Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/C9DpJh0MXFRpUXQcdfo7PLaLCvY.roa
File: C9DpJh0MXFRpUXQcdfo7PLaLCvY.roa (raw, json)
Hash identifier: q0YxSUE4ziHcKtpuUWMK3dTdFCtbcT7usJ1kWj1ggj4=
Subject key identifier: 0B:D0:E9:26:1D:0C:5C:54:69:51:74:1C:75:FA:3B:3C:B6:8B:0A:F6
Certificate issuer: /CN=10a69541eb068e6d2e596c481d93fd6bf9771267
Certificate serial: 018CC5011ECEED6F472A3EFB4C93FBB65CFB
Authority key identifier: 10:A6:95:41:EB:06:8E:6D:2E:59:6C:48:1D:93:FD:6B:F9:77:12:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKaVQesGjm0uWWxIHZP9a_l3Emc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/C9DpJh0MXFRpUXQcdfo7PLaLCvY.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20811
IP address blocks: 217.199.0.0/19 maxlen: 24
89.190.160.0/19 maxlen: 24
46.234.224.0/19 maxlen: 24
93.89.48.0/20 maxlen: 24
84.18.128.0/19 maxlen: 24
37.186.128.0/18 maxlen: 24
185.6.192.0/22 maxlen: 24
95.171.32.0/19 maxlen: 24
2a02:490::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 May 2024 09:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1e:ce:ed:6f:47:2a:3e:fb:4c:93:fb:b6:5c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a69541eb068e6d2e596c481d93fd6bf9771267
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bd0e9261d0c5c546951741c75fa3b3cb68b0af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:59:2e:b9:35:cc:15:7c:32:fe:81:41:73:e5:
7d:31:b4:7a:d6:72:30:aa:07:45:b8:1c:3c:4d:58:
3f:76:c5:b1:72:04:7c:5c:5f:c8:8f:b8:5e:42:da:
aa:f8:e8:27:12:ea:a4:09:a3:b8:63:b0:44:53:32:
ca:2c:00:c0:a3:dd:78:84:58:3a:9d:e9:a1:26:f2:
70:b6:88:de:a5:4d:53:13:62:3d:e8:32:a5:e0:7b:
45:bf:90:f8:fe:56:9b:ee:9f:84:e4:87:e6:4c:51:
a5:78:42:b5:52:cc:ff:21:0c:a8:3b:a3:dc:09:5c:
f1:f0:4a:d4:bd:47:27:8d:ab:86:78:1f:38:98:3f:
60:90:e6:7b:bf:36:47:7f:7d:18:f8:a9:94:ae:fc:
c5:33:52:6c:0b:02:cc:3b:7c:bd:e7:68:b6:20:ee:
c3:24:d8:da:5c:3c:56:e6:cd:56:5a:67:61:00:d7:
b5:99:f8:cf:83:ba:b1:c3:55:19:b0:83:4b:6f:af:
fa:d8:53:92:fa:44:bd:9b:39:48:63:90:1c:f1:f3:
27:8d:06:43:22:b9:06:26:75:2e:5e:b7:3f:12:54:
c2:1a:c2:6b:cd:23:08:3d:9a:92:22:bc:64:5f:80:
cb:cc:e7:f6:e4:89:c7:17:6d:57:b4:c1:13:74:3d:
62:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D0:E9:26:1D:0C:5C:54:69:51:74:1C:75:FA:3B:3C:B6:8B:0A:F6
X509v3 Authority Key Identifier:
keyid:10:A6:95:41:EB:06:8E:6D:2E:59:6C:48:1D:93:FD:6B:F9:77:12:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKaVQesGjm0uWWxIHZP9a_l3Emc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/C9DpJh0MXFRpUXQcdfo7PLaLCvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/1ef119-2bae-42e4-b02f-7e18fd6afdfd/1/EKaVQesGjm0uWWxIHZP9a_l3Emc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.186.128.0/18
46.234.224.0/19
84.18.128.0/19
