Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/aA1d8hX2K6qo0KG6b7yaJ1lrzBE.roa
File: aA1d8hX2K6qo0KG6b7yaJ1lrzBE.roa (raw, json)
Hash identifier: 0hXIdbTvyVtRcsVpVnqMZSroaEcHNLwe4NeIGh886ig=
Subject key identifier: 68:0D:5D:F2:15:F6:2B:AA:A8:D0:A1:BA:6F:BC:9A:27:59:6B:CC:11
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 01856FC278B76B6635FF542729188E3A2A18
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/aA1d8hX2K6qo0KG6b7yaJ1lrzBE.roa
Signing time: Sun 01 Jan 2023 23:54:53 +0000
ROA not before: Sun 01 Jan 2023 23:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3170
IP address blocks: 83.97.16.0/22 maxlen: 24
195.191.218.0/23 maxlen: 24
193.35.56.0/22 maxlen: 24
193.105.188.0/24 maxlen: 24
185.17.196.0/22 maxlen: 24
195.74.52.0/22 maxlen: 24
2a03:ee40::/32 maxlen: 32
2a07:240::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 05 Sep 2023 14:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:78:b7:6b:66:35:ff:54:27:29:18:8e:3a:2a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Jan 1 23:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=680d5df215f62baaa8d0a1ba6fbc9a27596bcc11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ac:32:8a:92:55:f4:bb:66:71:07:e5:a6:11:
14:7c:20:89:e1:06:58:8f:b1:57:f6:de:da:0e:e0:
71:a1:0d:99:ec:a1:60:dc:c6:f7:e5:35:e3:56:dd:
95:12:5a:11:50:9f:a0:6a:0b:24:df:a7:66:b2:f9:
6e:52:99:20:47:49:56:2a:76:3e:a4:21:3b:d6:aa:
52:e1:c4:24:08:ec:ff:c1:0e:06:f8:6a:84:df:15:
04:30:c9:a0:21:6e:d7:31:38:27:0f:76:56:d1:e0:
1f:26:0e:07:1f:a9:0f:bb:ce:62:56:90:81:a8:c1:
69:9a:de:df:8e:de:11:7a:e2:4a:74:c4:18:fd:51:
65:b9:0b:2f:08:11:c1:9e:e5:16:60:f4:4c:05:b9:
2e:69:6f:63:df:79:cb:a1:52:a4:66:ee:f5:2c:68:
c1:54:2b:d1:5a:24:5c:b1:f0:96:ea:95:56:22:93:
a5:80:50:62:ae:11:40:8e:42:3b:24:69:f4:52:cc:
1d:c9:2f:48:6e:ac:ba:be:09:cd:56:b6:d1:59:a1:
69:94:71:93:db:fb:b9:f2:0c:7d:12:30:d1:75:16:
f7:5f:e1:93:bc:22:08:87:68:2a:05:ab:73:1c:3c:
b6:94:13:46:87:62:85:65:d8:db:e1:10:3d:7b:79:
25:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0D:5D:F2:15:F6:2B:AA:A8:D0:A1:BA:6F:BC:9A:27:59:6B:CC:11
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/aA1d8hX2K6qo0KG6b7yaJ1lrzBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.16.0/22
185.17.196.0/22
193.35.56.0/22
193.105.188.0/24
195.74.52.0/22
195.191.218.0/23
IPv6:
2a03:ee40::/32
2a07:240::/29
Signature Algorithm: sha256WithRSAEncryption
c3:81:d6:01:e2:57:03:da:2b:90:19:72:f4:70:19:c5:eb:6b:
32:47:07:81:99:79:e6:2b:af:3c:0c:a2:52:7f:f9:e8:f3:32:
3d:41:9e:98:97:78:3d:93:70:e3:bc:a9:fe:c2:5a:bb:24:d0:
bb:25:aa:f4:ec:e0:07:c9:ca:f2:be:46:95:6a:35:c1:62:2e:
3c:6c:90:cb:a6:c9:15:96:6e:f9:7c:b8:4c:d8:24:4a:5d:dd:
13:32:0f:6a:9b:ab:8f:e5:48:c2:8a:71:4d:5d:21:14:89:25:
22:cf:53:6f:c1:db:c5:7f:78:b8:1b:a5:57:ea:e5:ae:c9:79:
92:ee:a9:9a:23:17:ab:00:42:8a:5b:63:e4:6c:63:81:dc:4f:
04:5b:76:d7:8a:7b:09:c7:d9:cf:23:80:c9:50:09:f3:91:03:
8b:a8:f4:64:fe:c8:36:fa:81:bf:7c:4e:e8:a6:3e:16:da:c6:
28:4a:5b:78:c9:fb:c9:5f:81:3a:b8:ab:8f:14:87:41:7f:b1:
82:d6:ba:29:49:43:26:7d:a6:8c:bc:d1:14:28:c0:8b:3e:73:
89:42:e8:a3:0c:02:98:2a:cf:52:6e:88:4b:95:27:40:9b:e4:
df:1b:a7:ca:09:25:53:8e:08:69:cb:6a:85:74:1c:ee:1f:25:
52:05:78:ba
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYVvwni3a2Y1/1QnKRiOOioYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjMwMTAxMjM1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODBkNWRmMjE1ZjYyYmFhYThkMGExYmE2ZmJjOWEyNzU5NmJjYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuawyipJV9LtmcQflphEUfCCJ4QZY
j7FX9t7aDuBxoQ2Z7KFg3Mb35TXjVt2VEloRUJ+gagsk36dmsvluUpkgR0lWKnY+
pCE71qpS4cQkCOz/wQ4G+GqE3xUEMMmgIW7XMTgnD3ZW0eAfJg4HH6kPu85iVpCB
qMFpmt7fjt4ReuJKdMQY/VFluQsvCBHBnuUWYPRMBbkuaW9j33nLoVKkZu71LGjB
VCvRWiRcsfCW6pVWIpOlgFBirhFAjkI7JGn0UswdyS9Ibqy6vgnNVrbRWaFplHGT
2/u58gx9EjDRdRb3X+GTvCIIh2gqBatzHDy2lBNGh2KFZdjb4RA9e3klCwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGgNXfIV9iuqqNChum+8midZa8wRMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvYUExZDhoWDJLNnFvMEtHNmI3eWFKMWxyekJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCU2EQAwQC
uRHEAwQCwSM4AwQAwWm8AwQCw0o0AwQBw7/aMBQEAgACMA4DBQAqA+5AAwUDKgcC
QDANBgkqhkiG9w0BAQsFAAOCAQEAw4HWAeJXA9orkBly9HAZxetrMkcHgZl55iuv
PAyiUn/56PMyPUGemJd4PZNw47yp/sJauyTQuyWq9OzgB8nK8r5GlWo1wWIuPGyQ
y6bJFZZu+Xy4TNgkSl3dEzIPapurj+VIwopxTV0hFIklIs9Tb8HbxX94uBulV+rl
rsl5ku6pmiMXqwBCiltj5GxjgdxPBFt214p7CcfZzyOAyVAJ85EDi6j0ZP7INvqB
v3xO6KY+FtrGKEpbeMn7yV+BOrirjxSHQX+xgta6KUlDJn2mjLzRFCjAiz5ziULo
owwCmCrPUm6IS5UnQJvk3xunygklU44IactqhXQc7h8lUgV4ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:06 2024 by rpki-client on console-ams.rpki-client.org