Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hUdOe4DffMlKyDpwdIw2UKFkb7w.roa
File: hUdOe4DffMlKyDpwdIw2UKFkb7w.roa (raw, json)
Hash identifier: C6I0SD1ftDeNWBTLgrrfjEPL8PJioiL2gSE6QkTor9Q=
Subject key identifier: 85:47:4E:7B:80:DF:7C:C9:4A:C8:3A:70:74:8C:36:50:A1:64:6F:BC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0185710301BD263AD48C3CE22B98A76DDEB5
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hUdOe4DffMlKyDpwdIw2UKFkb7w.roa
Signing time: Mon 02 Jan 2023 05:45:00 +0000
ROA not before: Mon 02 Jan 2023 05:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25596
IP address blocks: 82.197.192.0/19 maxlen: 19
185.6.48.0/22 maxlen: 22
185.227.72.0/22 maxlen: 22
84.245.0.0/20 maxlen: 20
87.101.0.0/21 maxlen: 21
84.245.16.0/20 maxlen: 20
84.245.32.0/20 maxlen: 20
217.19.16.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:03:01:bd:26:3a:d4:8c:3c:e2:2b:98:a7:6d:de:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 2 05:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85474e7b80df7cc94ac83a70748c3650a1646fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ff:b6:c0:88:fc:c5:d9:33:79:fd:10:07:3d:
a0:8f:34:7c:d1:92:c9:f6:a7:99:0f:5f:e9:4f:57:
e1:7a:95:d2:d6:59:61:f0:b2:01:3d:85:07:67:9a:
2b:60:ee:ad:97:f2:89:4d:da:e9:9d:83:9a:fc:01:
5b:68:6e:20:f8:43:fc:f5:71:1d:83:5d:1a:51:dd:
42:3e:2a:65:30:40:ce:c5:63:7a:e8:7d:80:3c:0c:
4b:d4:2d:03:d7:c7:3f:01:73:65:2e:ae:c4:b7:9a:
2b:65:2b:c8:16:7c:18:62:77:c5:bd:c1:1f:57:52:
1a:59:8e:ff:42:23:15:a0:9c:21:c6:75:f5:09:9b:
46:b2:79:69:25:a3:9e:89:44:95:80:bd:34:95:04:
ea:ff:46:b7:c6:df:da:e9:c9:4b:17:b6:67:6f:c2:
19:4e:fd:a3:32:fa:fb:f4:6e:52:cc:ea:42:69:09:
f4:ce:da:02:10:f3:53:16:a8:c9:91:30:a7:30:ab:
74:aa:d9:85:21:ab:41:f4:c3:15:f5:2f:6b:fa:76:
ad:b6:b8:ab:5a:29:13:24:37:d1:c4:87:5c:06:ce:
32:e1:6c:4f:02:37:fc:c8:f2:31:d5:40:af:33:ed:
bb:2d:4e:1f:e2:d5:c0:af:af:10:87:de:6c:c3:d3:
fd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:47:4E:7B:80:DF:7C:C9:4A:C8:3A:70:74:8C:36:50:A1:64:6F:BC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/hUdOe4DffMlKyDpwdIw2UKFkb7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.197.192.0/19
84.245.0.0-84.245.47.255
87.101.0.0/21
185.6.48.0/22
185.227.72.0/22
217.19.16.0/20
Signature Algorithm: sha256WithRSAEncryption
77:d3:af:3c:b9:4d:ce:8c:c1:fc:8a:ce:e5:2a:84:d9:e1:bf:
db:c1:5c:f9:91:a2:48:02:a8:40:73:ef:62:80:bf:63:a7:e1:
ca:23:dd:35:1b:65:23:ed:87:5a:0b:4d:68:5f:b9:3f:93:5b:
8e:80:ce:62:f5:91:34:80:70:6b:cc:bc:98:12:86:62:46:dd:
94:ec:a7:b9:60:78:37:1e:5a:7c:aa:2b:62:92:4c:31:d6:94:
c3:07:2f:58:be:a6:5e:fd:24:d0:ad:c5:1e:e6:68:43:2f:81:
45:3e:69:a1:db:65:e5:00:be:31:3a:8b:d6:63:45:f2:a1:c8:
98:8e:19:9d:f4:cc:8d:c7:ca:cc:2d:97:2d:da:89:d9:52:ee:
94:65:75:b6:16:39:d0:74:ae:6d:17:48:31:03:07:33:c6:fa:
a0:a7:3d:26:ad:b8:02:d4:fa:55:63:6e:6e:a7:13:90:e6:06:
e4:67:65:42:0b:c0:11:45:f3:76:b0:8b:26:d2:6a:a0:24:b2:
d0:ef:58:b8:bd:db:8f:23:ce:b7:17:6f:26:57:1d:f4:88:85:
bc:44:42:d8:52:0e:c1:48:25:5c:fb:4f:60:dc:3b:0e:c5:f5:
a3:ab:95:82:cf:37:f1:70:73:b0:c9:e1:3d:86:10:c8:44:e5:
2c:63:b6:08
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVxAwG9JjrUjDziK5inbd61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ3NGU3YjgwZGY3Y2M5NGFjODNhNzA3NDhjMzY1MGExNjQ2ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6v+2wIj8xdkzef0QBz2gjzR80ZLJ
9qeZD1/pT1fhepXS1llh8LIBPYUHZ5orYO6tl/KJTdrpnYOa/AFbaG4g+EP89XEd
g10aUd1CPiplMEDOxWN66H2APAxL1C0D18c/AXNlLq7Et5orZSvIFnwYYnfFvcEf
V1IaWY7/QiMVoJwhxnX1CZtGsnlpJaOeiUSVgL00lQTq/0a3xt/a6clLF7Znb8IZ
Tv2jMvr79G5SzOpCaQn0ztoCEPNTFqjJkTCnMKt0qtmFIatB9MMV9S9r+nattrir
WikTJDfRxIdcBs4y4WxPAjf8yPIx1UCvM+27LU4f4tXAr68Qh95sw9P9kwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIVHTnuA33zJSsg6cHSMNlChZG+8MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaFVkT2U0RGZmTWxLeURwd2RJdzJVS0ZrYjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQFUsXAMAsD
AwBU9QMEBFT1IAMEA1dlAAMEArkGMAMEArnjSAMEBNkTEDANBgkqhkiG9w0BAQsF
AAOCAQEAd9OvPLlNzozB/IrO5SqE2eG/28Fc+ZGiSAKoQHPvYoC/Y6fhyiPdNRtl
I+2HWgtNaF+5P5NbjoDOYvWRNIBwa8y8mBKGYkbdlOynuWB4Nx5afKorYpJMMdaU
wwcvWL6mXv0k0K3FHuZoQy+BRT5podtl5QC+MTqL1mNF8qHImI4ZnfTMjcfKzC2X
LdqJ2VLulGV1thY50HSubRdIMQMHM8b6oKc9Jq24AtT6VWNubqcTkOYG5GdlQgvA
EUXzdrCLJtJqoCSy0O9YuL3bjyPOtxdvJlcd9IiFvERC2FIOwUglXPtPYNw7DsX1
o6uVgs838XBzsMnhPYYQyETlLGO2CA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org