89.190.160.0/19
93.89.48.0/20
95.171.32.0/19
185.6.192.0/22
217.199.0.0/19
IPv6:
2a02:490::/29
Signature Algorithm: sha256WithRSAEncryption
56:27:d0:a3:79:6b:a6:e4:11:e1:98:c7:2f:cf:6c:fc:ef:c3:
16:13:c0:42:a4:f8:ab:7a:65:fc:00:12:17:63:2b:3b:99:94:
b9:c4:8c:38:51:7d:87:cf:41:1e:a1:92:23:69:d5:50:cf:62:
e7:d3:fb:6e:c0:0d:b0:11:63:e0:54:66:cf:ec:d9:df:bc:11:
1f:5a:05:3a:06:aa:df:57:9e:99:b3:83:51:11:14:9d:2a:17:
fd:1d:86:d0:20:25:8a:51:6e:ca:5e:1c:30:08:b4:b0:90:dc:
5e:ce:42:ce:cb:07:ca:b5:9e:4e:5e:8b:00:ee:2a:6a:3f:81:
3b:5c:cc:50:6e:7f:fd:58:07:ae:3e:6f:5d:e1:d2:71:2b:01:
35:ae:c3:46:ff:24:88:81:8b:52:8c:fb:3f:7d:a7:55:49:97:
ae:a6:11:b1:df:79:6b:85:d4:e6:a8:4d:01:07:16:87:f1:40:
16:2d:47:00:5d:55:0c:34:14:90:dc:35:5c:88:5f:70:16:40:
50:56:af:4d:2d:2c:3d:2c:d8:44:11:28:13:6f:81:e5:e8:70:
b1:0b:f9:94:26:4f:97:1f:35:31:8c:a8:a1:7c:de:3f:1b:e3:
26:9b:82:9d:fa:0b:30:49:1f:f1:e2:7e:ae:24:32:60:61:78:
7e:89:f3:4a
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzFAR7O7W9HKj77TJP7tlz7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYTY5NTQxZWIwNjhlNmQyZTU5NmM0ODFkOTNmZDZiZjk3
NzEyNjcwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmQwZTkyNjFkMGM1YzU0Njk1MTc0MWM3NWZhM2IzY2I2OGIwYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VkuuTXMFXwy/oFBc+V9MbR61nIw
qgdFuBw8TVg/dsWxcgR8XF/Ij7heQtqq+OgnEuqkCaO4Y7BEUzLKLADAo914hFg6
nemhJvJwtojepU1TE2I96DKl4HtFv5D4/lab7p+E5IfmTFGleEK1Usz/IQyoO6Pc
CVzx8ErUvUcnjauGeB84mD9gkOZ7vzZHf30Y+KmUrvzFM1JsCwLMO3y952i2IO7D
JNjaXDxW5s1WWmdhANe1mfjPg7qxw1UZsINLb6/62FOS+kS9mzlIY5Ac8fMnjQZD
IrkGJnUuXrc/ElTCGsJrzSMIPZqSIrxkX4DLzOf25InHF21XtMETdD1iSQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAvQ6SYdDFxUaVF0HHX6Ozy2iwr2MB8GA1UdIwQY
MBaAFBCmlUHrBo5tLllsSB2T/Wv5dxJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUthVlFlc0dqbTB1V1d4SUhaUDlhX2wzRW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8xZWYxMTktMmJhZS00MmU0LWIwMmYt
N2UxOGZkNmFmZGZkLzEvQzlEcEpoME1YRlJwVVhRY2RmbzdQTGFMQ3ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8xZWYxMTktMmJhZS00MmU0LWIwMmYtN2UxOGZkNmFmZGZk
LzEvRUthVlFlc0dqbTB1V1d4SUhaUDlhX2wzRW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGJbqAAwQF
LurgAwQFVBKAAwQFWb6gAwQEXVkwAwQFX6sgAwQCuQbAAwQF2ccAMA0EAgACMAcD
BQMqAgSQMA0GCSqGSIb3DQEBCwUAA4IBAQBWJ9CjeWum5BHhmMcvz2z878MWE8BC
pPiremX8ABIXYys7mZS5xIw4UX2Hz0EeoZIjadVQz2Ln0/tuwA2wEWPgVGbP7Nnf
vBEfWgU6BqrfV56Zs4NRERSdKhf9HYbQICWKUW7KXhwwCLSwkNxezkLOywfKtZ5O
XosA7ipqP4E7XMxQbn/9WAeuPm9d4dJxKwE1rsNG/ySIgYtSjPs/fadVSZeuphGx
33lrhdTmqE0BBxaH8UAWLUcAXVUMNBSQ3DVciF9wFkBQVq9NLSw9LNhEESgTb4Hl
6HCxC/mUJk+XHzUxjKihfN4/G+Mmm4Kd+gswSR/x4n6uJDJgYXh+ifNK
-----END CERTIFICATE-----
Generated at Thu May 2 13:51:21 2024 by rpki-client on console-fra.rpki-client.org