Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/05kQlma8GmM8KXfD3iKM0bj2DhU.roa
File: 05kQlma8GmM8KXfD3iKM0bj2DhU.roa (raw, json)
Hash identifier: u+/Q9451hUWOLPgkbb+tJ4gNfAJ6UaY0fM7F9o99hBE=
Subject key identifier: D3:99:10:96:66:BC:1A:63:3C:29:77:C3:DE:22:8C:D1:B8:F6:0E:15
Certificate issuer: /CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Certificate serial: 018A2A89F771DFA41CBEDA19E8C33B9594BE
Authority key identifier: 09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/05kQlma8GmM8KXfD3iKM0bj2DhU.roa
Signing time: Fri 25 Aug 2023 02:33:19 +0000
ROA not before: Fri 25 Aug 2023 02:33:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207709
IP address blocks: 195.85.216.0/24 maxlen: 24
185.242.162.0/24 maxlen: 24
185.242.161.0/24 maxlen: 24
185.242.160.0/24 maxlen: 24
185.242.163.0/24 maxlen: 24
2.56.152.0/24 maxlen: 24
2.56.155.0/24 maxlen: 24
2.56.154.0/24 maxlen: 24
2.56.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2a:89:f7:71:df:a4:1c:be:da:19:e8:c3:3b:95:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969a2a39635b797476f1f1633ae8f27bf33b533
Validity
Not Before: Aug 25 02:33:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d399109666bc1a633c2977c3de228cd1b8f60e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:fc:c2:f3:4c:90:8a:0e:6a:fd:dc:11:86:
e4:93:3f:73:c3:ce:e6:b8:ae:08:8d:10:b1:43:2b:
70:c4:d3:e8:48:40:84:f6:4e:2f:20:db:3f:9e:e2:
25:73:72:4f:91:15:f9:2a:42:52:97:cb:86:3c:93:
bf:9b:fc:ca:9e:6e:f4:f1:a1:c6:4f:2b:11:7b:9a:
f4:1d:5a:44:6f:85:cb:91:83:22:5a:c0:61:b3:47:
b2:83:7c:d7:8c:d8:e9:a2:c6:a0:ac:a9:5f:1f:7f:
eb:8e:5b:3c:bf:4b:b2:bc:5c:36:ac:21:f0:6c:9e:
df:97:44:53:18:73:43:45:10:72:f6:d4:0c:e0:02:
41:aa:a7:ce:14:35:b2:b2:56:b1:48:bf:75:63:8a:
61:41:33:b2:89:6b:61:8b:0c:19:69:25:2a:85:b5:
f1:d3:79:c7:4c:ce:d1:3f:5c:fb:0c:ed:59:14:af:
a1:ff:b3:0e:95:9d:2d:d8:8f:86:e0:b2:26:d9:0d:
ac:4b:43:c0:df:6c:7c:6b:56:7d:2f:97:40:e3:e8:
4b:27:c3:54:b1:8f:85:b6:73:ec:13:30:6e:fa:da:
b3:1d:db:72:15:91:da:26:91:83:0a:4b:00:7f:d7:
8d:63:ce:4c:50:5d:30:b1:1f:a6:1a:17:36:60:0a:
e7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:99:10:96:66:BC:1A:63:3C:29:77:C3:DE:22:8C:D1:B8:F6:0E:15
X509v3 Authority Key Identifier:
keyid:09:69:A2:A3:96:35:B7:97:47:6F:1F:16:33:AE:8F:27:BF:33:B5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWmio5Y1t5dHbx8WM66PJ78ztTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/05kQlma8GmM8KXfD3iKM0bj2DhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/6db427-f7dc-4ea9-ae95-41490872fc4e/1/CWmio5Y1t5dHbx8WM66PJ78ztTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.152.0/22
