Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/I0CrrNDDd7Sgbp5KpEbqgFg5Nzc.roa
File: I0CrrNDDd7Sgbp5KpEbqgFg5Nzc.roa (raw, json)
Hash identifier: qYMO4bCGDGteXEHGi0T58MCdXVkDUCxQs+AL5ratjgA=
Subject key identifier: 23:40:AB:AC:D0:C3:77:B4:A0:6E:9E:4A:A4:46:EA:80:58:39:37:37
Certificate issuer: /CN=46cfc41a419a7bbd6d8e8c4ee685595b6a40b9f1
Certificate serial: 0185720312AFB89BEE30CFD266235949A816
Authority key identifier: 46:CF:C4:1A:41:9A:7B:BD:6D:8E:8C:4E:E6:85:59:5B:6A:40:B9:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/I0CrrNDDd7Sgbp5KpEbqgFg5Nzc.roa
Signing time: Mon 02 Jan 2023 10:24:42 +0000
ROA not before: Mon 02 Jan 2023 10:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9044
IP address blocks: 82.220.0.0/16 maxlen: 18
185.252.240.0/22 maxlen: 23
212.101.0.0/19 maxlen: 20
212.41.64.0/18 maxlen: 19
194.124.208.0/24 maxlen: 24
2001:1680::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:12:af:b8:9b:ee:30:cf:d2:66:23:59:49:a8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46cfc41a419a7bbd6d8e8c4ee685595b6a40b9f1
Validity
Not Before: Jan 2 10:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2340abacd0c377b4a06e9e4aa446ea8058393737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c9:9b:10:02:5a:ef:72:3c:39:9e:8b:bb:28:
c9:0e:01:1d:18:ed:cb:63:49:f7:a5:4d:1a:b8:9b:
41:75:06:ce:21:15:30:c7:87:f3:44:3f:8c:38:b7:
6a:00:10:ba:06:ea:49:40:85:d5:67:ec:04:40:ee:
a4:b6:28:ac:82:f8:89:a3:61:12:98:fe:32:d8:72:
fd:4b:1c:bb:62:a2:be:b9:60:dc:be:f8:e9:0e:7a:
67:10:d9:d2:12:83:b1:eb:7b:82:b7:1f:58:8c:f2:
2a:7a:c7:84:cc:c9:5e:32:11:9a:a3:0a:a2:d6:2b:
f8:3e:63:e0:5f:80:af:98:02:26:1a:cd:a1:9e:29:
77:20:ab:6e:36:f6:dd:77:1d:d1:1f:79:ed:c4:56:
40:64:21:a4:d5:fb:a2:f1:14:ef:01:47:1b:5d:de:
cc:f9:d0:3c:a0:2e:ee:49:06:1b:b1:64:71:90:9a:
05:a1:77:18:a4:25:9d:b6:a3:78:76:61:b8:1b:22:
e4:1d:97:18:1b:ba:1f:ce:82:39:b4:f5:69:9d:fb:
3e:ee:43:ba:96:52:61:60:f8:04:7f:c7:80:b0:cc:
86:9e:e8:55:01:ef:a3:17:e6:91:b0:a1:35:3a:50:
d1:5d:c3:62:1b:a2:0c:67:c2:1a:f3:24:71:04:25:
5d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:40:AB:AC:D0:C3:77:B4:A0:6E:9E:4A:A4:46:EA:80:58:39:37:37
X509v3 Authority Key Identifier:
keyid:46:CF:C4:1A:41:9A:7B:BD:6D:8E:8C:4E:E6:85:59:5B:6A:40:B9:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rs_EGkGae71tjoxO5oVZW2pAufE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/I0CrrNDDd7Sgbp5KpEbqgFg5Nzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/2c237a-8bbc-49c3-adea-cc3376ef7300/1/Rs_EGkGae71tjoxO5oVZW2pAufE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.220.0.0/16
185.252.240.0/22
194.124.208.0/24
212.41.64.0/18
212.101.0.0/19
