Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/8dthDnpR5x4WaGla4k1rcq6mgm8.roa
File: 8dthDnpR5x4WaGla4k1rcq6mgm8.roa (raw, json)
Hash identifier: imU9KEn17XJdhwemuG6/8lB+3kpJBVJgFsbrvEvl8Hg=
Subject key identifier: F1:DB:61:0E:7A:51:E7:1E:16:68:69:5A:E2:4D:6B:72:AE:A6:82:6F
Certificate issuer: /CN=f69f8bcf2a2ec10f9e4b6302e1b3509f3d0336ee
Certificate serial: 01876F134C62510C2EACF1E3FCDEAE668F1F
Authority key identifier: F6:9F:8B:CF:2A:2E:C1:0F:9E:4B:63:02:E1:B3:50:9F:3D:03:36:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9p-LzyouwQ-eS2MC4bNQnz0DNu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/8dthDnpR5x4WaGla4k1rcq6mgm8.roa
Signing time: Tue 11 Apr 2023 06:49:08 +0000
ROA not before: Tue 11 Apr 2023 06:49:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31726
IP address blocks: 94.139.64.0/19 maxlen: 19
185.211.72.0/22 maxlen: 22
31.204.72.0/21 maxlen: 21
109.109.64.0/19 maxlen: 19
2a00:1680::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6f:13:4c:62:51:0c:2e:ac:f1:e3:fc:de:ae:66:8f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69f8bcf2a2ec10f9e4b6302e1b3509f3d0336ee
Validity
Not Before: Apr 11 06:49:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1db610e7a51e71e1668695ae24d6b72aea6826f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a1:99:24:6a:25:a9:87:cf:af:a8:99:a7:50:
1a:cc:31:1f:84:17:e2:b1:3a:05:e9:26:af:b6:11:
29:e6:b2:f6:a7:0d:49:fd:03:7a:58:c5:4e:9b:96:
1a:95:11:d5:69:19:a3:74:89:9b:bb:ba:bb:c6:6f:
e7:ac:2c:97:61:76:a6:e0:75:02:29:3a:b4:16:0b:
e7:0d:28:ec:f8:40:e4:b5:51:2a:b8:eb:97:7b:bc:
88:53:b8:c4:2f:42:2a:bb:e5:69:e9:a1:bb:dd:fd:
1e:bf:c8:14:0d:26:da:37:d4:ae:f6:22:bc:a2:58:
55:dd:b0:2f:cd:23:d8:57:05:64:82:6c:26:bd:64:
3e:0c:7d:e8:de:49:20:62:44:5e:95:56:bc:b0:32:
63:61:3f:49:a6:1b:52:e7:f5:3f:ce:2a:53:81:a2:
a3:19:a2:83:82:be:29:0d:e8:55:6d:2d:e6:75:b5:
87:b0:7d:4b:7c:de:27:94:58:5f:3f:f9:64:00:91:
81:31:6c:6c:32:92:c7:e4:75:f8:01:77:a9:88:56:
bb:80:40:33:a7:bf:c0:ec:0a:b1:85:4f:db:47:78:
5b:d1:5b:69:b9:10:8c:f5:8c:1b:bb:69:b0:74:eb:
0c:c9:df:62:9f:b6:2f:57:bc:47:f7:4c:52:cd:3d:
26:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DB:61:0E:7A:51:E7:1E:16:68:69:5A:E2:4D:6B:72:AE:A6:82:6F
X509v3 Authority Key Identifier:
keyid:F6:9F:8B:CF:2A:2E:C1:0F:9E:4B:63:02:E1:B3:50:9F:3D:03:36:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9p-LzyouwQ-eS2MC4bNQnz0DNu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/8dthDnpR5x4WaGla4k1rcq6mgm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/9p-LzyouwQ-eS2MC4bNQnz0DNu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.72.0/21
94.139.64.0/19
109.109.64.0/19
