Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/j1Ud4bZ9RTj3qXyRWNssJD49YoU.roa
File: j1Ud4bZ9RTj3qXyRWNssJD49YoU.roa (raw, json)
Hash identifier: 5fcru8ZUHuYmIQ26eC3CSXAKmmcrlye4w4O8gjaTgY8=
Subject key identifier: 8F:55:1D:E1:B6:7D:45:38:F7:A9:7C:91:58:DB:2C:24:3E:3D:62:85
Certificate issuer: /CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Certificate serial: 01856EB8DFC8EFEFA0931A538170385017CD
Authority key identifier: E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/j1Ud4bZ9RTj3qXyRWNssJD49YoU.roa
Signing time: Sun 01 Jan 2023 19:04:47 +0000
ROA not before: Sun 01 Jan 2023 19:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197706
IP address blocks: 92.118.68.0/22 maxlen: 22
2a0d:4941::/32 maxlen: 32
2a0d:4943::/32 maxlen: 32
2a0d:4947::/32 maxlen: 32
2a0d:4940::/29 maxlen: 29
2a0d:4944::/32 maxlen: 32
2a0d:1dc0::/29 maxlen: 29
2a0f:4780::/29 maxlen: 29
2a0d:4946::/32 maxlen: 32
2a0d:4945::/32 maxlen: 32
2a0d:4942::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Aug 2023 09:24:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:df:c8:ef:ef:a0:93:1a:53:81:70:38:50:17:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1b9a3ce0f593910819c3271e1e8d0bd1371a6be
Validity
Not Before: Jan 1 19:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f551de1b67d4538f7a97c9158db2c243e3d6285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:7e:93:21:45:eb:4c:62:35:6c:e8:41:9b:
5a:2a:c1:39:03:e8:f1:b0:54:dd:1c:25:e6:dc:3e:
58:c4:59:8d:c4:a2:e2:cc:9c:45:8e:4c:77:f1:ed:
81:55:bb:69:41:0a:12:3c:82:49:90:f8:4b:72:a7:
bc:31:72:d3:4e:07:34:a8:23:2f:81:67:4d:5c:29:
4f:f1:48:1e:50:1b:43:ea:f2:51:34:9d:8e:f6:eb:
46:8b:aa:4f:77:11:33:2a:66:f8:a5:1b:94:06:c6:
0d:e6:94:ce:2e:60:7b:5a:69:c5:cd:7e:2a:5f:bd:
15:8c:85:df:d0:98:62:dc:25:9c:98:85:f8:3c:dd:
3b:85:5b:9b:8e:17:97:aa:1b:e5:3b:df:f4:42:5a:
7f:02:73:02:03:0c:60:1f:bb:e8:1e:2b:7c:90:61:
6f:68:78:89:24:21:a8:01:a5:5e:bb:57:3f:3a:cd:
ab:c5:2f:30:42:38:ed:0f:8d:79:51:53:0b:e3:1d:
27:03:cc:5b:04:96:ee:5f:46:b1:7f:ba:56:c6:79:
37:1f:ac:80:f4:45:f0:52:c6:88:01:9a:b5:b7:dd:
95:d1:82:f1:9b:ac:0c:dd:93:8b:d6:a6:e1:97:a4:
e2:8d:49:06:9d:91:d3:21:7f:56:fe:23:3f:2a:48:
b8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:55:1D:E1:B6:7D:45:38:F7:A9:7C:91:58:DB:2C:24:3E:3D:62:85
X509v3 Authority Key Identifier:
keyid:E1:B9:A3:CE:0F:59:39:10:81:9C:32:71:E1:E8:D0:BD:13:71:A6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bmjzg9ZORCBnDJx4ejQvRNxpr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/j1Ud4bZ9RTj3qXyRWNssJD49YoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/0d8be8-b4b4-436e-86e2-ba4c56d8c0ce/1/4bmjzg9ZORCBnDJx4ejQvRNxpr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.68.0/22
