Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/b-bA8Qk0btSf3Qqz-n4AYTDnsB4.roa
File: b-bA8Qk0btSf3Qqz-n4AYTDnsB4.roa (raw, json)
Hash identifier: taHYfkV1ySysFrq93nsvh7bUtrbEaw2PMhsLc7zAcNw=
Subject key identifier: 6F:E6:C0:F1:09:34:6E:D4:9F:DD:0A:B3:FA:7E:00:61:30:E7:B0:1E
Certificate issuer: /CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Certificate serial: 018BD6A7687FFC3CEA8D05BA50DA4DAAF527
Authority key identifier: 5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/b-bA8Qk0btSf3Qqz-n4AYTDnsB4.roa
Signing time: Thu 16 Nov 2023 05:42:57 +0000
ROA not before: Thu 16 Nov 2023 05:42:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25233
IP address blocks: 213.184.160.0/19 maxlen: 19
84.22.241.0/24 maxlen: 24
84.22.254.0/24 maxlen: 24
212.93.192.0/19 maxlen: 19
212.93.196.0/24 maxlen: 24
77.64.0.0/17 maxlen: 17
84.22.224.0/19 maxlen: 19
84.22.231.0/24 maxlen: 24
77.64.40.0/24 maxlen: 24
84.22.234.0/24 maxlen: 24
84.22.238.0/24 maxlen: 24
212.100.218.0/24 maxlen: 24
212.100.192.0/19 maxlen: 19
212.116.192.0/19 maxlen: 19
212.100.210.0/24 maxlen: 24
2a02:df0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 16 Nov 2023 05:54:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d6:a7:68:7f:fc:3c:ea:8d:05:ba:50:da:4d:aa:f5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a43e9e267956e7f262c17f0089f0f60ba7abefb
Validity
Not Before: Nov 16 05:42:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fe6c0f109346ed49fdd0ab3fa7e006130e7b01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:57:19:5c:f1:c5:9e:13:f7:ee:7b:47:38:6f:
6f:75:c3:64:1d:f2:7a:fb:3e:8a:89:74:8f:d5:5d:
a4:58:dd:b8:ca:8b:a3:b0:04:23:e4:f8:76:e1:a1:
9d:47:24:04:1c:97:a0:1c:47:90:35:6e:5f:24:bc:
53:11:b1:bf:b4:c1:b2:04:d8:77:27:8a:6f:13:14:
15:5e:56:f4:36:56:78:37:65:02:16:85:bb:ae:0d:
db:2a:73:1f:f4:83:d3:e0:47:e0:4e:54:62:51:72:
47:7c:4f:7b:89:27:a7:7f:3d:c6:e9:fb:05:a3:40:
0b:62:f5:02:0e:87:1b:62:fc:a8:5d:05:03:97:1b:
c7:0d:01:d9:d8:fa:eb:de:41:d9:c0:b4:96:e3:71:
8f:49:f3:76:d9:4e:e3:ad:44:23:85:05:1e:d6:51:
b0:c4:6f:cd:37:b7:91:c6:5c:df:02:08:a1:03:8c:
6a:06:6c:87:aa:e7:6e:fe:5e:71:26:74:12:be:75:
a7:5f:e7:85:5b:d2:76:84:93:c9:4a:e6:2f:f4:b6:
bf:77:e2:32:69:18:4f:15:de:d4:a9:2c:a4:ec:35:
0d:db:b8:33:67:b9:a5:48:79:13:07:68:b8:bd:db:
cb:80:19:8e:87:49:a5:c4:db:b9:be:d2:ef:3b:54:
6d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E6:C0:F1:09:34:6E:D4:9F:DD:0A:B3:FA:7E:00:61:30:E7:B0:1E
X509v3 Authority Key Identifier:
keyid:5A:43:E9:E2:67:95:6E:7F:26:2C:17:F0:08:9F:0F:60:BA:7A:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WkPp4meVbn8mLBfwCJ8PYLp6vvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/b-bA8Qk0btSf3Qqz-n4AYTDnsB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/06444c-9d9b-4c6b-950b-79c8987a8b1c/1/WkPp4meVbn8mLBfwCJ8PYLp6vvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.0.0/17
