Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/2TO0ht20aL8OPrXyPdBvCI7Ic6s.roa
File: 2TO0ht20aL8OPrXyPdBvCI7Ic6s.roa (raw, json)
Hash identifier: AS8H68O+xLm2QBV98/A/0ACoxFN3WoqQNVzbHC4EUnQ=
Subject key identifier: D9:33:B4:86:DD:B4:68:BF:0E:3E:B5:F2:3D:D0:6F:08:8E:C8:73:AB
Certificate issuer: /CN=36451a2ea40af1715e6313169468996aca71bb8a
Certificate serial: 018CC86EEBD3C00DEFC96A799244D99ECA43
Authority key identifier: 36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/2TO0ht20aL8OPrXyPdBvCI7Ic6s.roa
Signing time: Tue 02 Jan 2024 04:29:21 +0000
ROA not before: Tue 02 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31383
IP address blocks: 83.137.16.0/21 maxlen: 21
78.41.72.0/21 maxlen: 21
2001:4038::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 23 Jan 2024 23:35:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:eb:d3:c0:0d:ef:c9:6a:79:92:44:d9:9e:ca:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36451a2ea40af1715e6313169468996aca71bb8a
Validity
Not Before: Jan 2 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d933b486ddb468bf0e3eb5f23dd06f088ec873ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:af:fb:3c:57:6c:82:14:bb:16:6b:06:6c:60:
bf:e9:55:40:c9:7f:7b:35:80:94:a1:c3:92:da:51:
ea:2d:e5:97:ae:6a:1e:3f:7c:1f:5e:33:77:db:96:
62:89:e1:d2:31:5f:01:ce:fb:51:5f:3c:6a:a7:b8:
67:00:a7:e9:d5:87:65:2a:85:dd:de:aa:6d:e9:13:
33:b0:cb:83:6d:f9:74:33:f8:df:62:a2:d2:91:37:
8e:f0:9a:91:9c:dd:c0:d4:30:17:82:74:68:9a:9b:
a4:82:61:28:f8:62:f1:0f:93:86:5a:cd:28:57:29:
77:85:4c:e1:1e:e9:22:bf:77:dd:83:f0:84:cd:1e:
0d:c7:56:9f:85:a1:1b:a4:79:3e:4d:f3:d9:59:2a:
c8:b7:24:0c:6c:a2:dd:1c:2c:69:1f:2d:94:4a:4e:
1f:36:ca:28:93:17:37:83:58:5a:9f:1a:9a:bd:62:
f1:f0:3a:89:4c:64:2d:db:26:ef:da:8f:03:6d:d7:
b3:45:54:68:dc:dd:69:c4:0a:ce:07:4c:a7:fb:02:
9c:6a:e2:40:16:d4:c4:40:06:bd:a5:9e:2c:d1:b5:
25:1d:bc:3e:fb:ae:93:34:31:7b:ef:55:bb:45:c8:
fd:a2:af:06:e9:1f:d0:49:a8:91:cc:c9:c6:6c:d7:
40:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:33:B4:86:DD:B4:68:BF:0E:3E:B5:F2:3D:D0:6F:08:8E:C8:73:AB
X509v3 Authority Key Identifier:
keyid:36:45:1A:2E:A4:0A:F1:71:5E:63:13:16:94:68:99:6A:CA:71:BB:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NkUaLqQK8XFeYxMWlGiZaspxu4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/2TO0ht20aL8OPrXyPdBvCI7Ic6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8b3822-6eaa-43a2-9a32-be308c12f7bc/1/NkUaLqQK8XFeYxMWlGiZaspxu4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.72.0/21
