Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/1-rpiMSW1A0kPBJZLIgEldy-YS0M.roa
File: 1-rpiMSW1A0kPBJZLIgEldy-YS0M.roa (raw, json)
Hash identifier: TzC5EZcPjI0lTRHHOzN5aAeO7/lfcOty1CE5+fb6bwM=
Subject key identifier: FA:BA:62:31:25:B5:03:49:0F:04:96:4B:22:01:25:77:2F:98:4B:43
Certificate issuer: /CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Certificate serial: 018AEFDE719326AA996399ACB0B8399984A1
Authority key identifier: 9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/1-rpiMSW1A0kPBJZLIgEldy-YS0M.roa
Signing time: Mon 02 Oct 2023 10:10:47 +0000
ROA not before: Mon 02 Oct 2023 10:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12693
IP address blocks: 82.193.255.0/24 maxlen: 24
212.204.32.0/19 maxlen: 24
82.193.224.0/19 maxlen: 24
85.199.96.0/20 maxlen: 24
149.249.48.0/21 maxlen: 21
92.42.224.0/21 maxlen: 21
153.92.72.0/21 maxlen: 24
185.90.156.0/22 maxlen: 24
156.67.224.0/21 maxlen: 21
85.199.64.0/18 maxlen: 24
85.199.74.0/24 maxlen: 24
2a01:a380::/48 maxlen: 48
2a01:a380::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:de:71:93:26:aa:99:63:99:ac:b0:b8:39:99:84:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e1ac369c9456914a12e02dffc8dd79974eb1ef8
Validity
Not Before: Oct 2 10:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faba623125b503490f04964b220125772f984b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:69:f7:50:87:5d:e5:c5:13:c8:d3:78:18:ec:
9d:04:52:79:8c:2a:ad:2b:f7:0b:f1:c6:5c:69:bd:
db:06:ee:85:43:92:04:a7:2a:0d:07:30:d9:31:57:
8e:b6:f9:12:c0:74:75:2f:ce:d0:30:74:f4:5b:44:
d7:b3:5d:77:9a:f1:ae:db:40:fe:81:0d:7b:3e:8a:
27:f0:e4:eb:45:4f:70:4c:f9:57:5e:89:1c:4b:02:
bf:95:5c:56:84:f5:58:0f:f3:11:32:fb:39:93:2e:
f2:d5:7f:5c:32:0b:0a:0a:5e:55:49:ba:09:ba:24:
61:6d:5c:50:be:ea:3b:2c:e0:5d:dc:a8:2e:df:1e:
26:eb:dc:33:41:e9:8d:3b:0d:bd:b8:0f:8b:fc:05:
04:ea:c1:c8:80:60:7a:54:f6:bc:bb:65:f2:15:51:
fd:ec:42:87:e5:9f:5a:2e:c0:cd:33:d8:64:23:eb:
76:cc:fb:0a:5e:3c:3b:2a:70:1a:d9:bc:23:31:12:
d7:08:ef:99:d5:2a:12:d1:9e:50:67:04:12:69:63:
03:65:58:f0:c9:67:40:22:a3:82:b7:0a:62:ea:a1:
96:50:73:71:fd:a4:f1:ad:27:b5:2a:45:f5:6c:d6:
4f:85:db:f5:63:dc:20:8c:81:19:d0:8c:92:94:6b:
6a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:BA:62:31:25:B5:03:49:0F:04:96:4B:22:01:25:77:2F:98:4B:43
X509v3 Authority Key Identifier:
keyid:9E:1A:C3:69:C9:45:69:14:A1:2E:02:DF:FC:8D:D7:99:74:EB:1E:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhrDaclFaRShLgLf_I3XmXTrHvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/1-rpiMSW1A0kPBJZLIgEldy-YS0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/091bd0-2f67-47ce-ae17-d68c57db4cae/1/nhrDaclFaRShLgLf_I3XmXTrHvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.193.224.0/19
85.199.64.0/18
92.42.224.0/21
149.249.48.0/21
153.92.72.0/21