IPv6:
2a0d:1dc0::/29
2a0d:4940::/29
2a0f:4780::/29
Signature Algorithm: sha256WithRSAEncryption
5f:aa:6e:a9:81:06:83:e6:82:6b:44:b8:b0:6e:fa:34:c4:d1:
16:aa:13:da:01:94:09:74:47:a2:2d:3e:95:05:4d:f2:05:c4:
06:67:26:a0:3d:29:eb:52:8b:82:fe:0b:f4:05:5f:5f:69:0a:
18:a4:b5:09:7b:d8:0f:82:89:49:ec:1a:2f:ea:8b:f9:b1:39:
d3:a1:ee:84:d4:81:32:db:8d:b6:3f:f8:1f:68:2d:5c:33:0c:
00:22:ba:b7:79:4f:ef:b7:ff:bf:a6:30:5b:93:48:48:ba:de:
7d:81:76:7e:60:83:f4:d4:2c:d3:d0:0f:8e:d6:cf:90:62:70:
18:49:66:2e:01:68:4f:2b:38:52:9d:be:8e:99:ea:ca:6c:6c:
d4:fe:10:28:4b:13:ba:a9:3b:52:ae:79:d4:b5:70:fe:6f:5b:
54:5e:43:38:8c:c1:5e:48:06:d6:9c:1f:4a:40:45:85:21:64:
4b:bf:bd:fa:d6:d6:50:4a:4c:fc:e4:a4:f5:e7:22:32:e0:f7:
88:3e:cc:40:ae:0a:d2:1d:96:9f:1f:27:25:9f:58:0e:5f:82:
7c:2f:23:2d:ab:16:29:d2:06:64:2f:8f:76:21:40:0a:bb:c3:
8c:37:af:ff:14:09:87:e2:8c:77:44:ce:e4:a9:28:4e:77:01:
b5:cc:97:4e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVuuN/I7++gkxpTgXA4UBfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYjlhM2NlMGY1OTM5MTA4MTljMzI3MWUxZThkMGJkMTM3
MWE2YmUwHhcNMjMwMTAxMTkwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjU1MWRlMWI2N2Q0NTM4ZjdhOTdjOTE1OGRiMmMyNDNlM2Q2Mjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJx+kyFF60xiNWzoQZtaKsE5A+jx
sFTdHCXm3D5YxFmNxKLizJxFjkx38e2BVbtpQQoSPIJJkPhLcqe8MXLTTgc0qCMv
gWdNXClP8UgeUBtD6vJRNJ2O9utGi6pPdxEzKmb4pRuUBsYN5pTOLmB7WmnFzX4q
X70VjIXf0Jhi3CWcmIX4PN07hVubjheXqhvlO9/0Qlp/AnMCAwxgH7voHit8kGFv
aHiJJCGoAaVeu1c/Os2rxS8wQjjtD415UVML4x0nA8xbBJbuX0axf7pWxnk3H6yA
9EXwUsaIAZq1t92V0YLxm6wM3ZOL1qbhl6TijUkGnZHTIX9W/iM/Kki47QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFI9VHeG2fUU496l8kVjbLCQ+PWKFMB8GA1UdIwQY
MBaAFOG5o84PWTkQgZwyceHo0L0Tcaa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTIt
YmE0YzU2ZDhjMGNlLzEvajFVZDRiWjlSVGozcVh5UldOc3NKRDQ5WW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wZDhiZTgtYjRiNC00MzZlLTg2ZTItYmE0YzU2ZDhjMGNl
LzEvNGJtanpnOVpPUkNCbkRKeDRlalF2Uk54cHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQCXHZEMBsE
AgACMBUDBQMqDR3AAwUDKg1JQAMFAyoPR4AwDQYJKoZIhvcNAQELBQADggEBAF+q
bqmBBoPmgmtEuLBu+jTE0RaqE9oBlAl0R6ItPpUFTfIFxAZnJqA9KetSi4L+C/QF
X19pChiktQl72A+CiUnsGi/qi/mxOdOh7oTUgTLbjbY/+B9oLVwzDAAiurd5T++3
/7+mMFuTSEi63n2Bdn5gg/TULNPQD47Wz5BicBhJZi4BaE8rOFKdvo6Z6spsbNT+
EChLE7qpO1KuedS1cP5vW1ReQziMwV5IBtacH0pARYUhZEu/vfrW1lBKTPzkpPXn
IjLg94g+zECuCtIdlp8fJyWfWA5fgnwvIy2rFinSBmQvj3YhQAq7w4w3r/8UCYfi
jHdEzuSpKE53AbXMl04=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:15 2024 by rpki-client on console-ams.rpki-client.org