YktLTS04MDNmdmpfVEsxUi1HRWZ1bkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS83YmRmNTItNmFjNS00YzI0LWJmZDAtYjU3MDkwN2I1OWVi
LzEvSXdOQTBuNUxKUGtTU1hjeUx0czJsQzR0Rmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAdRBoAD
BABRBooDBAJRBowwDgQCAAIwCAMGByoAzYCAMA0GCSqGSIb3DQEBCwUAA4IBAQBI
syItEm0K73OUlN9QibZNmMqMy37/NBG1VVJCLiqRkz493J33tkHXz7Bw3VY2SeG7
mSxhNDh3+FiqHIXSlB/vHIy0eJ69X7rRhNkZtMXCnyp8wwByDN5++Ds3TMG5SVkT
aOb9JI7BelBvfwj4McLh3WTsezeRXMQ/DYdNeWuFPlcRNOg+l1/E97LJRfQhwbm6
HmpvSeh0eumsEShAAMVU/UOqXq2QHUFuS6Ebk9vC0MXpqAnX8sJlgG9l2x5TJw2a
eOe6w9K8L0dI96Ik0+kllTz7onTNOdpHVBomvEiI9zT7fQ1eSkKvhLcoFJCo6y2L
uz3j40c6A+NevOAX1J8H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:17 2024 by rpki-client on console-fra.rpki-client.org