84.22.224.0/19
212.93.192.0/19
212.100.192.0/19
212.116.192.0/19
213.184.160.0/19
IPv6:
2a02:df0::/32
Signature Algorithm: sha256WithRSAEncryption
93:2e:2d:f4:0a:f1:2e:9a:f5:34:5b:88:6a:08:7b:81:81:12:
91:7a:c9:33:40:a4:19:0c:53:d0:a7:3d:e1:80:f6:b4:8c:fc:
ff:42:8e:fa:d5:3c:87:0a:e7:16:cb:14:d1:82:00:98:cc:fe:
6f:09:67:7c:f9:2a:9a:e5:47:cd:22:28:a7:0f:63:f7:81:b7:
d2:3c:9f:76:3d:72:ce:21:a6:10:4b:2c:cc:86:8d:e0:47:37:
19:84:0f:c1:6a:d9:f9:99:05:77:38:c0:83:8a:02:59:97:a0:
4c:45:45:4a:35:73:d1:db:b1:6b:e7:f0:03:ff:df:ae:dc:f0:
13:de:ad:48:a0:96:70:f6:81:d7:94:55:2f:44:b6:87:af:84:
5a:28:01:89:c8:a0:e9:fa:a1:89:4d:78:78:75:83:f7:2b:d1:
0f:db:8c:4c:44:df:81:c5:a8:80:7c:16:f6:77:61:ef:c1:8e:
4c:22:4f:df:20:ef:3a:fa:fc:fa:2e:c5:57:83:4e:e2:c7:fc:
36:f6:6e:d3:3c:18:57:8a:4d:46:28:0f:58:e9:f3:ca:8f:ca:
af:52:eb:f0:e1:94:50:87:7b:44:9a:86:cb:6e:5e:e2:fb:6d:
22:a4:44:8b:69:af:25:4f:f9:47:75:8a:75:f7:1d:f6:c5:d1:
9b:5d:f1:a5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYvWp2h//DzqjQW6UNpNqvUnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDNlOWUyNjc5NTZlN2YyNjJjMTdmMDA4OWYwZjYwYmE3
YWJlZmIwHhcNMjMxMTE2MDU0MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmU2YzBmMTA5MzQ2ZWQ0OWZkZDBhYjNmYTdlMDA2MTMwZTdiMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FcZXPHFnhP37ntHOG9vdcNkHfJ6
+z6KiXSP1V2kWN24youjsAQj5Ph24aGdRyQEHJegHEeQNW5fJLxTEbG/tMGyBNh3
J4pvExQVXlb0NlZ4N2UCFoW7rg3bKnMf9IPT4EfgTlRiUXJHfE97iSenfz3G6fsF
o0ALYvUCDocbYvyoXQUDlxvHDQHZ2Prr3kHZwLSW43GPSfN22U7jrUQjhQUe1lGw
xG/NN7eRxlzfAgihA4xqBmyHqudu/l5xJnQSvnWnX+eFW9J2hJPJSuYv9La/d+Iy
aRhPFd7UqSyk7DUN27gzZ7mlSHkTB2i4vdvLgBmOh0mlxNu5vtLvO1Rt2QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFG/mwPEJNG7Un90Ks/p+AGEw57AeMB8GA1UdIwQY
MBaAFFpD6eJnlW5/JiwX8AifD2C6er77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGIt
NzljODk4N2E4YjFjLzEvYi1iQThRazBidFNmM1Fxei1uNEFZVERuc0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wNjQ0NGMtOWQ5Yi00YzZiLTk1MGItNzljODk4N2E4YjFj
LzEvV2tQcDRtZVZibjhtTEJmd0NKOFBZTHA2dnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQHTUAAAwQF
VBbgAwQF1F3AAwQF1GTAAwQF1HTAAwQF1bigMA0EAgACMAcDBQAqAg3wMA0GCSqG
SIb3DQEBCwUAA4IBAQCTLi30CvEumvU0W4hqCHuBgRKReskzQKQZDFPQpz3hgPa0
jPz/Qo761TyHCucWyxTRggCYzP5vCWd8+Sqa5UfNIiinD2P3gbfSPJ92PXLOIaYQ
SyzMho3gRzcZhA/Batn5mQV3OMCDigJZl6BMRUVKNXPR27Fr5/AD/9+u3PAT3q1I
oJZw9oHXlFUvRLaHr4RaKAGJyKDp+qGJTXh4dYP3K9EP24xMRN+BxaiAfBb2d2Hv
wY5MIk/fIO86+vz6LsVXg07ix/w29m7TPBhXik1GKA9Y6fPKj8qvUuvw4ZRQh3tE
mobLbl7i+20ipESLaa8lT/lHdYp19x32xdGbXfGl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:05 2024 by rpki-client on console-fra.rpki-client.org