Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/oTntW7TYmjCeUdFD5VDhV5a-TdA.roa
File: oTntW7TYmjCeUdFD5VDhV5a-TdA.roa (raw, json)
Hash identifier: qaSweJ8Mj2yzmo9PJIB31i4es+mwsX5vxXbKyWzNSlE=
Subject key identifier: A1:39:ED:5B:B4:D8:9A:30:9E:51:D1:43:E5:50:E1:57:96:BE:4D:D0
Certificate issuer: /CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Certificate serial: 018C3EBA22601EF047FDDE4A3CFAFBD64C76
Authority key identifier: 1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/oTntW7TYmjCeUdFD5VDhV5a-TdA.roa
Signing time: Wed 06 Dec 2023 10:43:54 +0000
ROA not before: Wed 06 Dec 2023 10:43:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39657
IP address blocks: 185.63.12.0/22 maxlen: 24
81.93.32.0/20 maxlen: 24
81.93.32.0/21 maxlen: 21
81.93.32.0/22 maxlen: 24
81.93.36.0/22 maxlen: 24
81.93.40.0/22 maxlen: 24
81.93.40.0/21 maxlen: 21
81.93.44.0/22 maxlen: 24
93.88.32.0/22 maxlen: 24
93.88.32.0/20 maxlen: 24
93.88.36.0/22 maxlen: 24
93.88.40.0/22 maxlen: 24
93.88.44.0/22 maxlen: 24
81.30.16.0/20 maxlen: 20
81.30.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:ba:22:60:1e:f0:47:fd:de:4a:3c:fa:fb:d6:4c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae1c7aa0b395e0612ec423fe07fb0389aaa4003
Validity
Not Before: Dec 6 10:43:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a139ed5bb4d89a309e51d143e550e15796be4dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:77:f0:5c:d2:a0:f3:6b:4e:63:c0:05:d4:d3:
ec:c3:7a:67:12:d7:99:f0:57:6e:7f:96:1b:60:97:
c8:a7:1f:0f:df:6a:1e:24:0f:d7:9c:1c:79:82:34:
1d:f6:06:5e:f8:32:31:cf:a9:10:c0:90:d2:ce:5a:
53:49:e2:34:58:7d:1f:80:d7:19:53:97:80:6d:55:
84:95:e8:9b:ac:5d:f4:32:d0:db:37:27:ae:be:ed:
8f:3a:8c:99:59:42:04:f1:ef:95:b2:bf:5b:69:bf:
53:11:18:3e:71:7a:0a:1a:c8:2d:60:2d:2c:69:84:
48:70:fb:93:e1:07:1f:73:94:8a:4b:24:e5:90:2a:
9a:3a:7c:bf:ca:cf:1e:99:c2:15:5f:51:e0:4b:2c:
35:f5:08:b9:07:8c:ef:23:97:1b:2b:ee:cd:6b:0d:
7b:85:83:b7:e7:b8:e5:61:59:a4:92:fa:15:68:31:
45:4b:71:fa:ca:3c:e0:06:fd:25:be:8c:fb:57:d4:
43:0f:a8:a7:e6:00:5c:dd:13:7b:bb:49:d6:48:d6:
ec:5c:e3:f9:e1:d3:67:4c:32:0f:d9:b2:ff:03:1f:
f9:a0:48:df:e4:71:f1:3a:ce:0c:b8:9c:fe:46:e0:
cf:69:52:3c:5f:72:05:e9:c5:82:ff:c6:77:21:a7:
39:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:39:ED:5B:B4:D8:9A:30:9E:51:D1:43:E5:50:E1:57:96:BE:4D:D0
X509v3 Authority Key Identifier:
keyid:1A:E1:C7:AA:0B:39:5E:06:12:EC:42:3F:E0:7F:B0:38:9A:AA:40:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GuHHqgs5XgYS7EI_4H-wOJqqQAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/oTntW7TYmjCeUdFD5VDhV5a-TdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/abe628-fce7-447e-853e-94fdc9fbdcac/1/GuHHqgs5XgYS7EI_4H-wOJqqQAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.16.0/20
