Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/k_X0B1eu1sGUsmyeBdvYjCUS_7A.roa
File: k_X0B1eu1sGUsmyeBdvYjCUS_7A.roa (raw, json)
Hash identifier: S08TJoWNfwT5CRxK9nAxNX8UuV8NGOEQTD0mgdRd3Pc=
Subject key identifier: 93:F5:F4:07:57:AE:D6:C1:94:B2:6C:9E:05:DB:D8:8C:25:12:FF:B0
Certificate issuer: /CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Certificate serial: 01856D78A1866E8891E7CB333C8D4A9E0AF1
Authority key identifier: B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/k_X0B1eu1sGUsmyeBdvYjCUS_7A.roa
Signing time: Sun 01 Jan 2023 13:15:00 +0000
ROA not before: Sun 01 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57728
IP address blocks: 81.25.16.0/21 maxlen: 21
81.25.24.0/21 maxlen: 21
185.255.116.0/22 maxlen: 22
109.234.40.0/21 maxlen: 21
2a00:1807::/32 maxlen: 32
2a00:1800::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a1:86:6e:88:91:e7:cb:33:3c:8d:4a:9e:0a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3143920956802a8eb4b4627a2ff4f3987ec1a3d
Validity
Not Before: Jan 1 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93f5f40757aed6c194b26c9e05dbd88c2512ffb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:0a:8e:27:f2:3d:6c:87:a5:81:d9:e0:28:
1f:65:39:37:d6:17:f3:e1:52:29:f9:bb:fc:78:78:
25:f0:bb:1e:72:19:67:43:a2:40:11:b0:c7:18:ef:
ff:1d:93:9f:95:03:f4:25:70:f7:52:04:a0:eb:f2:
19:2c:7e:1c:81:f3:e5:d8:b4:05:ef:48:b7:32:0b:
71:df:29:a3:90:cd:6a:c5:bc:b1:2a:33:14:2a:7b:
79:ff:dd:68:3b:70:51:9b:25:54:22:30:d0:48:14:
32:53:70:b6:c5:e8:35:b3:94:4c:fa:f2:15:c0:11:
40:e6:a6:8a:18:5e:c0:62:58:a1:df:76:16:b9:19:
ad:36:19:75:ec:25:65:0c:b3:5e:90:fa:f8:7b:8b:
4d:aa:61:a2:a5:7c:38:2f:a1:2c:27:7f:bb:71:9f:
72:c6:89:b3:b1:d9:2b:c3:fb:7d:15:eb:ad:16:2a:
d3:01:f4:1d:e4:0d:74:92:17:32:bb:93:a5:c8:f4:
e7:a5:3a:e7:f1:8f:e9:6e:a4:b8:ea:87:21:74:52:
8f:0f:46:e0:b5:11:62:6b:5a:43:01:0f:f1:af:e0:
f2:d2:9d:5e:69:8e:5e:ab:97:bf:b7:a7:f3:87:f0:
9f:cb:32:ad:a2:ee:98:9c:b2:7c:9f:29:51:55:24:
94:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F5:F4:07:57:AE:D6:C1:94:B2:6C:9E:05:DB:D8:8C:25:12:FF:B0
X509v3 Authority Key Identifier:
keyid:B3:14:39:20:95:68:02:A8:EB:4B:46:27:A2:FF:4F:39:87:EC:1A:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sxQ5IJVoAqjrS0Ynov9POYfsGj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/k_X0B1eu1sGUsmyeBdvYjCUS_7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/a1c142-8943-49f4-8cc9-6ef2b9d7f104/1/sxQ5IJVoAqjrS0Ynov9POYfsGj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.16.0/20
109.234.40.0/21
