Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5cfbf3-e782-4013-8eee-de7d3bbfee88/1/g0qX9QGw_fsxY0LP3zCNqjuAIj0.roa
File: g0qX9QGw_fsxY0LP3zCNqjuAIj0.roa (raw, json)
Hash identifier: B/wO92f5llNtDfSL/BNpCeOkuE5gS7ekCf14Fu1AqtY=
Subject key identifier: 83:4A:97:F5:01:B0:FD:FB:31:63:42:CF:DF:30:8D:AA:3B:80:22:3D
Certificate issuer: /CN=b478410224904494e9c0f7d35650a260e5fb6193
Certificate serial: 018BF17691F856A39C8DA9D6D5080F0622CD
Authority key identifier: B4:78:41:02:24:90:44:94:E9:C0:F7:D3:56:50:A2:60:E5:FB:61:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tHhBAiSQRJTpwPfTVlCiYOX7YZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5cfbf3-e782-4013-8eee-de7d3bbfee88/1/g0qX9QGw_fsxY0LP3zCNqjuAIj0.roa
Signing time: Tue 21 Nov 2023 10:39:21 +0000
ROA not before: Tue 21 Nov 2023 10:39:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21060
IP address blocks: 91.213.70.0/24 maxlen: 24
80.89.16.0/20 maxlen: 20
185.134.252.0/22 maxlen: 22
80.89.18.0/23 maxlen: 23
80.82.96.0/20 maxlen: 20
80.89.30.0/24 maxlen: 24
91.195.58.0/23 maxlen: 23
188.244.64.0/20 maxlen: 20
194.8.244.0/23 maxlen: 23
92.43.232.0/21 maxlen: 21
2a02:7c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:76:91:f8:56:a3:9c:8d:a9:d6:d5:08:0f:06:22:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b478410224904494e9c0f7d35650a260e5fb6193
Validity
Not Before: Nov 21 10:39:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=834a97f501b0fdfb316342cfdf308daa3b80223d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:2b:a6:92:04:a5:03:1b:a1:19:8f:08:bb:
42:62:8a:ff:27:0b:c7:97:da:35:2d:19:74:25:ab:
2e:53:91:6f:73:b2:84:fc:12:66:4d:82:15:ac:2e:
92:6a:54:84:6d:5f:1d:d1:ea:10:5b:15:31:10:71:
e1:d5:34:86:b4:09:9b:5b:4f:c3:64:5d:ae:f3:5e:
b2:83:8b:e2:7f:b3:c6:76:a4:1e:d4:e4:af:8a:48:
15:69:5b:60:ad:70:cc:ca:36:06:aa:a4:7e:60:69:
75:a7:ce:a2:cc:bb:a8:c9:c2:d7:5f:55:a4:3c:45:
fb:ac:2b:88:ff:08:09:d9:5d:a7:7a:8b:2a:5b:bd:
50:1d:6c:a2:48:9e:10:73:11:2b:56:66:72:4d:e5:
62:be:2f:3c:bd:c7:cb:6d:8c:80:87:a2:ea:43:f1:
57:6d:7d:f9:62:c8:6f:f5:4a:96:8d:18:01:95:61:
49:1b:f6:95:e4:df:6e:70:a3:a4:b4:a9:22:89:e8:
d7:f4:5e:66:7a:07:18:ff:ec:ea:ea:d9:43:53:32:
4d:23:ea:df:a2:0d:e2:fb:af:a1:e6:69:73:fa:c0:
34:42:3c:df:60:6e:b2:07:44:31:5d:cf:aa:8a:df:
86:32:43:91:39:fe:07:89:4c:35:2b:29:af:18:a2:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4A:97:F5:01:B0:FD:FB:31:63:42:CF:DF:30:8D:AA:3B:80:22:3D
X509v3 Authority Key Identifier:
keyid:B4:78:41:02:24:90:44:94:E9:C0:F7:D3:56:50:A2:60:E5:FB:61:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tHhBAiSQRJTpwPfTVlCiYOX7YZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5cfbf3-e782-4013-8eee-de7d3bbfee88/1/g0qX9QGw_fsxY0LP3zCNqjuAIj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5cfbf3-e782-4013-8eee-de7d3bbfee88/1/tHhBAiSQRJTpwPfTVlCiYOX7YZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.96.0/20