83.137.16.0/21
IPv6:
2001:4038::/32
Signature Algorithm: sha256WithRSAEncryption
4a:26:c6:4c:e4:c2:d8:70:5d:a3:8e:3c:b8:43:bb:9c:30:7a:
cd:33:d3:b8:9f:3b:39:81:7c:c7:b6:8b:81:7f:f5:ee:31:56:
08:e9:df:14:b1:6f:22:90:d6:83:14:09:14:b6:4e:41:ad:01:
7c:34:81:a4:4f:c7:36:9f:19:ba:07:d2:82:7a:c0:f3:7e:c9:
1a:f0:8b:92:30:8f:16:5f:27:93:ef:89:d1:14:63:71:f8:bb:
a8:95:9b:5b:14:29:fa:f6:31:79:98:71:1a:87:73:fb:a4:d9:
00:06:e9:99:c2:75:21:78:e1:b9:ea:e2:4e:80:d6:56:20:57:
cf:35:37:31:58:95:96:a0:91:3b:4b:c3:2c:d8:d8:79:c9:4a:
f5:4f:79:9e:07:a6:b3:57:8b:84:f2:c7:34:10:c0:6d:0e:09:
5d:72:39:38:6c:88:c9:e8:f5:ee:57:f0:88:94:e2:3d:50:c1:
e7:ff:be:b2:30:12:b0:ca:9f:1d:11:80:0c:f8:92:44:5d:4b:
fa:1e:b4:8d:c1:55:bd:3d:e5:26:ca:c8:c3:5e:da:33:49:f4:
5d:4a:fd:b9:8b:78:4c:27:3f:bb:37:9e:68:9c:1b:67:a7:a0:
0a:27:d5:21:87:5b:c8:f4:eb:8f:b0:e9:f6:be:e3:9a:46:18:
a7:f1:e7:e1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIbuvTwA3vyWp5kkTZnspDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NDUxYTJlYTQwYWYxNzE1ZTYzMTMxNjk0Njg5OTZhY2E3
MWJiOGEwHhcNMjQwMTAyMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTMzYjQ4NmRkYjQ2OGJmMGUzZWI1ZjIzZGQwNmYwODhlYzg3M2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK/7PFdsghS7FmsGbGC/6VVAyX97
NYCUocOS2lHqLeWXrmoeP3wfXjN325ZiieHSMV8BzvtRXzxqp7hnAKfp1YdlKoXd
3qpt6RMzsMuDbfl0M/jfYqLSkTeO8JqRnN3A1DAXgnRompukgmEo+GLxD5OGWs0o
Vyl3hUzhHukiv3fdg/CEzR4Nx1afhaEbpHk+TfPZWSrItyQMbKLdHCxpHy2USk4f
Nsookxc3g1hanxqavWLx8DqJTGQt2ybv2o8DbdezRVRo3N1pxArOB0yn+wKcauJA
FtTEQAa9pZ4s0bUlHbw++66TNDF771W7Rcj9oq8G6R/QSaiRzMnGbNdANwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNkztIbdtGi/Dj618j3QbwiOyHOrMB8GA1UdIwQY
MBaAFDZFGi6kCvFxXmMTFpRomWrKcbuKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzIt
YmUzMDhjMTJmN2JjLzEvMlRPMGh0MjBhTDhPUHJYeVBkQnZDSTdJYzZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84YjM4MjItNmVhYS00M2EyLTlhMzItYmUzMDhjMTJmN2Jj
LzEvTmtVYUxxUUs4WEZlWXhNV2xHaVphc3B4dTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTilIAwQD
U4kQMA0EAgACMAcDBQAgAUA4MA0GCSqGSIb3DQEBCwUAA4IBAQBKJsZM5MLYcF2j
jjy4Q7ucMHrNM9O4nzs5gXzHtouBf/XuMVYI6d8UsW8ikNaDFAkUtk5BrQF8NIGk
T8c2nxm6B9KCesDzfska8IuSMI8WXyeT74nRFGNx+LuolZtbFCn69jF5mHEah3P7
pNkABumZwnUheOG56uJOgNZWIFfPNTcxWJWWoJE7S8Ms2Nh5yUr1T3meB6azV4uE
8sc0EMBtDgldcjk4bIjJ6PXuV/CIlOI9UMHn/76yMBKwyp8dEYAM+JJEXUv6HrSN
wVW9PeUmysjDXtozSfRdSv25i3hMJz+7N55onBtnp6AKJ9Uhh1vI9OuPsOn2vuOa
Rhin8efh
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:35 2024 by rpki-client on console.sobornost.net