185.255.116.0/22
IPv6:
2a00:1800::/32
2a00:1807::/32
Signature Algorithm: sha256WithRSAEncryption
03:6f:1b:4f:08:32:fa:5d:c1:e2:37:e8:35:8e:b9:d1:1b:7a:
69:1a:24:4a:17:44:a7:f0:53:9b:eb:4e:67:3d:6b:e4:d4:67:
60:ac:5e:75:86:12:d5:f8:1e:ef:0f:25:84:d9:56:61:9c:e6:
c7:15:cc:81:f4:22:15:4c:e7:4b:cf:1f:d2:c4:0c:5b:bd:46:
f0:03:ce:d2:07:8b:d7:e0:ba:9e:1d:2f:dc:4c:df:bd:31:4b:
29:74:79:1a:87:bc:68:45:7d:c9:d5:14:40:57:28:b4:9c:27:
03:30:59:39:79:af:e6:8f:80:b8:32:a9:2e:a2:97:96:1a:09:
80:73:d8:73:56:ce:d2:4e:b5:c8:fa:c1:8f:2f:24:17:87:18:
5e:73:31:1f:1c:2d:57:be:f9:e7:93:70:44:cb:36:94:73:bf:
08:d6:97:fa:94:3a:f2:89:91:63:98:95:47:6f:0a:9f:0f:f1:
0e:b0:dd:3a:1e:04:4f:60:ac:3a:03:8d:61:5c:6e:3a:58:eb:
63:55:da:ed:46:81:e8:00:cd:c1:68:d3:92:a5:8f:ee:5e:29:
c6:a8:c8:6b:df:f2:38:ba:63:92:53:52:ac:ee:7b:89:09:a9:
6b:71:06:0a:6f:3f:cd:6f:2e:89:e0:53:9c:ac:ac:eb:5f:16:
db:5a:36:56
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVteKGGboiR58szPI1KngrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMTQzOTIwOTU2ODAyYThlYjRiNDYyN2EyZmY0ZjM5ODdl
YzFhM2QwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y1ZjQwNzU3YWVkNmMxOTRiMjZjOWUwNWRiZDg4YzI1MTJmZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAkKjifyPWyHpYHZ4CgfZTk31hfz
4VIp+bv8eHgl8LsechlnQ6JAEbDHGO//HZOflQP0JXD3UgSg6/IZLH4cgfPl2LQF
70i3Mgtx3ymjkM1qxbyxKjMUKnt5/91oO3BRmyVUIjDQSBQyU3C2xeg1s5RM+vIV
wBFA5qaKGF7AYlih33YWuRmtNhl17CVlDLNekPr4e4tNqmGipXw4L6EsJ3+7cZ9y
xomzsdkrw/t9FeutFirTAfQd5A10khcyu5OlyPTnpTrn8Y/pbqS46ochdFKPD0bg
tRFia1pDAQ/xr+Dy0p1eaY5eq5e/t6fzh/CfyzKtou6YnLJ8nylRVSSUrwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFJP19AdXrtbBlLJsngXb2IwlEv+wMB8GA1UdIwQY
MBaAFLMUOSCVaAKo60tGJ6L/TzmH7Bo9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzkt
NmVmMmI5ZDdmMTA0LzEva19YMEIxZXUxc0dVc215ZUJkdllqQ1VTXzdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9hMWMxNDItODk0My00OWY0LThjYzktNmVmMmI5ZDdmMTA0
LzEvc3hRNUlKVm9BcWpyUzBZbm92OVBPWWZzR2owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQEURkQAwQD
beooAwQCuf90MBQEAgACMA4DBQAqABgAAwUAKgAYBzANBgkqhkiG9w0BAQsFAAOC
AQEAA28bTwgy+l3B4jfoNY650Rt6aRokShdEp/BTm+tOZz1r5NRnYKxedYYS1fge
7w8lhNlWYZzmxxXMgfQiFUznS88f0sQMW71G8APO0geL1+C6nh0v3EzfvTFLKXR5
Goe8aEV9ydUUQFcotJwnAzBZOXmv5o+AuDKpLqKXlhoJgHPYc1bO0k61yPrBjy8k
F4cYXnMxHxwtV77555NwRMs2lHO/CNaX+pQ68omRY5iVR28Knw/xDrDdOh4ET2Cs
OgONYVxuOljrY1Xa7UaB6ADNwWjTkqWP7l4pxqjIa9/yOLpjklNSrO57iQmpa3EG
Cm8/zW8uieBTnKys618W21o2Vg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:40 2024 by rpki-client on console-ams.rpki-client.org