185.211.72.0/22
IPv6:
2a00:1680::/32
Signature Algorithm: sha256WithRSAEncryption
85:d5:82:37:45:eb:21:b3:b4:3a:e8:fe:e1:60:1d:0d:69:17:
73:b5:8b:ef:d3:1d:70:75:f6:f4:31:98:bd:98:1c:a4:84:17:
e4:37:ee:5a:fa:25:1f:9f:7b:22:7a:0e:c1:f8:6d:18:4f:ca:
d9:66:22:15:33:d8:b2:75:4e:be:81:4b:ea:97:e8:4e:7f:6e:
9a:3b:be:af:d5:b5:54:9f:b5:c5:9b:e5:de:1b:a3:67:d0:cd:
8a:86:51:9c:02:89:e8:1f:eb:59:6e:d9:7e:31:8a:9d:2a:cd:
12:df:b8:ba:09:a9:9f:56:6a:40:e7:e0:69:45:6a:2c:b0:35:
4b:68:a9:d5:4e:38:dc:b9:4d:1c:b6:bb:29:a6:bf:8e:a7:92:
16:76:4f:38:4c:fb:e0:61:8f:ac:98:72:27:f7:bf:42:21:a2:
b4:06:f8:67:03:ad:92:68:1b:bd:5b:e8:c0:cf:91:ab:d9:5e:
5c:01:7c:4b:45:fc:92:ea:2b:47:a7:d7:8a:67:82:e2:c0:92:
e7:e8:b9:07:76:ca:ab:5c:82:53:a6:96:64:55:11:1d:69:c8:
bf:33:b0:10:66:b1:e1:d4:93:5d:34:f0:81:3c:87:41:64:d2:
84:85:9f:7a:1c:6d:96:e5:46:7d:c1:27:3a:05:91:88:88:5d:
c7:1c:26:b6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYdvE0xiUQwurPHj/N6uZo8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWY4YmNmMmEyZWMxMGY5ZTRiNjMwMmUxYjM1MDlmM2Qw
MzM2ZWUwHhcNMjMwNDExMDY0OTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWRiNjEwZTdhNTFlNzFlMTY2ODY5NWFlMjRkNmI3MmFlYTY4MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKGZJGolqYfPr6iZp1AazDEfhBfi
sToF6SavthEp5rL2pw1J/QN6WMVOm5YalRHVaRmjdImbu7q7xm/nrCyXYXam4HUC
KTq0FgvnDSjs+EDktVEquOuXe7yIU7jEL0Iqu+Vp6aG73f0ev8gUDSbaN9Su9iK8
olhV3bAvzSPYVwVkgmwmvWQ+DH3o3kkgYkRelVa8sDJjYT9JphtS5/U/zipTgaKj
GaKDgr4pDehVbS3mdbWHsH1LfN4nlFhfP/lkAJGBMWxsMpLH5HX4AXepiFa7gEAz
p7/A7AqxhU/bR3hb0VtpuRCM9Ywbu2mwdOsMyd9in7YvV7xH90xSzT0mzwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPHbYQ56UeceFmhpWuJNa3KupoJvMB8GA1UdIwQY
MBaAFPafi88qLsEPnktjAuGzUJ89AzbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXAtTHp5b3V3US1lUzJNQzRiTlFuejBETnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YzhiYTEtODQwNy00YzJhLTkxMmEt
MDBhNzcwNDc3NGUxLzEvOGR0aERucFI1eDRXYUdsYTRrMXJjcTZtZ204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YzhiYTEtODQwNy00YzJhLTkxMmEtMDBhNzcwNDc3NGUx
LzEvOXAtTHp5b3V3US1lUzJNQzRiTlFuejBETnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH8xIAwQF
XotAAwQFbW1AAwQCudNIMA0EAgACMAcDBQAqABaAMA0GCSqGSIb3DQEBCwUAA4IB
AQCF1YI3Reshs7Q66P7hYB0NaRdztYvv0x1wdfb0MZi9mBykhBfkN+5a+iUfn3si
eg7B+G0YT8rZZiIVM9iydU6+gUvql+hOf26aO76v1bVUn7XFm+XeG6Nn0M2KhlGc
AonoH+tZbtl+MYqdKs0S37i6CamfVmpA5+BpRWossDVLaKnVTjjcuU0ctrsppr+O
p5IWdk84TPvgYY+smHIn979CIaK0BvhnA62SaBu9W+jAz5Gr2V5cAXxLRfyS6itH
p9eKZ4LiwJLn6LkHdsqrXIJTppZkVREdaci/M7AQZrHh1JNdNPCBPIdBZNKEhZ96
HG2W5UZ9wSc6BZGIiF3HHCa2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:25 2024 by rpki-client on console-fra.rpki-client.org