Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/P6rLUtvHcjXCJdkRQRfRuQigENE.roa
File: P6rLUtvHcjXCJdkRQRfRuQigENE.roa (raw, json)
Hash identifier: nTPokjby0IvuO9QfNQwEh3avOytCXEoN++gxq7B2lpE=
Subject key identifier: 3F:AA:CB:52:DB:C7:72:35:C2:25:D9:11:41:17:D1:B9:08:A0:10:D1
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 01917AA0C65F42B7445EBC57F4993A400413
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/P6rLUtvHcjXCJdkRQRfRuQigENE.roa
Signing time: Thu 22 Aug 2024 15:07:22 +0000
ROA not before: Thu 22 Aug 2024 15:07:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201086
IP address blocks: 185.86.80.0/24 maxlen: 24
185.205.17.0/24 maxlen: 24
185.205.18.0/24 maxlen: 24
185.205.19.0/24 maxlen: 24
185.254.95.0/24 maxlen: 24
193.36.63.0/24 maxlen: 24
194.145.138.0/24 maxlen: 24
2a0a:fa40::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Aug 2024 18:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7a:a0:c6:5f:42:b7:44:5e:bc:57:f4:99:3a:40:04:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Aug 22 15:07:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3faacb52dbc77235c225d9114117d1b908a010d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:48:a6:4b:06:5a:ed:77:f8:65:51:54:4e:6f:
84:3d:47:e2:7c:8f:30:d9:c9:be:c0:57:94:ca:ae:
22:04:aa:7a:0b:18:bd:fa:26:3c:93:93:31:bc:41:
61:78:c7:1e:cf:91:57:7c:32:b3:91:d3:8c:db:3f:
04:a6:31:70:6e:11:23:08:46:bd:c0:29:ff:13:76:
53:a5:ad:3d:57:96:33:1d:ca:9a:73:e4:ae:b9:1f:
70:dd:f9:46:36:01:b2:10:36:52:bf:b6:cc:b4:c4:
f5:20:60:4a:16:73:60:55:98:68:59:8d:0d:e1:04:
56:19:df:74:0d:b7:65:8d:73:cf:e6:71:4d:40:c7:
fc:2d:15:78:13:11:3b:91:51:5a:ab:ca:ff:c8:34:
9f:2d:31:a3:b7:7f:ba:3b:7d:d9:28:5b:d8:66:19:
49:5f:86:33:64:94:27:72:65:c2:c9:9b:83:3c:9f:
2f:37:01:f4:98:c4:97:cd:6c:97:4f:97:b7:b2:d8:
e5:d9:5f:4a:17:e4:82:48:b9:9d:4b:ac:5d:ae:28:
df:d2:8d:7c:cb:32:5f:2e:02:14:30:f2:97:23:0b:
2b:79:c2:50:a2:ba:40:8c:9f:df:f8:13:c7:11:59:
0c:94:f6:b2:06:c6:c5:5d:f6:cc:69:1a:0d:e5:5d:
cf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AA:CB:52:DB:C7:72:35:C2:25:D9:11:41:17:D1:B9:08:A0:10:D1
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/P6rLUtvHcjXCJdkRQRfRuQigENE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.80.0/24
185.205.17.0-185.205.19.255
185.254.95.0/24
193.36.63.0/24
194.145.138.0/24
IPv6:
2a0a:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
46:f4:e2:56:55:af:08:ad:b9:47:55:61:d5:dd:df:cf:5c:19:
ac:29:5a:40:b4:9c:64:c7:90:e8:92:28:61:ca:b6:d7:58:ed:
46:8e:c1:78:c5:16:37:51:08:89:63:91:48:00:45:3d:3d:2c:
f4:76:bf:41:66:61:79:0c:49:d0:3b:c2:12:26:35:ad:ac:ae:
4b:5a:5a:24:c9:73:f9:b6:09:72:72:6d:da:3b:ce:6c:12:dd:
d6:1b:a3:ec:d0:91:59:dc:20:55:aa:fd:7f:d4:c3:80:59:7c:
5f:54:72:ef:0f:5e:44:85:7a:d0:3b:e4:2b:5a:47:8b:76:ab:
23:c8:9d:78:f6:8d:99:80:08:d1:ec:e3:6d:23:46:11:d4:8b:
3d:70:12:d5:52:f7:e6:ff:a9:e8:c1:7c:dc:8a:20:17:d8:41:
ec:ab:64:9f:fb:42:3a:fc:62:15:31:f5:db:ef:52:30:8d:53:
bc:65:7c:f3:df:31:59:08:46:52:7f:a3:ee:88:50:2a:5c:ab:
fe:96:06:f7:d6:85:6f:ba:40:3a:d5:3d:bb:95:bb:66:a4:6d:
71:bc:c2:01:c4:a0:7e:e7:31:5a:36:26:37:4d:f1:7f:ce:43:
a2:e0:42:07:d7:d4:e1:6d:9c:ae:cc:7f:d4:ed:c1:db:e8:f3:
53:68:15:a1
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZF6oMZfQrdEXrxX9Jk6QAQTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjQwODIyMTUwNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmFhY2I1MmRiYzc3MjM1YzIyNWQ5MTE0MTE3ZDFiOTA4YTAxMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkimSwZa7Xf4ZVFUTm+EPUfifI8w
2cm+wFeUyq4iBKp6Cxi9+iY8k5MxvEFheMcez5FXfDKzkdOM2z8EpjFwbhEjCEa9
wCn/E3ZTpa09V5YzHcqac+SuuR9w3flGNgGyEDZSv7bMtMT1IGBKFnNgVZhoWY0N
4QRWGd90DbdljXPP5nFNQMf8LRV4ExE7kVFaq8r/yDSfLTGjt3+6O33ZKFvYZhlJ
X4YzZJQncmXCyZuDPJ8vNwH0mMSXzWyXT5e3stjl2V9KF+SCSLmdS6xdrijf0o18
yzJfLgIUMPKXIwsrecJQorpAjJ/f+BPHEVkMlPayBsbFXfbMaRoN5V3P0QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFD+qy1Lbx3I1wiXZEUEX0bkIoBDRMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvUDZyTFV0dkhjalhDSmRrUlFSZlJ1UWlnRU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAuVZQMAwD
BAC5zREDBAK5zRADBAC5/l8DBADBJD8DBADCkYowDQQCAAIwBwMFACoK+kAwDQYJ
KoZIhvcNAQELBQADggEBAEb04lZVrwituUdVYdXd389cGawpWkC0nGTHkOiSKGHK
ttdY7UaOwXjFFjdRCIljkUgART09LPR2v0FmYXkMSdA7whImNa2srktaWiTJc/m2
CXJybdo7zmwS3dYbo+zQkVncIFWq/X/Uw4BZfF9Ucu8PXkSFetA75CtaR4t2qyPI
nXj2jZmACNHs420jRhHUiz1wEtVS9+b/qejBfNyKIBfYQeyrZJ/7Qjr8YhUx9dvv
UjCNU7xlfPPfMVkIRlJ/o+6IUCpcq/6WBvfWhW+6QDrVPbuVu2akbXG8wgHEoH7n
MVo2JjdN8X/OQ6LgQgfX1OFtnK7Mf9Ttwdvo81NoFaE=
-----END CERTIFICATE-----
Generated at Thu Aug 22 20:43:18 2024 by rpki-client on console-fra.rpki-client.org