Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/u43uO_T_t6zuXC6SrdwBWrLZTgk.roa
File: u43uO_T_t6zuXC6SrdwBWrLZTgk.roa (raw, json)
Hash identifier: h34JZ66BovcDv+3BsnLwAnPe5dhvFI3+1BMBn8kZPuk=
Subject key identifier: BB:8D:EE:3B:F4:FF:B7:AC:EE:5C:2E:92:AD:DC:01:5A:B2:D9:4E:09
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA4160A10FBE19F2A548B7D9D445A8
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/u43uO_T_t6zuXC6SrdwBWrLZTgk.roa
Signing time: Mon 02 Jan 2023 13:44:47 +0000
ROA not before: Mon 02 Jan 2023 13:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8581
IP address blocks: 195.130.112.0/21 maxlen: 21
195.251.192.0/21 maxlen: 21
195.130.120.0/23 maxlen: 23
195.251.200.0/23 maxlen: 23
194.177.199.0/24 maxlen: 24
83.212.184.0/21 maxlen: 21
83.212.192.0/21 maxlen: 21
195.130.74.0/24 maxlen: 24
195.130.72.0/23 maxlen: 23
2001:648:2e01::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:41:60:a1:0f:be:19:f2:a5:48:b7:d9:d4:45:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb8dee3bf4ffb7acee5c2e92addc015ab2d94e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ab:c3:90:f7:ed:5c:8d:ec:4e:9f:8c:17:10:
b6:05:d5:4f:b0:8d:28:ba:e2:41:b1:06:1a:9f:73:
34:a1:ac:a9:c1:a3:e9:15:7c:1a:17:cf:45:67:8b:
74:a0:d0:0e:4f:88:6c:06:92:ea:d1:a3:3d:16:bf:
ab:2e:7b:03:56:8f:e7:d4:1c:61:ff:16:f1:33:ae:
db:4b:b9:ef:74:f7:b7:0e:8a:6a:cd:fa:a1:14:d2:
e2:22:40:3f:35:87:99:77:63:9c:fe:8c:46:27:99:
58:30:47:4e:89:e9:35:ca:38:24:3f:25:71:03:17:
74:0a:22:01:6f:80:76:b6:fc:23:fe:4b:b7:13:16:
64:9b:c1:c9:83:06:67:a0:d2:b2:3a:67:8c:53:b3:
08:1e:a2:0d:e0:8f:5e:c9:af:cf:41:0d:47:7d:4c:
8c:b8:70:ff:ef:c5:cd:57:c6:2d:7b:f2:db:7b:f6:
01:ea:27:a0:ba:fd:a5:aa:e7:8b:08:98:99:36:2e:
3c:c6:3d:45:97:ed:ae:64:6e:de:26:3d:fe:1e:c2:
1a:d5:4a:73:dd:23:04:c8:a6:c4:56:c5:0a:ad:fd:
e3:4a:22:03:36:46:94:82:97:e1:d0:ba:a8:b4:3d:
bf:d4:7f:00:8a:8f:2c:a3:93:32:55:1d:1a:27:89:
0f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8D:EE:3B:F4:FF:B7:AC:EE:5C:2E:92:AD:DC:01:5A:B2:D9:4E:09
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/u43uO_T_t6zuXC6SrdwBWrLZTgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.184.0-83.212.199.255
194.177.199.0/24
195.130.72.0-195.130.74.255
195.130.112.0-195.130.121.255
195.251.192.0-195.251.201.255
IPv6:
2001:648:2e01::/48
Signature Algorithm: sha256WithRSAEncryption
5e:9c:35:40:34:bb:6b:be:9b:1d:e0:bd:91:4a:14:83:39:69:
fe:de:42:b3:2a:1b:7b:fa:bc:03:e8:7e:f6:fe:af:c9:be:f6:
4b:b5:e5:91:44:1f:e0:1f:ad:ec:ab:ba:ed:ac:8d:86:7d:e7:
be:ec:d0:f6:4c:f8:c9:3a:f2:0c:b1:40:79:21:14:f2:60:0b:
8d:69:a6:45:4d:6c:a8:b5:ea:e4:62:c7:a0:f6:ee:30:34:8f:
c6:6d:c5:0d:83:2c:93:a2:84:93:65:29:33:03:0d:8b:8e:cb:
6e:3d:80:07:17:32:e7:7c:0b:12:7f:e8:d4:13:7d:c0:ee:fb:
ae:cd:ab:45:76:56:bf:2c:03:ca:75:81:e7:36:6b:d0:60:fd:
6e:e0:ec:aa:68:58:0c:63:2c:31:47:89:45:ab:de:44:b1:66:
c4:76:ca:18:14:ab:69:d9:55:9c:31:36:f4:8b:99:1a:1b:de:
12:eb:ec:a3:f1:91:44:59:4a:6b:b2:99:5b:bb:b5:3d:87:a4:
c6:95:1f:77:49:8c:c9:fa:e3:37:ec:0a:2b:50:af:8d:db:52:
f9:e0:8c:97:28:50:d8:bf:f1:fe:84:7d:46:66:89:63:d5:89:
5d:06:1f:27:d8:fc:ef:78:0d:bf:e0:e9:7b:7f:2b:5d:51:70:
7d:a7:94:4d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYVyukFgoQ++GfKlSLfZ1EWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhkZWUzYmY0ZmZiN2FjZWU1YzJlOTJhZGRjMDE1YWIyZDk0ZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoavDkPftXI3sTp+MFxC2BdVPsI0o
uuJBsQYan3M0oaypwaPpFXwaF89FZ4t0oNAOT4hsBpLq0aM9Fr+rLnsDVo/n1Bxh
/xbxM67bS7nvdPe3DopqzfqhFNLiIkA/NYeZd2Oc/oxGJ5lYMEdOiek1yjgkPyVx
Axd0CiIBb4B2tvwj/ku3ExZkm8HJgwZnoNKyOmeMU7MIHqIN4I9eya/PQQ1HfUyM
uHD/78XNV8Yte/Lbe/YB6ieguv2lqueLCJiZNi48xj1Fl+2uZG7eJj3+HsIa1Upz
3SMEyKbEVsUKrf3jSiIDNkaUgpfh0LqotD2/1H8Aio8so5MyVR0aJ4kPswIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFLuN7jv0/7es7lwukq3cAVqy2U4JMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvdTQzdU9fVF90Nnp1WEM2U3Jkd0JXckxaVGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBEBAIAATA+MAwDBANT1LgD
BANT1MADBADCsccwDAMEA8OCSAMEAMOCSjAMAwQEw4JwAwQBw4J4MAwDBAbD+8AD
BAHD+8gwDwQCAAIwCQMHACABBkguATANBgkqhkiG9w0BAQsFAAOCAQEAXpw1QDS7
a76bHeC9kUoUgzlp/t5Csyobe/q8A+h+9v6vyb72S7XlkUQf4B+t7Ku67ayNhn3n
vuzQ9kz4yTryDLFAeSEU8mALjWmmRU1sqLXq5GLHoPbuMDSPxm3FDYMsk6KEk2Up
MwMNi47Lbj2ABxcy53wLEn/o1BN9wO77rs2rRXZWvywDynWB5zZr0GD9buDsqmhY
DGMsMUeJRaveRLFmxHbKGBSradlVnDE29IuZGhveEuvso/GRRFlKa7KZW7u1PYek
xpUfd0mMyfrjN+wKK1CvjdtS+eCMlyhQ2L/x/oR9RmaJY9WJXQYfJ9j873gNv+Dp
e38rXVFwfaeUTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:49 2024 by rpki-client on console-ams.rpki-client.org