Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/8D95uU3MU-clNDgtJJtx9u2BwOk.roa
File: 8D95uU3MU-clNDgtJJtx9u2BwOk.roa (raw, json)
Hash identifier: uhmg4abk3VAOyhnRwytXHM8IYVkAba6NPdfWnj5Ywlc=
Subject key identifier: F0:3F:79:B9:4D:CC:53:E7:25:34:38:2D:24:9B:71:F6:ED:81:C0:E9
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 01856FA7026BE01C027952491D4BC6F345DA
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/8D95uU3MU-clNDgtJJtx9u2BwOk.roa
Signing time: Sun 01 Jan 2023 23:24:54 +0000
ROA not before: Sun 01 Jan 2023 23:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199251
IP address blocks: 176.58.44.0/24 maxlen: 24
176.58.45.0/24 maxlen: 24
176.58.48.0/23 maxlen: 23
176.58.51.0/24 maxlen: 24
176.58.52.0/24 maxlen: 24
176.58.55.0/24 maxlen: 24
176.58.57.0/24 maxlen: 24
176.58.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:02:6b:e0:1c:02:79:52:49:1d:4b:c6:f3:45:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jan 1 23:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f03f79b94dcc53e72534382d249b71f6ed81c0e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ce:9c:99:e2:79:d2:9e:5a:65:bc:d3:48:3c:
81:f4:14:38:e8:b4:0f:6f:85:6d:81:bc:0a:de:b0:
f4:0d:04:24:08:8a:e7:60:60:6e:0e:7c:b0:35:db:
e4:9f:70:84:ab:bb:bc:0b:d6:f6:6f:b7:0c:b1:8d:
16:02:8f:1e:27:13:cb:ea:50:11:32:23:bc:46:39:
ea:f7:90:c7:3a:54:03:e3:bb:cf:0a:bf:aa:0f:6c:
02:05:0e:e7:e2:f4:c1:87:e0:70:3d:a2:eb:fb:22:
b1:81:43:fc:f6:86:8f:ec:74:67:35:53:ea:3d:f7:
40:e6:77:2f:97:a6:1f:2f:4c:14:c9:ce:d0:ac:a4:
eb:c4:dd:76:6d:61:92:2f:cc:6b:0e:07:c7:a4:6f:
08:4e:e8:36:d6:c5:54:08:85:4d:b6:10:25:64:33:
09:01:fa:00:a9:cd:ff:3b:35:1c:35:a2:81:38:75:
cd:5e:9f:65:db:61:a4:c4:01:e6:32:f7:14:34:0b:
f6:4c:6e:7d:1e:c4:5b:8b:dc:c8:ba:e1:71:68:02:
df:ab:30:d2:96:87:40:73:be:7e:1c:7c:ed:07:d8:
af:e3:de:ff:c5:84:71:4d:9c:90:84:e8:29:31:9e:
b7:e2:89:00:8b:9d:b1:31:1d:81:30:88:90:85:62:
00:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3F:79:B9:4D:CC:53:E7:25:34:38:2D:24:9B:71:F6:ED:81:C0:E9
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/8D95uU3MU-clNDgtJJtx9u2BwOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.44.0/23
176.58.48.0/23
176.58.51.0-176.58.52.255
176.58.55.0/24
176.58.57.0/24
176.58.59.0/24
Signature Algorithm: sha256WithRSAEncryption
02:20:13:3e:59:bb:da:fb:ea:e6:06:5c:cc:82:d8:b6:fc:ce:
5f:fd:7e:99:4b:72:3d:f9:1a:1d:74:b4:cf:da:14:01:ec:10:
18:85:84:19:95:42:0a:40:fe:24:b1:0e:a2:cc:25:db:9b:2e:
e7:aa:1d:66:49:4b:e9:55:3d:4d:53:29:57:bb:75:2c:20:a2:
f6:11:a2:61:3c:11:10:c1:2d:11:a9:fa:eb:c6:47:0a:77:1d:
b6:9e:3e:8d:ca:52:c6:60:68:5a:2f:f6:c9:6f:c0:cb:99:46:
60:28:64:a1:30:6a:4b:12:cf:fa:49:00:a3:ed:31:ec:79:1d:
05:35:8f:cc:13:f0:bc:f2:f4:6f:a0:89:84:08:2c:77:1e:d4:
80:6c:19:b4:68:71:55:4d:f1:75:2b:7d:cb:76:aa:b0:b6:cd:
73:57:da:6a:39:80:8e:bc:51:d9:29:92:12:4f:03:89:e9:40:
2d:5c:72:59:c9:62:9b:6c:5c:00:8b:d2:42:8c:04:be:55:1b:
16:90:66:a8:f1:fd:a3:b8:91:b4:3b:5c:2b:67:08:8e:40:68:
99:f2:9f:56:96:25:71:6d:db:10:c1:35:79:33:c0:06:e7:72:
72:03:14:d4:ac:38:74:a0:ed:01:2a:77:7a:2a:64:b2:00:c5:
86:08:63:41
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvpwJr4BwCeVJJHUvG80XaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjMwMTAxMjMyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNmNzliOTRkY2M1M2U3MjUzNDM4MmQyNDliNzFmNmVkODFjMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmM6cmeJ50p5aZbzTSDyB9BQ46LQP
b4VtgbwK3rD0DQQkCIrnYGBuDnywNdvkn3CEq7u8C9b2b7cMsY0WAo8eJxPL6lAR
MiO8Rjnq95DHOlQD47vPCr+qD2wCBQ7n4vTBh+BwPaLr+yKxgUP89oaP7HRnNVPq
PfdA5ncvl6YfL0wUyc7QrKTrxN12bWGSL8xrDgfHpG8ITug21sVUCIVNthAlZDMJ
AfoAqc3/OzUcNaKBOHXNXp9l22GkxAHmMvcUNAv2TG59HsRbi9zIuuFxaALfqzDS
lodAc75+HHztB9iv497/xYRxTZyQhOgpMZ634okAi52xMR2BMIiQhWIATQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPA/eblNzFPnJTQ4LSSbcfbtgcDpMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvOEQ5NXVVM01VLWNsTkRndEpKdHg5dTJCd09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBsDosAwQB
sDowMAwDBACwOjMDBACwOjQDBACwOjcDBACwOjkDBACwOjswDQYJKoZIhvcNAQEL
BQADggEBAAIgEz5Zu9r76uYGXMyC2Lb8zl/9fplLcj35Gh10tM/aFAHsEBiFhBmV
QgpA/iSxDqLMJdubLueqHWZJS+lVPU1TKVe7dSwgovYRomE8ERDBLRGp+uvGRwp3
HbaePo3KUsZgaFov9slvwMuZRmAoZKEwaksSz/pJAKPtMex5HQU1j8wT8Lzy9G+g
iYQILHce1IBsGbRocVVN8XUrfct2qrC2zXNX2mo5gI68UdkpkhJPA4npQC1cclnJ
YptsXACL0kKMBL5VGxaQZqjx/aO4kbQ7XCtnCI5AaJnyn1aWJXFt2xDBNXkzwAbn
cnIDFNSsOHSg7QEqd3oqZLIAxYYIY0E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org