Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/_oTJ1kaOzR-KubalwdjyAOI1ib8.roa
File: _oTJ1kaOzR-KubalwdjyAOI1ib8.roa (raw, json)
Hash identifier: L3CKLqeH5L8NTveenV7ZuYMtXciQAKolCXYgZucvInE=
Subject key identifier: FE:84:C9:D6:46:8E:CD:1F:8A:B9:B6:A5:C1:D8:F2:00:E2:35:89:BF
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018CC49387C63751DFC29460B7D70413B3BB
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/_oTJ1kaOzR-KubalwdjyAOI1ib8.roa
Signing time: Mon 01 Jan 2024 10:30:51 +0000
ROA not before: Mon 01 Jan 2024 10:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46450
IP address blocks: 162.218.95.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
94.154.183.0/24 maxlen: 24
2a07:c6c0:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 May 2024 09:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:87:c6:37:51:df:c2:94:60:b7:d7:04:13:b3:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 10:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe84c9d6468ecd1f8ab9b6a5c1d8f200e23589bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:05:8f:60:55:99:fa:64:7e:17:a8:3f:0d:b6:
f5:3d:e5:65:ba:c4:67:b6:b2:39:6c:9e:1c:8e:d1:
65:28:8d:b7:ef:99:1c:79:ef:f1:de:0f:de:31:32:
31:e8:e8:f5:d5:69:45:64:5b:ab:94:79:2c:5d:18:
54:be:04:f2:f7:ea:b7:23:3d:e7:d1:b9:8d:75:d4:
57:de:06:6d:5c:98:7d:84:14:bf:38:fa:56:42:11:
09:63:17:75:5b:1f:cd:1c:24:11:6c:db:ed:0d:73:
d0:ae:40:dd:4c:79:bf:77:5f:8e:33:48:ef:a8:f6:
52:91:97:84:da:90:cb:3b:6d:a4:ab:db:fe:7d:77:
e3:4a:d1:ce:52:81:ec:c6:22:42:12:ac:5f:86:34:
ab:ee:96:b5:af:1f:c4:94:54:15:c0:f6:a8:5c:61:
0a:fa:1b:88:39:1c:f0:c5:de:fb:6f:d5:b0:47:f7:
c5:52:34:aa:87:04:da:ff:ed:22:44:c2:e9:b8:c1:
59:b0:91:d0:7b:0a:f5:4a:44:bf:a1:be:f4:b6:3c:
82:c4:70:b4:62:df:c1:21:50:e8:c8:4b:35:d4:b3:
f9:9b:21:d9:00:e1:f7:83:c1:fc:85:ac:35:ad:2a:
ed:66:27:84:44:e4:01:5c:5c:1e:7d:0f:ae:5e:5f:
14:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:84:C9:D6:46:8E:CD:1F:8A:B9:B6:A5:C1:D8:F2:00:E2:35:89:BF
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/_oTJ1kaOzR-KubalwdjyAOI1ib8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
63.246.150.0/24
94.154.183.0/24
162.218.95.0/24
IPv6:
2a07:c6c0:9::/48
Signature Algorithm: sha256WithRSAEncryption
31:07:90:79:e7:9f:57:46:16:8c:c5:44:be:57:11:c9:dd:15:
7b:97:d0:2d:ab:c1:e5:19:e5:80:41:10:89:d3:fd:d8:b7:b5:
9d:cb:bb:94:d4:e1:12:38:f9:50:a4:68:b1:06:e2:50:a2:f3:
7c:24:20:29:e7:c7:5b:54:91:06:69:12:f0:8b:e1:31:83:ff:
04:13:3b:b3:ee:a9:7a:d8:78:60:06:f0:86:98:04:de:44:54:
94:89:a3:d6:c5:ea:0a:e3:18:c8:06:e6:98:13:12:27:b3:81:
8c:5b:9c:ac:47:a3:88:34:c9:40:01:b6:be:29:77:4b:5e:c7:
a1:40:21:e0:fd:54:7b:93:5c:ba:32:3d:8d:12:4f:3c:3f:98:
fb:3c:15:c5:18:6f:50:df:8f:6f:27:2f:eb:9f:0f:88:51:a3:
3c:c1:35:2d:ca:f8:c7:63:36:3e:50:64:ac:2f:50:1c:0b:61:
c6:33:a4:fd:41:15:8e:e5:15:ac:7b:1c:41:06:ac:9c:ae:8a:
6f:cf:8c:33:f4:a8:a3:47:60:87:d9:8f:ee:f5:e1:24:6d:5a:
86:48:4b:c3:c1:57:34:1e:fd:17:c3:d6:4f:2e:26:bd:c9:26:
2c:97:6d:c0:e3:3c:eb:27:dd:98:df:f2:6b:ce:88:96:74:8a:
c4:4d:75:9d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEk4fGN1HfwpRgt9cEE7O7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg0YzlkNjQ2OGVjZDFmOGFiOWI2YTVjMWQ4ZjIwMGUyMzU4OWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgWPYFWZ+mR+F6g/Dbb1PeVlusRn
trI5bJ4cjtFlKI2375kcee/x3g/eMTIx6Oj11WlFZFurlHksXRhUvgTy9+q3Iz3n
0bmNddRX3gZtXJh9hBS/OPpWQhEJYxd1Wx/NHCQRbNvtDXPQrkDdTHm/d1+OM0jv
qPZSkZeE2pDLO22kq9v+fXfjStHOUoHsxiJCEqxfhjSr7pa1rx/ElFQVwPaoXGEK
+huIORzwxd77b9WwR/fFUjSqhwTa/+0iRMLpuMFZsJHQewr1SkS/ob70tjyCxHC0
Yt/BIVDoyEs11LP5myHZAOH3g8H8haw1rSrtZieEROQBXFwefQ+uXl8UNwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFP6EydZGjs0firm2pcHY8gDiNYm/MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvX29USjFrYU96Ui1LdWJhbHdkanlBT0kxaWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAP/aWAwQA
Xpq3AwQAotpfMA8EAgACMAkDBwAqB8bAAAkwDQYJKoZIhvcNAQELBQADggEBADEH
kHnnn1dGFozFRL5XEcndFXuX0C2rweUZ5YBBEInT/di3tZ3Lu5TU4RI4+VCkaLEG
4lCi83wkICnnx1tUkQZpEvCL4TGD/wQTO7PuqXrYeGAG8IaYBN5EVJSJo9bF6grj
GMgG5pgTEiezgYxbnKxHo4g0yUABtr4pd0tex6FAIeD9VHuTXLoyPY0STzw/mPs8
FcUYb1Dfj28nL+ufD4hRozzBNS3K+MdjNj5QZKwvUBwLYcYzpP1BFY7lFax7HEEG
rJyuim/PjDP0qKNHYIfZj+714SRtWoZIS8PBVzQe/RfD1k8uJr3JJiyXbcDjPOsn
3Zjf8mvOiJZ0isRNdZ0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:55 2024 by rpki-client on console-fra.rpki-client.org