Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/a_3UEwPNeEPWD0npE86VdlwgBYM.roa
File: a_3UEwPNeEPWD0npE86VdlwgBYM.roa (raw, json)
Hash identifier: M3CuTLzwwVv6VDz7HWDs9WbVSTzpeJ6E1JHn+qa/C2w=
Subject key identifier: 6B:FD:D4:13:03:CD:78:43:D6:0F:49:E9:13:CE:95:76:5C:20:05:83
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 0188B3BF5F6D6174B756D0B8FC71E2D8A35C
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/a_3UEwPNeEPWD0npE86VdlwgBYM.roa
Signing time: Tue 13 Jun 2023 07:54:03 +0000
ROA not before: Tue 13 Jun 2023 07:54:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58074
IP address blocks: 188.214.150.0/24 maxlen: 24
188.213.213.0/24 maxlen: 24
89.37.139.0/24 maxlen: 24
188.213.50.0/24 maxlen: 24
188.214.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:bf:5f:6d:61:74:b7:56:d0:b8:fc:71:e2:d8:a3:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jun 13 07:54:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6bfdd41303cd7843d60f49e913ce95765c200583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d5:0a:ad:21:9f:4f:b3:13:6b:5f:9f:84:d7:
6b:fb:0e:ad:da:52:62:58:60:59:cc:f0:c5:ca:cf:
d4:f2:59:3a:7d:9d:fc:50:20:bf:c9:ac:b6:3a:86:
4a:3e:87:bc:9d:a4:1b:63:cb:df:8a:4e:b2:68:eb:
16:45:60:ec:0e:8a:23:b7:7e:b2:cc:d0:98:9a:b1:
94:4e:2f:cc:2e:bd:fc:fa:e8:21:28:e8:47:25:7d:
12:8b:0f:44:3a:90:61:85:da:fc:b9:0e:6a:a6:21:
f1:eb:c6:e5:b0:95:a0:8e:a9:7b:97:66:d7:57:fc:
74:99:cb:0f:dc:fa:fd:db:46:42:21:14:b7:c9:21:
02:1d:01:7b:d7:8d:ca:53:84:b2:a5:73:02:06:b9:
12:ec:31:b5:f2:d7:18:ea:db:69:fa:57:a8:1a:a6:
7e:af:b8:c1:bb:49:4f:0f:17:dc:66:3d:db:f5:b3:
c0:df:70:90:09:62:01:58:a2:46:b8:42:ba:30:33:
1a:32:0c:87:9f:62:26:aa:94:21:5a:77:d3:dd:bd:
f1:18:8f:c2:a0:59:7a:b6:a2:b0:e0:6d:be:af:92:
2b:d8:52:a1:58:d1:70:e8:24:83:c7:26:b1:23:6c:
f5:f5:cd:40:fe:62:f2:31:b5:ac:1f:19:05:8d:74:
be:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:FD:D4:13:03:CD:78:43:D6:0F:49:E9:13:CE:95:76:5C:20:05:83
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/a_3UEwPNeEPWD0npE86VdlwgBYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.139.0/24
188.213.50.0/24
188.213.213.0/24
188.214.150.0/24
188.214.227.0/24
Signature Algorithm: sha256WithRSAEncryption
55:57:8f:a1:2a:2a:bd:9e:05:a1:fc:1e:bc:ef:21:38:84:6a:
b3:e7:33:84:3b:c8:81:4e:b7:6b:c9:9c:a9:90:a9:c7:de:9f:
f7:df:31:7c:9d:c3:34:55:f5:08:aa:bc:2e:7d:54:73:be:89:
1d:c3:2d:dc:01:00:ab:a0:47:2d:62:be:13:4c:78:a4:1d:38:
56:08:cf:3b:f4:34:76:07:1b:62:35:4d:ee:8f:9d:4c:8f:a4:
9d:45:3a:a6:8a:27:76:02:f3:47:82:29:20:e6:1a:00:d2:6d:
c2:b4:02:ab:7b:89:1a:8c:19:ae:c3:c3:c9:3b:05:bd:d2:8d:
e0:59:71:7f:99:b2:a5:78:09:36:e7:ff:c3:08:46:3f:96:c9:
dc:80:8d:a1:71:3b:6f:6b:1b:fb:0f:d3:c3:6b:7a:bf:b8:70:
2e:1e:d5:82:12:66:43:f6:63:ca:ef:ef:8c:2f:13:9f:80:8c:
48:ff:15:ab:7d:ed:2e:de:03:5a:2f:bd:ce:17:f2:2e:78:22:
3f:72:92:44:4a:b3:45:9b:71:7e:0c:89:1b:a0:f6:a1:0a:cd:
2e:99:1b:5b:7c:73:2b:d9:12:3d:63:fa:38:47:72:e4:20:16:
04:0c:34:34:61:1d:0b:c9:ad:5f:30:8c:00:d4:ee:be:2a:94:
ed:df:66:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYizv19tYXS3VtC4/HHi2KNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjMwNjEzMDc1NDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmZkZDQxMzAzY2Q3ODQzZDYwZjQ5ZTkxM2NlOTU3NjVjMjAwNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltUKrSGfT7MTa1+fhNdr+w6t2lJi
WGBZzPDFys/U8lk6fZ38UCC/yay2OoZKPoe8naQbY8vfik6yaOsWRWDsDoojt36y
zNCYmrGUTi/MLr38+ughKOhHJX0Siw9EOpBhhdr8uQ5qpiHx68blsJWgjql7l2bX
V/x0mcsP3Pr920ZCIRS3ySECHQF7143KU4SypXMCBrkS7DG18tcY6ttp+leoGqZ+
r7jBu0lPDxfcZj3b9bPA33CQCWIBWKJGuEK6MDMaMgyHn2ImqpQhWnfT3b3xGI/C
oFl6tqKw4G2+r5Ir2FKhWNFw6CSDxyaxI2z19c1A/mLyMbWsHxkFjXS+8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGv91BMDzXhD1g9J6RPOlXZcIAWDMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvYV8zVUV3UE5lRVBXRDBucEU4NlZkbHdnQllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSWLAwQA
vNUyAwQAvNXVAwQAvNaWAwQAvNbjMA0GCSqGSIb3DQEBCwUAA4IBAQBVV4+hKiq9
ngWh/B687yE4hGqz5zOEO8iBTrdryZypkKnH3p/33zF8ncM0VfUIqrwufVRzvokd
wy3cAQCroEctYr4TTHikHThWCM879DR2BxtiNU3uj51Mj6SdRTqmiid2AvNHgikg
5hoA0m3CtAKre4kajBmuw8PJOwW90o3gWXF/mbKleAk25//DCEY/lsncgI2hcTtv
axv7D9PDa3q/uHAuHtWCEmZD9mPK7++MLxOfgIxI/xWrfe0u3gNaL73OF/IueCI/
cpJESrNFm3F+DIkboPahCs0umRtbfHMr2RI9Y/o4R3LkIBYEDDQ0YR0Lya1fMIwA
1O6+KpTt32Z9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:11 2024 by rpki-client on console-ams.rpki-client.org