185.242.160.0/22
195.85.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:43:22:e6:ad:be:36:3f:eb:29:d9:9d:a8:ff:cf:02:d0:04:
87:4e:f2:4d:c2:ff:da:79:bc:0e:15:3a:f4:08:cf:08:bd:89:
2b:a1:22:d6:9d:27:cc:a3:f8:5a:14:85:17:95:e6:dd:e3:66:
ae:e0:7f:80:bd:be:0f:cb:1f:bd:4d:b9:4d:ea:23:85:9f:bc:
56:0d:c5:b1:17:b0:d0:d8:00:bd:bc:5d:a7:e2:70:4d:09:1e:
57:9e:07:7c:1a:35:01:5a:80:63:8f:ad:b1:d9:ff:21:e2:7d:
1d:0c:be:b0:13:86:13:d2:98:28:51:57:d7:19:66:af:68:e2:
ff:c2:71:08:ed:d3:b0:ab:99:19:cf:f8:6b:ed:e6:64:98:0b:
35:9d:45:29:39:4e:48:ab:fe:9f:d8:83:5b:c0:79:77:75:1f:
c1:c8:16:c0:58:31:7e:1f:de:71:6b:4a:18:f7:39:3a:8d:3a:
64:31:da:b9:18:9f:6b:93:30:23:27:78:d0:06:6e:56:a9:80:
1c:ea:98:b8:21:17:4f:2d:b6:ba:fd:6e:ea:f5:1a:5c:1a:04:
ca:3a:7c:0b:37:7f:d0:25:a4:9d:65:e4:51:1c:9b:1d:42:61:
0b:75:29:f9:44:64:91:8e:e3:90:69:9f:84:42:3d:5e:21:3e:
4b:17:d6:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoqifdx36QcvtoZ6MM7lZS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjlhMmEzOTYzNWI3OTc0NzZmMWYxNjMzYWU4ZjI3YmYz
M2I1MzMwHhcNMjMwODI1MDIzMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzk5MTA5NjY2YmMxYTYzM2MyOTc3YzNkZTIyOGNkMWI4ZjYwZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5T8wvNMkIoOav3cEYbkkz9zw87m
uK4IjRCxQytwxNPoSECE9k4vINs/nuIlc3JPkRX5KkJSl8uGPJO/m/zKnm708aHG
TysRe5r0HVpEb4XLkYMiWsBhs0eyg3zXjNjposagrKlfH3/rjls8v0uyvFw2rCHw
bJ7fl0RTGHNDRRBy9tQM4AJBqqfOFDWyslaxSL91Y4phQTOyiWthiwwZaSUqhbXx
03nHTM7RP1z7DO1ZFK+h/7MOlZ0t2I+G4LIm2Q2sS0PA32x8a1Z9L5dA4+hLJ8NU
sY+FtnPsEzBu+tqzHdtyFZHaJpGDCksAf9eNY85MUF0wsR+mGhc2YArn+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNOZEJZmvBpjPCl3w94ijNG49g4VMB8GA1UdIwQY
MBaAFAlpoqOWNbeXR28fFjOujye/M7UzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUt
NDE0OTA4NzJmYzRlLzEvMDVrUWxtYThHbU04S1hmRDNpS00wYmoyRGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC82ZGI0MjctZjdkYy00ZWE5LWFlOTUtNDE0OTA4NzJmYzRl
LzEvQ1dtaW81WTF0NWRIYng4V002NlBKNzh6dFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjiYAwQC
ufKgAwQAw1XYMA0GCSqGSIb3DQEBCwUAA4IBAQBrQyLmrb42P+sp2Z2o/88C0ASH
TvJNwv/aebwOFTr0CM8IvYkroSLWnSfMo/haFIUXlebd42au4H+Avb4Pyx+9TblN
6iOFn7xWDcWxF7DQ2AC9vF2n4nBNCR5Xngd8GjUBWoBjj62x2f8h4n0dDL6wE4YT
0pgoUVfXGWavaOL/wnEI7dOwq5kZz/hr7eZkmAs1nUUpOU5Iq/6f2INbwHl3dR/B
yBbAWDF+H95xa0oY9zk6jTpkMdq5GJ9rkzAjJ3jQBm5WqYAc6pi4IRdPLba6/W7q
9RpcGgTKOnwLN3/QJaSdZeRRHJsdQmELdSn5RGSRjuOQaZ+EQj1eIT5LF9Z5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:04 2024 by rpki-client on console-fra.rpki-client.org