Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/9O8bfOy0BzIMWsYUbr6AsS29H5c.roa
File: 9O8bfOy0BzIMWsYUbr6AsS29H5c.roa (raw, json)
Hash identifier: pUohEyYezVVSnFDMrcWnjo9z9zEkf6XSQpWA/e1zM98=
Subject key identifier: F4:EF:1B:7C:EC:B4:07:32:0C:5A:C6:14:6E:BE:80:B1:2D:BD:1F:97
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 0189DEE1A86CED18F5A801E4C01AA046A17D
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/9O8bfOy0BzIMWsYUbr6AsS29H5c.roa
Signing time: Thu 10 Aug 2023 09:57:57 +0000
ROA not before: Thu 10 Aug 2023 09:57:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.18.0/24 maxlen: 24
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.21.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Aug 2023 07:44:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:e1:a8:6c:ed:18:f5:a8:01:e4:c0:1a:a0:46:a1:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Aug 10 09:57:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4ef1b7cecb407320c5ac6146ebe80b12dbd1f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ca:6f:0d:a6:43:98:25:17:66:ee:92:45:38:
33:8a:89:c0:f7:c4:97:1e:cf:e3:c0:54:f4:b7:e6:
71:e1:d4:36:39:f7:20:6d:57:0e:1e:46:4e:a9:1a:
ed:10:b5:fa:88:1e:b2:a4:a9:0b:df:b3:98:77:d4:
70:e1:38:c9:f5:32:10:a9:3a:8e:96:ca:d5:4a:d2:
f9:45:d0:fc:19:aa:c2:94:10:d2:24:20:a0:82:b7:
6b:19:e5:d7:c8:d7:28:c1:f6:63:a4:6f:63:57:f4:
f5:0a:42:a2:d5:9c:c8:ae:46:89:02:46:cb:b1:8f:
37:e0:34:5b:4e:27:52:8a:82:04:40:ca:a9:1c:38:
83:3a:77:f7:c0:b3:bd:1c:31:bc:31:d4:6b:25:cc:
cc:4b:61:f8:2c:1d:58:0a:c0:2e:2f:64:99:1c:e4:
4f:c3:32:94:c6:b7:af:7e:ea:c3:06:c0:5b:de:72:
e7:a4:c1:c0:71:f1:8d:93:87:1a:63:92:b9:d8:ed:
96:cb:29:9f:d7:fa:4f:c5:9c:40:42:c0:2b:2f:a7:
aa:57:1c:01:83:be:d4:04:29:ea:e2:d4:56:24:89:
bc:90:cb:d1:c1:6b:72:5c:56:b5:52:6f:47:ad:61:
a8:fc:ca:c9:d0:4e:6c:0d:c7:ea:d1:a1:16:01:c4:
d2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EF:1B:7C:EC:B4:07:32:0C:5A:C6:14:6E:BE:80:B1:2D:BD:1F:97
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/9O8bfOy0BzIMWsYUbr6AsS29H5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0/24
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
82:6f:95:1f:00:4f:7d:df:5b:1b:c8:4c:88:fd:24:92:d8:cd:
83:44:23:ef:b4:81:29:75:da:18:86:40:5c:ef:0e:21:3c:11:
3c:84:e9:b9:be:a7:61:50:60:45:44:73:93:2a:e8:62:34:4f:
15:8b:f7:b0:53:8d:05:38:22:31:9b:6b:92:a4:44:66:f6:76:
4c:8e:f5:54:31:64:04:a9:9f:00:a1:7d:20:6b:6a:e2:74:8b:
81:60:fa:46:4e:e4:a8:df:0b:2c:9b:39:ed:a7:18:8d:7f:98:
d3:1d:03:de:47:0d:80:0a:14:89:19:b5:5f:62:17:3f:06:6c:
57:06:7b:cf:a9:24:71:ed:33:d5:7f:4a:39:f9:32:10:b2:c9:
eb:e7:00:75:b7:a1:b9:44:5f:4a:f8:c2:70:7f:d6:17:1d:e2:
5d:e5:78:70:d8:fc:5c:74:d0:57:fa:74:c1:5c:dc:14:57:8f:
61:62:fa:95:fc:a6:29:42:09:4c:34:01:45:0b:4d:1b:c2:60:
f3:d3:42:b9:ba:03:cb:19:f4:8c:70:5e:7c:6d:9c:d1:70:8d:
86:ae:c0:f6:82:45:e1:bf:b1:2a:a5:4c:cb:50:03:12:9e:70:
9b:2f:0f:7a:ae:f7:37:c5:76:a5:d1:09:ad:e1:23:25:28:d7:
36:4d:48:07
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYne4ahs7Rj1qAHkwBqgRqF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwODEwMDk1NzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGVmMWI3Y2VjYjQwNzMyMGM1YWM2MTQ2ZWJlODBiMTJkYmQxZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMpvDaZDmCUXZu6SRTgzionA98SX
Hs/jwFT0t+Zx4dQ2OfcgbVcOHkZOqRrtELX6iB6ypKkL37OYd9Rw4TjJ9TIQqTqO
lsrVStL5RdD8GarClBDSJCCggrdrGeXXyNcowfZjpG9jV/T1CkKi1ZzIrkaJAkbL
sY834DRbTidSioIEQMqpHDiDOnf3wLO9HDG8MdRrJczMS2H4LB1YCsAuL2SZHORP
wzKUxrevfurDBsBb3nLnpMHAcfGNk4caY5K52O2Wyymf1/pPxZxAQsArL6eqVxwB
g77UBCnq4tRWJIm8kMvRwWtyXFa1Um9HrWGo/MrJ0E5sDcfq0aEWAcTShQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPTvG3zstAcyDFrGFG6+gLEtvR+XMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvOU84YmZPeTBCeklNV3NZVWJyNkFzUzI5SDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBQsQAwQA
BQsVAwQDBQsYAwQEUPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQCCb5UfAE99
31sbyEyI/SSS2M2DRCPvtIEpddoYhkBc7w4hPBE8hOm5vqdhUGBFRHOTKuhiNE8V
i/ewU40FOCIxm2uSpERm9nZMjvVUMWQEqZ8AoX0ga2ridIuBYPpGTuSo3wssmznt
pxiNf5jTHQPeRw2AChSJGbVfYhc/BmxXBnvPqSRx7TPVf0o5+TIQssnr5wB1t6G5
RF9K+MJwf9YXHeJd5Xhw2PxcdNBX+nTBXNwUV49hYvqV/KYpQglMNAFFC00bwmDz
00K5ugPLGfSMcF58bZzRcI2GrsD2gkXhv7EqpUzLUAMSnnCbLw96rvc3xXal0Qmt
4SMlKNc2TUgH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org