81.93.32.0/20
93.88.32.0/20
185.63.12.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:80:af:2a:67:7a:c7:e5:49:dd:6d:c8:62:69:ed:67:38:50:
7e:18:5f:32:4f:16:77:f6:dd:dd:7c:11:64:e8:7a:26:4f:3a:
77:cd:52:18:bb:2a:d0:18:86:3e:8e:e6:b8:e7:fa:ae:7b:e0:
50:08:ea:5e:eb:27:a2:6b:88:a1:f8:2a:22:56:76:08:f5:f4:
36:26:ed:d3:ec:4f:eb:0b:35:d7:6e:97:67:51:ee:e9:1d:9e:
94:b8:d8:67:b4:97:4e:2e:f4:29:5e:d4:1f:52:3d:9b:14:f0:
5e:4a:0d:69:87:ee:1e:9f:61:9f:08:c6:e2:f0:ff:f1:9b:e8:
de:71:c2:ba:db:96:24:96:ba:2d:fe:d0:2f:5f:f7:59:84:4a:
4a:5d:7d:3b:e2:9f:22:b4:c6:73:ce:13:2e:23:30:f9:f7:9c:
2b:0c:29:86:1d:83:79:c0:4a:17:b2:03:6f:50:1e:b5:34:07:
d9:7e:6e:a0:4f:2e:ee:17:9e:12:7d:02:ef:25:cf:4e:e9:9f:
6d:11:f9:a4:52:e4:8f:05:65:75:36:df:ab:3a:e5:f3:b4:3c:
d9:14:08:ce:14:81:86:f8:12:db:66:d4:fe:b8:7c:01:66:d9:
e0:1c:4a:46:cd:fe:b6:cc:0d:53:9e:b6:70:d5:5d:10:21:6b:
1a:d5:c8:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYw+uiJgHvBH/d5KPPr71kx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTFjN2FhMGIzOTVlMDYxMmVjNDIzZmUwN2ZiMDM4OWFh
YTQwMDMwHhcNMjMxMjA2MTA0MzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM5ZWQ1YmI0ZDg5YTMwOWU1MWQxNDNlNTUwZTE1Nzk2YmU0ZGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknfwXNKg82tOY8AF1NPsw3pnEteZ
8Fduf5YbYJfIpx8P32oeJA/XnBx5gjQd9gZe+DIxz6kQwJDSzlpTSeI0WH0fgNcZ
U5eAbVWEleibrF30MtDbNyeuvu2POoyZWUIE8e+Vsr9bab9TERg+cXoKGsgtYC0s
aYRIcPuT4Qcfc5SKSyTlkCqaOny/ys8emcIVX1HgSyw19Qi5B4zvI5cbK+7Naw17
hYO357jlYVmkkvoVaDFFS3H6yjzgBv0lvoz7V9RDD6in5gBc3RN7u0nWSNbsXOP5
4dNnTDIP2bL/Ax/5oEjf5HHxOs4MuJz+RuDPaVI8X3IF6cWC/8Z3Iac5MQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKE57Vu02JownlHRQ+VQ4VeWvk3QMB8GA1UdIwQY
MBaAFBrhx6oLOV4GEuxCP+B/sDiaqkADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2Ut
OTRmZGM5ZmJkY2FjLzEvb1RudFc3VFltakNlVWRGRDVWRGhWNWEtVGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9hYmU2MjgtZmNlNy00NDdlLTg1M2UtOTRmZGM5ZmJkY2Fj
LzEvR3VISHFnczVYZ1lTN0VJXzRILXdPSnFxUUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEUR4QAwQE
UV0gAwQEXVggAwQCuT8MMA0GCSqGSIb3DQEBCwUAA4IBAQBegK8qZ3rH5Undbchi
ae1nOFB+GF8yTxZ39t3dfBFk6HomTzp3zVIYuyrQGIY+jua45/que+BQCOpe6yei
a4ih+CoiVnYI9fQ2Ju3T7E/rCzXXbpdnUe7pHZ6UuNhntJdOLvQpXtQfUj2bFPBe
Sg1ph+4en2GfCMbi8P/xm+jeccK625Yklrot/tAvX/dZhEpKXX074p8itMZzzhMu
IzD595wrDCmGHYN5wEoXsgNvUB61NAfZfm6gTy7uF54SfQLvJc9O6Z9tEfmkUuSP
BWV1Nt+rOuXztDzZFAjOFIGG+BLbZtT+uHwBZtngHEpGzf62zA1TnrZw1V0QIWsa
1chC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:01 2024 by rpki-client on console-fra.rpki-client.org