Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/sH4EBpnBBW-vcvMmbK0mj4EqEYk.roa
File: sH4EBpnBBW-vcvMmbK0mj4EqEYk.roa (raw, json)
Hash identifier: MVcCi90Y9Lt8T+fnKzG3DsEmPE3X5v+DTVM+8WEHt50=
Subject key identifier: B0:7E:04:06:99:C1:05:6F:AF:72:F3:26:6C:AD:26:8F:81:2A:11:89
Certificate issuer: /CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Certificate serial: 01857042A0929E5C8D16504A396D48822445
Authority key identifier: BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/sH4EBpnBBW-vcvMmbK0mj4EqEYk.roa
Signing time: Mon 02 Jan 2023 02:14:52 +0000
ROA not before: Mon 02 Jan 2023 02:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60522
IP address blocks: 217.61.192.0/20 maxlen: 20
185.29.216.0/22 maxlen: 22
86.111.152.0/21 maxlen: 21
195.192.216.0/21 maxlen: 21
185.205.124.0/22 maxlen: 22
134.255.192.0/22 maxlen: 22
2a00:ab60::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a0:92:9e:5c:8d:16:50:4a:39:6d:48:82:24:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Validity
Not Before: Jan 2 02:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b07e040699c1056faf72f3266cad268f812a1189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bb:2a:0b:73:00:a5:b9:d0:e4:25:d4:7d:ef:
49:80:42:b5:d9:fa:48:f3:4e:49:78:76:78:ef:5d:
4f:05:e4:7b:d7:26:f3:ec:44:db:e3:30:74:f7:f5:
6b:39:71:58:78:ec:57:6e:09:e8:cf:b7:e2:f3:8e:
93:9d:37:56:12:bc:7b:20:d5:7d:ee:ab:52:f0:64:
61:d1:d3:54:d3:ec:bc:8c:29:68:b9:fc:32:5a:18:
d2:f5:0d:c4:88:60:f2:9b:a0:96:ff:c1:62:32:d6:
33:1c:a4:20:4d:d0:ab:c1:38:25:f2:06:f4:dd:5a:
7e:6c:fa:24:9e:c7:c1:79:d0:19:4c:fe:c8:7a:c2:
2c:48:c2:2b:94:0c:fd:ee:11:ea:5b:04:c0:e1:f9:
a0:44:50:ed:39:6c:00:35:11:f9:7c:63:4d:68:25:
d0:05:67:d9:99:03:7a:93:61:d8:9f:02:1f:5c:95:
f8:aa:88:4b:b3:0e:49:3e:1f:aa:d5:9b:cb:5e:72:
9f:87:2b:10:a8:2e:f2:48:fd:f3:4e:d1:56:e7:5f:
60:9a:f7:16:1c:e1:00:6c:6b:4f:51:70:9a:a6:8c:
8b:b5:24:1e:b2:9d:df:4c:87:b1:7a:08:43:c9:34:
ab:54:38:f0:78:59:e1:40:1e:01:2a:ac:4a:8d:ba:
fc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7E:04:06:99:C1:05:6F:AF:72:F3:26:6C:AD:26:8F:81:2A:11:89
X509v3 Authority Key Identifier:
keyid:BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/sH4EBpnBBW-vcvMmbK0mj4EqEYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.152.0/21
134.255.192.0/22
185.29.216.0/22
185.205.124.0/22
195.192.216.0/21
217.61.192.0/20
IPv6:
2a00:ab60::/29
Signature Algorithm: sha256WithRSAEncryption