156.67.224.0/21
185.90.156.0/22
212.204.32.0/19
IPv6:
2a01:a380::/32
Signature Algorithm: sha256WithRSAEncryption
4f:d4:d0:8d:41:95:5b:12:71:b2:30:c9:4a:6d:93:7d:cc:03:
26:40:f1:34:e3:b3:3d:c9:7e:3d:7b:46:eb:a3:77:71:4f:42:
64:a3:cd:3a:9b:1f:82:ba:90:d4:ba:ed:25:da:5d:a4:61:71:
ea:6e:d4:ea:a1:56:68:5f:a9:a2:29:ac:00:b1:1c:e1:7d:f0:
d3:c7:66:eb:42:f5:14:a4:3d:9d:09:90:99:ef:43:20:3d:0b:
5f:7a:6e:63:76:58:d7:15:e7:6b:13:07:5b:ee:22:34:ae:3e:
dd:9f:39:42:18:39:77:00:62:13:76:7e:1b:8e:96:9a:13:5a:
ae:a2:61:c3:de:0e:a4:bf:b3:10:3d:f8:ac:e2:1b:53:7e:52:
eb:6c:8f:e0:1b:70:37:7a:f7:7f:92:08:98:ac:e7:6b:71:59:
ee:96:59:69:91:51:2e:bf:1c:34:b5:d0:99:f5:d5:d0:a7:8e:
81:6b:93:e1:eb:7a:9a:24:f0:9c:fb:5d:d7:9b:1e:cf:6c:a8:
39:ee:21:d2:a8:33:00:13:cb:32:eb:4c:d4:bd:11:81:11:40:
d9:fe:51:5b:51:2b:dc:ac:e2:fa:bd:a2:da:be:cf:70:bd:af:
df:72:5a:da:e4:aa:32:70:40:38:2a:ef:5c:bf:61:c2:35:56:
9e:14:9a:ea
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYrv3nGTJqqZY5mssLg5mYShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWFjMzY5Yzk0NTY5MTRhMTJlMDJkZmZjOGRkNzk5NzRl
YjFlZjgwHhcNMjMxMDAyMTAxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWJhNjIzMTI1YjUwMzQ5MGYwNDk2NGIyMjAxMjU3NzJmOTg0YjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGn3UIdd5cUTyNN4GOydBFJ5jCqt
K/cL8cZcab3bBu6FQ5IEpyoNBzDZMVeOtvkSwHR1L87QMHT0W0TXs113mvGu20D+
gQ17Poon8OTrRU9wTPlXXokcSwK/lVxWhPVYD/MRMvs5ky7y1X9cMgsKCl5VSboJ
uiRhbVxQvuo7LOBd3Kgu3x4m69wzQemNOw29uA+L/AUE6sHIgGB6VPa8u2XyFVH9
7EKH5Z9aLsDNM9hkI+t2zPsKXjw7KnAa2bwjMRLXCO+Z1SoS0Z5QZwQSaWMDZVjw
yWdAIqOCtwpi6qGWUHNx/aTxrSe1KkX1bNZPhdv1Y9wgjIEZ0IySlGtq6QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPq6YjEltQNJDwSWSyIBJXcvmEtDMB8GA1UdIwQY
MBaAFJ4aw2nJRWkUoS4C3/yN15l06x74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmhyRGFjbEZhUlNoTGdMZl9JM1htWFRySHZnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wOTFiZDAtMmY2Ny00N2NlLWFlMTct
ZDY4YzU3ZGI0Y2FlLzEvMS1ycGlNU1cxQTBrUEJKWkxJZ0VsZHktWVMwTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvMDkxYmQwLTJmNjctNDdjZS1hZTE3LWQ2OGM1N2RiNGNh
ZS8xL25ockRhY2xGYVJTaExnTGZfSTNYbVhUckh2Zy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBYBggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBVLB4AME
BlXHQAMEA1wq4AMEA5X5MAMEA5lcSAMEA5xD4AMEArlanAMEBdTMIDANBAIAAjAH
AwUAKgGjgDANBgkqhkiG9w0BAQsFAAOCAQEAT9TQjUGVWxJxsjDJSm2TfcwDJkDx
NOOzPcl+PXtG66N3cU9CZKPNOpsfgrqQ1LrtJdpdpGFx6m7U6qFWaF+poimsALEc
4X3w08dm60L1FKQ9nQmQme9DID0LX3puY3ZY1xXnaxMHW+4iNK4+3Z85Qhg5dwBi
E3Z+G46WmhNarqJhw94OpL+zED34rOIbU35S62yP4BtwN3r3f5IImKzna3FZ7pZZ
aZFRLr8cNLXQmfXV0KeOgWuT4et6miTwnPtd15sez2yoOe4h0qgzABPLMutM1L0R
gRFA2f5RW1Er3Kzi+r2i2r7PcL2v33Ja2uSqMnBAOCrvXL9hwjVWnhSa6g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:30 2024 by rpki-client on console-fra.rpki-client.org