Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/tNhxKrHHyv1QYNslRzB8t9tOp3E.roa
File: tNhxKrHHyv1QYNslRzB8t9tOp3E.roa (raw, json)
Hash identifier: 8iz/RihXDiTGvnbIeUzwLkNuLsTP6J7ZZxNpGkx+glU=
Subject key identifier: B4:D8:71:2A:B1:C7:CA:FD:50:60:DB:25:47:30:7C:B7:DB:4E:A7:71
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 018F6247FF6CF8241126C28C50825CD50002
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/tNhxKrHHyv1QYNslRzB8t9tOp3E.roa
Signing time: Fri 10 May 2024 11:33:56 +0000
ROA not before: Fri 10 May 2024 11:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
89.207.136.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
178.174.112.0/20 maxlen: 20
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.178.4.0/22 maxlen: 22
185.190.36.0/24 maxlen: 24
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 05 Jun 2024 09:54:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:47:ff:6c:f8:24:11:26:c2:8c:50:82:5c:d5:00:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: May 10 11:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4d8712ab1c7cafd5060db2547307cb7db4ea771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:88:36:4d:7e:ab:89:e3:86:a6:c0:e5:f8:4a:
1e:38:58:38:71:a5:7d:5a:47:bb:1c:11:b9:3a:7f:
a6:16:8c:84:56:70:2f:04:c4:59:b0:27:28:ce:a8:
f8:a4:1b:47:49:1a:b3:5a:5c:38:4e:92:04:25:bb:
c9:33:f6:83:03:94:b2:58:cd:ce:ca:b8:36:36:72:
2f:00:04:98:f6:ab:5e:6e:2c:6f:53:1d:18:ee:8a:
d5:30:8d:4e:5b:86:b8:40:60:42:dc:8b:ba:e3:3f:
b1:ac:70:1d:77:30:16:54:17:c8:78:5b:58:1d:69:
af:cd:0f:36:3c:45:e4:55:8b:58:47:91:87:3f:04:
94:b8:72:35:55:d4:93:81:16:4b:0b:1d:00:e5:99:
f5:bd:72:cb:00:3e:43:92:5b:9b:ad:04:60:25:3e:
68:ce:68:bb:d2:e9:02:99:29:cb:3c:65:92:81:26:
82:0d:ec:7a:72:98:2c:e2:f1:cd:c9:af:11:96:10:
f7:67:0a:ff:fb:93:11:92:76:3c:e2:5f:07:f7:ec:
68:01:e8:21:1b:0b:18:d3:0a:3e:98:d5:74:4d:9d:
d4:de:d2:47:1b:a8:97:37:8c:ab:5c:cd:5e:8b:be:
22:40:39:f9:2d:55:7f:33:a3:39:03:25:17:7e:96:
61:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D8:71:2A:B1:C7:CA:FD:50:60:DB:25:47:30:7C:B7:DB:4E:A7:71
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/tNhxKrHHyv1QYNslRzB8t9tOp3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
82.148.168.0-82.148.191.255
89.207.136.0/21
109.169.112.0/21
178.174.112.0/20
185.176.244.0/23
185.178.4.0/22
185.190.36.0/24
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
46:81:d0:e8:cd:fd:f4:ca:ab:98:5a:c3:e9:c7:c8:42:16:52:
b2:98:16:6f:ac:f5:5c:7e:4b:aa:39:f8:e5:6f:5f:72:ee:7a:
d6:eb:c1:a5:81:23:e7:c8:75:ff:c4:de:c5:c1:fd:44:a7:1b:
ec:0f:4c:9f:c2:37:e1:da:fa:79:93:e0:38:41:32:c4:15:77:
93:74:fb:73:cf:a1:06:9e:4b:f7:0d:5f:f0:60:44:c9:e0:06:
d6:8d:3a:07:9a:74:9b:c9:3c:1e:78:3e:d6:2f:ee:90:d2:dc:
57:bc:9c:bd:c6:9f:2e:47:93:71:b6:43:a8:11:8e:7f:4b:48:
71:71:06:d1:c9:6f:f2:14:10:e5:b1:ca:b5:4a:f1:19:82:d7:
49:b7:4e:0b:dc:e5:83:31:fd:06:2f:81:31:ea:bc:1c:a8:6f:
f0:2c:39:f8:04:e7:4d:8e:75:7d:8e:72:9f:24:92:4e:8f:f3:
a7:c0:d9:ac:a0:78:c3:b1:c8:a9:29:c0:a7:33:c9:d6:9e:16:
f1:e6:5f:f5:06:48:10:41:0a:c6:b2:da:5b:c2:0a:52:60:1f:
7b:ed:7e:a5:2a:fe:b1:b2:6f:e0:a8:6f:9b:2a:31:05:cf:c0:
72:fa:2e:8e:92:3f:50:8f:16:bc:b7:70:79:4b:ed:aa:d0:09:
5e:0d:80:09
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY9iR/9s+CQRJsKMUIJc1QACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQwNTEwMTEzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ4NzEyYWIxYzdjYWZkNTA2MGRiMjU0NzMwN2NiN2RiNGVhNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzog2TX6rieOGpsDl+EoeOFg4caV9
Wke7HBG5On+mFoyEVnAvBMRZsCcozqj4pBtHSRqzWlw4TpIEJbvJM/aDA5SyWM3O
yrg2NnIvAASY9qtebixvUx0Y7orVMI1OW4a4QGBC3Iu64z+xrHAddzAWVBfIeFtY
HWmvzQ82PEXkVYtYR5GHPwSUuHI1VdSTgRZLCx0A5Zn1vXLLAD5DklubrQRgJT5o
zmi70ukCmSnLPGWSgSaCDex6cpgs4vHNya8RlhD3Zwr/+5MRknY84l8H9+xoAegh
GwsY0wo+mNV0TZ3U3tJHG6iXN4yrXM1ei74iQDn5LVV/M6M5AyUXfpZh6wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLTYcSqxx8r9UGDbJUcwfLfbTqdxMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvdE5oeEtySEh5djFRWU5zbFJ6Qjh0OXRPcDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDLuOYAwQD
UVhAMAwDBANSlKgDBAZSlIADBANZz4gDBANtqXADBASyrnADBAG5sPQDBAK5sgQD
BAC5viQwFAQCAAIwDgMFASoKJ4ADBQMqENZAMA0GCSqGSIb3DQEBCwUAA4IBAQBG
gdDozf30yquYWsPpx8hCFlKymBZvrPVcfkuqOfjlb19y7nrW68GlgSPnyHX/xN7F
wf1EpxvsD0yfwjfh2vp5k+A4QTLEFXeTdPtzz6EGnkv3DV/wYETJ4AbWjToHmnSb
yTweeD7WL+6Q0txXvJy9xp8uR5NxtkOoEY5/S0hxcQbRyW/yFBDlscq1SvEZgtdJ
t04L3OWDMf0GL4Ex6rwcqG/wLDn4BOdNjnV9jnKfJJJOj/OnwNmsoHjDscipKcCn
M8nWnhbx5l/1BkgQQQrGstpbwgpSYB977X6lKv6xsm/gqG+bKjEFz8By+i6Okj9Q
jxa8t3B5S+2q0AleDYAJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org