32:91:ff:4a:e6:14:a0:ad:cc:c6:a4:da:a0:86:33:12:88:a0:
f2:ff:41:85:09:2b:c5:b9:8d:4c:5e:b4:1f:35:ab:a0:5d:69:
36:2e:51:a6:09:17:bf:40:b6:2a:17:2a:db:9b:7d:0f:4e:7d:
5e:87:da:db:f4:20:dd:1f:9b:b4:76:1b:a3:36:35:12:ef:34:
ee:63:55:9b:dd:37:f2:15:c7:62:ad:da:78:7b:89:c7:53:e2:
56:76:45:ae:d6:a0:cb:b9:68:91:79:56:38:64:52:37:56:31:
88:b1:e8:ee:ea:d7:7a:1c:c2:8b:7e:b8:ba:a1:06:0a:99:f2:
19:f7:1f:79:48:bf:4b:12:81:12:a1:86:03:2a:46:dd:aa:c5:
09:af:b1:15:c7:0b:c6:f3:c5:ab:93:fb:47:88:83:e8:b2:6d:
f8:4c:b3:b9:ab:15:75:66:69:5f:93:89:d4:eb:e9:1d:1f:bb:
44:dd:0c:e4:09:f7:a8:47:ab:92:c7:cb:2e:84:aa:05:a3:1d:
f3:e5:a7:c9:19:dc:50:80:1c:6e:84:a6:14:54:d6:33:b3:e2:
70:d1:10:85:3a:fc:ff:e8:e0:36:c8:2f:e5:f1:08:9b:92:99:
e1:60:87:7a:8d:23:a8:1c:27:0d:04:08:a7:ee:4a:ce:04:22:
d4:c7:cc:be
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwQqCSnlyNFlBKOW1IgiRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDhjYzM1NDg4YmQ5ZTZmMzEyYjIwZmM3NmExMDI3MmYw
Y2RlZGEwHhcNMjMwMTAyMDIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDdlMDQwNjk5YzEwNTZmYWY3MmYzMjY2Y2FkMjY4ZjgxMmExMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLsqC3MApbnQ5CXUfe9JgEK12fpI
805JeHZ4711PBeR71ybz7ETb4zB09/VrOXFYeOxXbgnoz7fi846TnTdWErx7INV9
7qtS8GRh0dNU0+y8jCloufwyWhjS9Q3EiGDym6CW/8FiMtYzHKQgTdCrwTgl8gb0
3Vp+bPoknsfBedAZTP7IesIsSMIrlAz97hHqWwTA4fmgRFDtOWwANRH5fGNNaCXQ
BWfZmQN6k2HYnwIfXJX4qohLsw5JPh+q1ZvLXnKfhysQqC7ySP3zTtFW519gmvcW
HOEAbGtPUXCapoyLtSQesp3fTIexeghDyTSrVDjweFnhQB4BKqxKjbr8tQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLB+BAaZwQVvr3LzJmytJo+BKhGJMB8GA1UdIwQY
MBaAFL5IzDVIi9nm8xKyD8dqECcvDN7aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQt
NDliYzQzNjYwYzk3LzEvc0g0RUJwbkJCVy12Y3ZNbWJLMG1qNEVxRVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kMjY5NzEtYjdhOC00ZWRlLThiYjQtNDliYzQzNjYwYzk3
LzEvdmtqTU5VaUwyZWJ6RXJJUHgyb1FKeThNM3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDVm+YAwQC
hv/AAwQCuR3YAwQCuc18AwQDw8DYAwQE2T3AMA0EAgACMAcDBQMqAKtgMA0GCSqG
SIb3DQEBCwUAA4IBAQAykf9K5hSgrczGpNqghjMSiKDy/0GFCSvFuY1MXrQfNaug
XWk2LlGmCRe/QLYqFyrbm30PTn1eh9rb9CDdH5u0dhujNjUS7zTuY1Wb3TfyFcdi
rdp4e4nHU+JWdkWu1qDLuWiReVY4ZFI3VjGIseju6td6HMKLfri6oQYKmfIZ9x95
SL9LEoESoYYDKkbdqsUJr7EVxwvG88Wrk/tHiIPosm34TLO5qxV1Zmlfk4nU6+kd
H7tE3QzkCfeoR6uSx8suhKoFox3z5afJGdxQgBxuhKYUVNYzs+Jw0RCFOvz/6OA2
yC/l8QibkpnhYId6jSOoHCcNBAin7krOBCLUx8y+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:42 2024 by rpki-client on console-fra.rpki-client.org