80.89.16.0/20
91.195.58.0/23
91.213.70.0/24
92.43.232.0/21
185.134.252.0/22
188.244.64.0/20
194.8.244.0/23
IPv6:
2a02:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
3e:03:5a:f2:e7:e0:94:f9:6e:98:d2:dd:59:f2:cd:88:6b:d6:
72:3c:3d:91:43:7c:61:49:45:e7:0d:3f:e8:76:ef:68:58:a0:
7e:38:bf:1b:35:53:7f:72:3a:31:0f:b4:03:8d:9f:6a:b5:1f:
f4:5d:cf:0a:d1:9a:a5:0e:c8:b3:20:52:05:53:4e:d5:da:16:
f6:4d:26:bf:60:f5:36:e2:06:a8:9e:e5:16:19:43:81:6e:fa:
fd:08:63:cc:e7:0d:25:65:24:77:8a:c9:9f:f3:d1:14:1d:d4:
98:6e:0a:88:c9:51:d1:d9:3b:2b:04:9f:e7:d5:0a:69:78:24:
ac:dc:f7:34:1d:21:90:8d:a5:ed:19:3e:46:dd:f8:aa:8b:4a:
30:7c:a2:5b:e3:2c:4f:7a:b6:f1:e6:67:06:5e:d8:1a:c8:9e:
90:2d:5a:c9:82:5a:cc:0d:87:fa:27:c0:a5:85:ad:7d:f0:f8:
89:7d:3f:67:59:1f:3a:b0:c7:92:86:6d:82:f7:96:fa:fa:d6:
c0:2b:72:8e:6e:6e:99:f7:4b:78:cb:03:0c:1f:b3:e2:c4:b7:
a8:42:51:2b:5d:f7:0c:87:b3:2b:ff:82:94:61:54:07:6a:11:
45:ac:35:f2:fa:34:7c:b3:a3:70:8a:a8:8e:2a:ca:21:fb:30:
3b:74:d8:3b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYvxdpH4VqOcjanW1QgPBiLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Nzg0MTAyMjQ5MDQ0OTRlOWMwZjdkMzU2NTBhMjYwZTVm
YjYxOTMwHhcNMjMxMTIxMTAzOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzRhOTdmNTAxYjBmZGZiMzE2MzQyY2ZkZjMwOGRhYTNiODAyMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs68rppIEpQMboRmPCLtCYor/JwvH
l9o1LRl0JasuU5Fvc7KE/BJmTYIVrC6SalSEbV8d0eoQWxUxEHHh1TSGtAmbW0/D
ZF2u816yg4vif7PGdqQe1OSvikgVaVtgrXDMyjYGqqR+YGl1p86izLuoycLXX1Wk
PEX7rCuI/wgJ2V2neosqW71QHWyiSJ4QcxErVmZyTeVivi88vcfLbYyAh6LqQ/FX
bX35Yshv9UqWjRgBlWFJG/aV5N9ucKOktKkiiejX9F5megcY/+zq6tlDUzJNI+rf
og3i+6+h5mlz+sA0QjzfYG6yB0QxXc+qit+GMkOROf4HiUw1KymvGKIiawIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFINKl/UBsP37MWNCz98wjao7gCI9MB8GA1UdIwQY
MBaAFLR4QQIkkESU6cD301ZQomDl+2GTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEhoQkFpU1FSSlRwd1BmVFZsQ2lZT1g3WVpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81Y2ZiZjMtZTc4Mi00MDEzLThlZWUt
ZGU3ZDNiYmZlZTg4LzEvZzBxWDlRR3dfZnN4WTBMUDN6Q05xanVBSWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81Y2ZiZjMtZTc4Mi00MDEzLThlZWUtZGU3ZDNiYmZlZTg4
LzEvdEhoQkFpU1FSSlRwd1BmVFZsQ2lZT1g3WVpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEUFJgAwQE
UFkQAwQBW8M6AwQAW9VGAwQDXCvoAwQCuYb8AwQEvPRAAwQBwgj0MA0EAgACMAcD
BQAqAnwAMA0GCSqGSIb3DQEBCwUAA4IBAQA+A1ry5+CU+W6Y0t1Z8s2Ia9ZyPD2R
Q3xhSUXnDT/odu9oWKB+OL8bNVN/cjoxD7QDjZ9qtR/0Xc8K0ZqlDsizIFIFU07V
2hb2TSa/YPU24gaonuUWGUOBbvr9CGPM5w0lZSR3ismf89EUHdSYbgqIyVHR2Tsr
BJ/n1QppeCSs3Pc0HSGQjaXtGT5G3fiqi0owfKJb4yxPerbx5mcGXtgayJ6QLVrJ
glrMDYf6J8Clha198PiJfT9nWR86sMeShm2C95b6+tbAK3KObm6Z90t4ywMMH7Pi
xLeoQlErXfcMh7Mr/4KUYVQHahFFrDXy+jR8s6NwiqiOKsoh+zA7dNg7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:14 2024 by rpki-client on console-ams.rpki-client.org