IPv6:
2001:1680::/29
Signature Algorithm: sha256WithRSAEncryption
cd:16:1d:f4:cf:c1:86:5b:fa:6a:81:a8:c1:1d:50:fd:a0:6c:
0d:7b:69:bf:bb:1c:f4:8e:a9:8e:2f:14:e2:0f:c8:73:8a:a8:
b2:5e:07:9d:74:9e:a5:49:74:b0:6b:ca:a6:11:43:39:e2:a7:
64:e8:44:1b:d0:a8:b8:42:89:d9:46:8a:cd:a6:6e:05:d1:cd:
60:51:bb:b1:49:fc:28:fd:93:71:da:e9:d7:5f:9f:9e:98:1b:
ea:f9:7a:70:56:38:87:46:54:60:92:f5:d9:b9:7a:c3:70:6d:
7d:e6:70:ab:7b:cc:0c:fc:3f:4a:00:e2:29:ed:cd:b2:c2:a6:
64:30:4d:ce:50:6b:09:71:45:02:0a:a6:96:8b:fe:4a:62:65:
f5:e3:1e:5c:4f:1a:e3:12:9f:b5:bf:01:6f:06:ad:3b:6f:50:
84:7b:01:c3:d8:bc:ee:ab:a3:f4:47:80:bc:8a:38:d7:49:24:
d9:c1:db:eb:ff:28:34:c6:1d:ca:7a:62:db:b6:4d:00:72:8c:
6c:b9:53:81:d1:6d:b2:70:82:2d:30:dc:16:bf:98:eb:fd:c3:
1f:78:a1:f6:11:c5:27:7d:e8:a6:45:e6:e5:4d:4c:a0:f5:e0:
78:c2:39:2c:ce:aa:a9:79:9c:51:77:35:92:78:0e:9a:c1:67:
af:18:a3:6e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVyAxKvuJvuMM/SZiNZSagWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2Y2ZjNDFhNDE5YTdiYmQ2ZDhlOGM0ZWU2ODU1OTViNmE0
MGI5ZjEwHhcNMjMwMTAyMTAyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQwYWJhY2QwYzM3N2I0YTA2ZTllNGFhNDQ2ZWE4MDU4MzkzNzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucmbEAJa73I8OZ6LuyjJDgEdGO3L
Y0n3pU0auJtBdQbOIRUwx4fzRD+MOLdqABC6BupJQIXVZ+wEQO6ktiisgviJo2ES
mP4y2HL9Sxy7YqK+uWDcvvjpDnpnENnSEoOx63uCtx9YjPIqeseEzMleMhGaowqi
1iv4PmPgX4CvmAImGs2hnil3IKtuNvbddx3RH3ntxFZAZCGk1fui8RTvAUcbXd7M
+dA8oC7uSQYbsWRxkJoFoXcYpCWdtqN4dmG4GyLkHZcYG7ofzoI5tPVpnfs+7kO6
llJhYPgEf8eAsMyGnuhVAe+jF+aRsKE1OlDRXcNiG6IMZ8Ia8yRxBCVdxQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCNAq6zQw3e0oG6eSqRG6oBYOTc3MB8GA1UdIwQY
MBaAFEbPxBpBmnu9bY6MTuaFWVtqQLnxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnNfRUdrR2FlNzF0am94TzVvVlpXMnBBdWZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8yYzIzN2EtOGJiYy00OWMzLWFkZWEt
Y2MzMzc2ZWY3MzAwLzEvSTBDcnJORERkN1NnYnA1S3BFYnFnRmc1TnpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8yYzIzN2EtOGJiYy00OWMzLWFkZWEtY2MzMzc2ZWY3MzAw
LzEvUnNfRUdrR2FlNzF0am94TzVvVlpXMnBBdWZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAUtwDBAK5
/PADBADCfNADBAbUKUADBAXUZQAwDQQCAAIwBwMFAyABFoAwDQYJKoZIhvcNAQEL
BQADggEBAM0WHfTPwYZb+mqBqMEdUP2gbA17ab+7HPSOqY4vFOIPyHOKqLJeB510
nqVJdLBryqYRQznip2ToRBvQqLhCidlGis2mbgXRzWBRu7FJ/Cj9k3Ha6ddfn56Y
G+r5enBWOIdGVGCS9dm5esNwbX3mcKt7zAz8P0oA4intzbLCpmQwTc5QawlxRQIK
ppaL/kpiZfXjHlxPGuMSn7W/AW8GrTtvUIR7AcPYvO6ro/RHgLyKONdJJNnB2+v/
KDTGHcp6Ytu2TQByjGy5U4HRbbJwgi0w3Ba/mOv9wx94ofYRxSd96KZF5uVNTKD1
4HjCOSzOqql5nFF3NZJ4DprBZ68Yo24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:43 2024 by rpki-client on console-fra.rpki-client.org