Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/R2qORdc0OJH-JEublukQXenF9TQ.roa
File: R2qORdc0OJH-JEublukQXenF9TQ.roa (raw, json)
Hash identifier: VRa7M7Qo13xiSXuv0wWZ55ew0E0GNtQ2Fp20jVMpFRc=
Subject key identifier: 47:6A:8E:45:D7:34:38:91:FE:24:4B:9B:96:E9:10:5D:E9:C5:F5:34
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 018CC2DB13CC252C04CD7CCB7D9598559F9F
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/R2qORdc0OJH-JEublukQXenF9TQ.roa
Signing time: Mon 01 Jan 2024 02:29:46 +0000
ROA not before: Mon 01 Jan 2024 02:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12850
IP address blocks: 212.91.64.0/19 maxlen: 24
37.139.88.0/21 maxlen: 24
212.29.128.0/19 maxlen: 24
80.247.64.0/20 maxlen: 24
178.239.176.0/20 maxlen: 24
87.248.32.0/19 maxlen: 24
185.48.32.0/22 maxlen: 24
185.21.172.0/22 maxlen: 24
2001:4d38::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Feb 2024 10:47:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:13:cc:25:2c:04:cd:7c:cb:7d:95:98:55:9f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Jan 1 02:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=476a8e45d7343891fe244b9b96e9105de9c5f534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a6:2a:20:fc:5b:64:e6:ec:75:c5:bb:f9:6c:
d0:2f:08:d0:78:74:99:02:70:2b:84:53:6c:50:23:
5a:bd:0e:6f:9c:17:b1:27:c9:6a:b8:19:bf:64:c0:
06:49:8e:2a:de:bc:e8:ea:ae:2f:9e:70:c3:b3:a5:
cb:00:2d:be:75:af:e5:c5:66:5b:bc:86:c2:c6:39:
1d:b3:cb:bb:ad:77:67:b4:97:e0:29:db:49:29:3c:
4d:ff:53:a4:b4:af:66:d0:e8:73:e6:55:99:0c:c2:
1b:d5:3c:7d:3d:92:44:04:4b:ae:b5:a9:a3:36:1c:
ac:94:38:8a:7a:e9:7b:f7:5c:06:eb:39:a7:49:77:
2d:3d:3b:a0:60:96:c4:87:c2:e8:60:ca:b0:9d:27:
03:25:95:a7:cc:e0:80:32:a6:d3:66:c4:7e:fc:0b:
90:a8:6c:28:36:72:0a:05:95:b7:e8:ea:16:46:9c:
1f:b7:61:95:2b:75:4d:ea:e3:6c:dd:7d:ed:c5:3e:
a6:6c:10:7e:2f:0f:ae:20:a0:00:c4:89:b5:f6:07:
c1:4e:0d:e5:97:fe:03:24:b3:4f:b2:a9:c3:86:3f:
75:16:e7:00:84:5c:a0:cc:d2:97:f1:0f:ac:aa:39:
b4:88:a5:d6:52:d5:19:2d:3b:68:bb:9f:91:0e:eb:
b0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6A:8E:45:D7:34:38:91:FE:24:4B:9B:96:E9:10:5D:E9:C5:F5:34
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/R2qORdc0OJH-JEublukQXenF9TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.88.0/21
80.247.64.0/20
87.248.32.0/19
178.239.176.0/20
185.21.172.0/22
185.48.32.0/22
212.29.128.0/19
212.91.64.0/19
IPv6:
2001:4d38::/32
Signature Algorithm: sha256WithRSAEncryption
92:59:2e:b6:e7:01:4a:da:65:ef:c7:87:fa:40:12:03:fd:42:
07:72:d1:af:7f:e0:4d:8d:98:bb:fe:8b:f7:05:ca:24:5e:52:
7f:ac:38:e8:ce:7c:98:5e:7d:94:e3:54:b0:2c:b8:a8:89:a0:
9c:8b:7e:42:b3:b5:2d:e6:59:c7:24:34:60:3d:5e:91:7a:19:
61:c0:70:0b:4d:79:29:20:e9:a2:32:05:d5:2e:28:00:62:2e:
0f:03:a1:ac:34:4b:10:28:fa:9c:f6:ca:e3:f0:2d:2b:d5:2b:
32:ec:35:6e:26:d3:cf:7d:dc:73:18:9b:ea:c1:dd:9b:aa:c1:
9b:a6:fc:39:c8:8b:1a:8c:f3:87:1d:31:42:3f:27:7a:eb:c8:
62:ee:52:a8:61:6e:ce:6f:f1:30:99:4f:98:6d:8a:04:c7:08:
bf:01:d8:b3:8b:1a:1c:b2:f4:ad:c0:97:a3:9d:34:49:97:aa:
4b:27:e3:92:34:71:81:e8:30:a4:e3:bf:97:cf:1e:25:4d:14:
90:88:26:7f:e1:60:ea:82:85:2a:27:1f:45:b0:6c:ba:d1:ae:
a4:a1:1c:6d:4b:69:87:94:0a:3f:44:4c:57:8d:73:70:20:0a:
1d:88:f6:02:a0:ef:30:ed:7a:74:7f:76:ad:9f:92:58:46:9a:
19:e5:55:07
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzC2xPMJSwEzXzLfZWYVZ+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjQwMTAxMDIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzZhOGU0NWQ3MzQzODkxZmUyNDRiOWI5NmU5MTA1ZGU5YzVmNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6YqIPxbZObsdcW7+WzQLwjQeHSZ
AnArhFNsUCNavQ5vnBexJ8lquBm/ZMAGSY4q3rzo6q4vnnDDs6XLAC2+da/lxWZb
vIbCxjkds8u7rXdntJfgKdtJKTxN/1OktK9m0Ohz5lWZDMIb1Tx9PZJEBEuutamj
NhyslDiKeul791wG6zmnSXctPTugYJbEh8LoYMqwnScDJZWnzOCAMqbTZsR+/AuQ
qGwoNnIKBZW36OoWRpwft2GVK3VN6uNs3X3txT6mbBB+Lw+uIKAAxIm19gfBTg3l
l/4DJLNPsqnDhj91FucAhFygzNKX8Q+sqjm0iKXWUtUZLTtou5+RDuuwJwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEdqjkXXNDiR/iRLm5bpEF3pxfU0MB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvUjJxT1JkYzBPSkgtSkV1Ymx1a1FYZW5GOVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJYtYAwQE
UPdAAwQFV/ggAwQEsu+wAwQCuRWsAwQCuTAgAwQF1B2AAwQF1FtAMA0EAgACMAcD
BQAgAU04MA0GCSqGSIb3DQEBCwUAA4IBAQCSWS625wFK2mXvx4f6QBID/UIHctGv
f+BNjZi7/ov3BcokXlJ/rDjoznyYXn2U41SwLLioiaCci35Cs7Ut5lnHJDRgPV6R
ehlhwHALTXkpIOmiMgXVLigAYi4PA6GsNEsQKPqc9srj8C0r1Ssy7DVuJtPPfdxz
GJvqwd2bqsGbpvw5yIsajPOHHTFCPyd668hi7lKoYW7Ob/EwmU+YbYoExwi/Adiz
ixocsvStwJejnTRJl6pLJ+OSNHGB6DCk47+Xzx4lTRSQiCZ/4WDqgoUqJx9FsGy6
0a6koRxtS2mHlAo/RExXjXNwIAodiPYCoO8w7Xp0f3atn5JYRpoZ5VUH
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:34 2024 by rpki-client on console.sobornost.net