Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/cIEi_h8I4C6PECb7i3rscFtVKIM.roa
File: cIEi_h8I4C6PECb7i3rscFtVKIM.roa (raw, json)
Hash identifier: wLfzdjK4CHbO8FgICAM5Pe2AjfmJ/bDp4TUzc8HC3U8=
Subject key identifier: 70:81:22:FE:1F:08:E0:2E:8F:10:26:FB:8B:7A:EC:70:5B:55:28:83
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01879695A1CF419D3622AA21E1EAE6F425C2
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/cIEi_h8I4C6PECb7i3rscFtVKIM.roa
Signing time: Tue 18 Apr 2023 22:56:41 +0000
ROA not before: Tue 18 Apr 2023 22:56:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 188.240.83.0/24 maxlen: 24
5.35.192.0/21 maxlen: 24
84.234.16.0/20 maxlen: 24
62.112.0.0/21 maxlen: 24
194.88.112.0/20 maxlen: 24
89.37.128.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Apr 2023 22:57:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:96:95:a1:cf:41:9d:36:22:aa:21:e1:ea:e6:f4:25:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Apr 18 22:56:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=708122fe1f08e02e8f1026fb8b7aec705b552883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1d:b5:ac:96:66:ca:68:d0:8a:86:92:68:de:
f9:c1:3d:d4:41:06:f2:66:ea:35:ae:07:3f:3d:06:
b4:b2:81:01:41:29:0d:d6:75:33:36:42:ac:8d:01:
aa:68:4b:d3:18:e3:fa:90:ca:ef:dd:1f:a5:91:ff:
da:3e:e3:cb:5e:43:2d:6b:0a:fb:af:da:8d:79:dd:
a1:f8:fc:f4:4a:a2:5e:d3:04:51:20:6a:ed:1c:89:
66:f0:f4:d9:6c:cb:bf:85:b8:c6:4a:dc:84:32:6b:
c8:0a:65:dc:c8:80:0c:68:e6:b4:47:ae:ac:f5:9a:
39:bd:5a:a7:dd:39:1b:60:28:a0:d1:b0:9a:f4:fa:
25:87:6c:61:21:db:31:f6:2b:4d:77:32:78:d3:f5:
46:5c:02:37:40:a7:7a:e0:3d:6c:65:ee:a9:fe:51:
a4:68:9d:6d:19:84:7c:39:de:e1:24:b0:bf:a3:fc:
84:0c:61:0a:0f:0a:7c:b6:a9:fb:2b:a7:e2:54:72:
73:55:08:55:e3:bd:de:5e:6d:f9:09:b4:6c:fb:38:
cf:81:89:27:a6:86:9f:04:1c:b4:29:e0:46:db:ef:
12:11:d1:02:9d:04:3f:cc:d3:89:f0:4d:76:dc:54:
d5:61:9f:a4:4e:5b:e7:15:1d:73:37:1a:23:02:85:
e2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:81:22:FE:1F:08:E0:2E:8F:10:26:FB:8B:7A:EC:70:5B:55:28:83
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/cIEi_h8I4C6PECb7i3rscFtVKIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
62.112.0.0/21
84.234.16.0/20
89.37.128.0/24
176.223.190.0/24
188.240.83.0/24
194.88.112.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:24:7f:fb:a2:8c:0e:99:19:c3:42:42:bb:44:53:29:cd:dd:
65:cd:45:f8:9a:4e:59:22:25:dc:56:b7:12:d3:d7:0c:35:54:
9c:dc:41:40:4e:3e:36:4a:de:53:a4:07:d3:b8:b0:5d:8a:6d:
a7:5b:73:28:77:f3:1a:5a:9b:a0:b4:67:46:64:a2:a0:d3:12:
39:fa:6a:c6:25:c7:19:67:39:66:26:90:13:1e:be:59:fc:2b:
01:6d:23:c9:be:b9:ee:6b:e4:92:06:66:e5:26:2d:2b:b1:1b:
e5:ee:ea:8e:8f:d7:89:38:69:af:0d:28:7b:65:fa:1c:d8:88:
ba:44:66:e8:27:a4:78:5e:9d:0b:8d:e8:94:22:3e:97:08:73:
a6:5f:ca:09:46:25:aa:a4:73:e8:71:d9:69:10:b0:61:59:94:
24:85:6e:ad:ec:d4:44:e0:ac:ac:84:71:61:d2:fb:1d:3f:b1:
c8:1b:1f:b7:a4:49:47:66:68:6f:f9:30:7b:54:45:b2:14:bc:
14:f2:1d:34:99:79:55:01:5e:60:fb:6f:b7:85:22:a3:f1:d7:
64:58:fa:de:e9:62:ac:d3:4f:6c:df:1b:d6:35:be:99:ea:c9:
75:01:bf:b2:e7:27:c0:91:22:08:02:08:8a:ec:ef:68:74:5b:
a0:7d:8d:c1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYeWlaHPQZ02Iqoh4erm9CXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNDE4MjI1NjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDgxMjJmZTFmMDhlMDJlOGYxMDI2ZmI4YjdhZWM3MDViNTUyODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1x21rJZmymjQioaSaN75wT3UQQby
Zuo1rgc/PQa0soEBQSkN1nUzNkKsjQGqaEvTGOP6kMrv3R+lkf/aPuPLXkMtawr7
r9qNed2h+Pz0SqJe0wRRIGrtHIlm8PTZbMu/hbjGStyEMmvICmXcyIAMaOa0R66s
9Zo5vVqn3TkbYCig0bCa9Polh2xhIdsx9itNdzJ40/VGXAI3QKd64D1sZe6p/lGk
aJ1tGYR8Od7hJLC/o/yEDGEKDwp8tqn7K6fiVHJzVQhV473eXm35CbRs+zjPgYkn
poafBBy0KeBG2+8SEdECnQQ/zNOJ8E123FTVYZ+kTlvnFR1zNxojAoXiKQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHCBIv4fCOAujxAm+4t67HBbVSiDMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvY0lFaV9oOEk0QzZQRUNiN2kzcnNjRnRWS0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDBSPAAwQD
PnAAAwQEVOoQAwQAWSWAAwQAsN++AwQAvPBTAwQEwlhwMA0GCSqGSIb3DQEBCwUA
A4IBAQBNJH/7oowOmRnDQkK7RFMpzd1lzUX4mk5ZIiXcVrcS09cMNVSc3EFATj42
St5TpAfTuLBdim2nW3Mod/MaWpugtGdGZKKg0xI5+mrGJccZZzlmJpATHr5Z/CsB
bSPJvrnua+SSBmblJi0rsRvl7uqOj9eJOGmvDSh7Zfoc2Ii6RGboJ6R4Xp0LjeiU
Ij6XCHOmX8oJRiWqpHPocdlpELBhWZQkhW6t7NRE4KyshHFh0vsdP7HIGx+3pElH
Zmhv+TB7VEWyFLwU8h00mXlVAV5g+2+3hSKj8ddkWPre6WKs009s3xvWNb6Z6sl1
Ab+y5yfAkSIIAgiK7O9odFugfY3B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:49 2024 by rpki-client on console-ams.rpki-client.org