Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/AOkzT524-GWPkieluXPVLhJRysI.roa
File: AOkzT524-GWPkieluXPVLhJRysI.roa (raw, json)
Hash identifier: GShlS0OVfQ6EkDkOdeflC85bZ5h2h5Jh9iHS74yfCjo=
Subject key identifier: 00:E9:33:4F:9D:B8:F8:65:8F:92:27:A5:B9:73:D5:2E:12:51:CA:C2
Certificate issuer: /CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Certificate serial: 0185F3608A59089EE4FBC04B774667B256F0
Authority key identifier: C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/AOkzT524-GWPkieluXPVLhJRysI.roa
Signing time: Fri 27 Jan 2023 13:17:48 +0000
ROA not before: Fri 27 Jan 2023 13:17:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202125
IP address blocks: 188.119.104.0/22 maxlen: 24
185.50.204.0/23 maxlen: 23
185.50.206.0/23 maxlen: 24
193.43.74.0/24 maxlen: 24
45.13.10.0/24 maxlen: 24
45.13.9.0/24 maxlen: 24
185.247.166.0/24 maxlen: 24
185.247.165.0/24 maxlen: 24
185.247.164.0/24 maxlen: 24
185.247.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Apr 2023 12:07:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:60:8a:59:08:9e:e4:fb:c0:4b:77:46:67:b2:56:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3b0d535eebcf28e60ac98ae495b34981b5a93ec
Validity
Not Before: Jan 27 13:17:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00e9334f9db8f8658f9227a5b973d52e1251cac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c5:f3:8c:cb:e7:0e:44:fc:85:a1:ff:ec:05:
dd:e2:61:55:07:63:3f:43:1a:c5:7c:64:00:55:ad:
25:aa:60:d6:3c:7c:bc:5b:ca:b7:ad:85:95:ce:23:
52:57:13:a2:aa:4c:e9:a3:db:0b:e0:c4:bd:92:3d:
e8:ed:75:d5:60:9c:f7:37:1c:79:05:7f:8b:da:70:
a5:fd:c1:93:95:f2:54:43:9c:29:28:fa:23:d1:77:
23:67:8c:db:f6:08:80:84:fe:a5:76:0d:23:39:ca:
ba:10:a8:75:8f:23:8a:fc:df:a5:1e:72:8d:8b:27:
e8:ab:bb:79:97:ee:b3:2b:5b:a3:f3:de:64:c1:ef:
79:41:0a:6d:9f:69:e4:bf:f8:7b:9f:3f:dc:05:22:
54:0f:cd:65:fb:39:22:2d:c6:b2:54:9c:df:96:80:
50:db:bb:90:88:9a:0a:ff:66:a3:49:e5:21:5c:80:
4d:92:d3:c8:81:48:a5:98:0f:18:e8:15:9d:05:24:
46:bf:03:71:a4:d9:57:92:c0:e4:a1:9d:69:1b:1e:
4c:8c:07:36:45:61:ff:16:ca:cf:1a:2c:0b:df:fd:
34:2c:9f:5f:99:a8:58:ff:46:27:91:86:fb:94:b3:
16:de:30:6a:5e:98:eb:50:6e:7e:c4:8c:ef:81:9b:
f5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E9:33:4F:9D:B8:F8:65:8F:92:27:A5:B9:73:D5:2E:12:51:CA:C2
X509v3 Authority Key Identifier:
keyid:C3:B0:D5:35:EE:BC:F2:8E:60:AC:98:AE:49:5B:34:98:1B:5A:93:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w7DVNe688o5grJiuSVs0mBtak-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/AOkzT524-GWPkieluXPVLhJRysI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/551e92-992d-41da-986b-9519693eaa7b/1/w7DVNe688o5grJiuSVs0mBtak-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.9.0-45.13.10.255
185.50.204.0/22
185.247.164.0/22
188.119.104.0/22
193.43.74.0/24
Signature Algorithm: sha256WithRSAEncryption
00:b5:b4:88:9b:11:04:29:83:cb:53:11:b3:14:a9:62:8f:6a:
d8:78:ca:ea:dc:c4:5d:4f:f0:8e:fe:26:b7:cc:3a:0c:8b:ed:
0c:ff:e7:48:84:0f:87:4a:e4:7d:f9:2c:cd:ce:de:5c:a4:ab:
68:98:66:6b:7f:1f:b8:10:1b:2c:72:a1:16:d1:9e:da:ae:bf:
8d:16:b6:71:69:88:be:40:e8:a8:65:45:c1:a9:11:32:c6:eb:
7d:d2:85:b5:bd:50:56:f6:8b:bf:f7:8a:56:a5:88:34:ab:21:
18:f7:55:e8:95:85:cf:20:b2:1e:d9:eb:ae:9d:fd:c2:f6:ac:
4b:8c:f9:50:09:17:67:f1:8f:b4:49:37:b0:c8:bd:ed:9c:7d:
ba:d9:20:e0:1b:89:fd:dd:44:17:20:e7:38:fe:6b:45:1a:4b:
11:a7:06:69:29:09:c5:58:98:f7:09:30:3c:d1:ec:af:ae:ae:
ba:5d:f2:46:dd:d9:5e:8c:89:ff:b6:01:42:be:83:19:14:ba:
95:b8:b1:dc:92:00:f7:ba:d3:2b:b2:c9:65:5f:aa:a0:b5:bf:
39:17:23:d2:f2:ea:0b:18:3f:85:c8:79:b2:12:ef:eb:cd:c9:
8b:5d:02:61:05:44:36:db:23:d1:c8:d5:31:6b:10:21:03:ab:
0b:76:00:cd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXzYIpZCJ7k+8BLd0ZnslbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYjBkNTM1ZWViY2YyOGU2MGFjOThhZTQ5NWIzNDk4MWI1
YTkzZWMwHhcNMjMwMTI3MTMxNzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGU5MzM0ZjlkYjhmODY1OGY5MjI3YTViOTczZDUyZTEyNTFjYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcXzjMvnDkT8haH/7AXd4mFVB2M/
QxrFfGQAVa0lqmDWPHy8W8q3rYWVziNSVxOiqkzpo9sL4MS9kj3o7XXVYJz3Nxx5
BX+L2nCl/cGTlfJUQ5wpKPoj0XcjZ4zb9giAhP6ldg0jOcq6EKh1jyOK/N+lHnKN
iyfoq7t5l+6zK1uj895kwe95QQptn2nkv/h7nz/cBSJUD81l+zkiLcayVJzfloBQ
27uQiJoK/2ajSeUhXIBNktPIgUilmA8Y6BWdBSRGvwNxpNlXksDkoZ1pGx5MjAc2
RWH/FsrPGiwL3/00LJ9fmahY/0YnkYb7lLMW3jBqXpjrUG5+xIzvgZv1zwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFADpM0+duPhlj5Inpblz1S4SUcrCMB8GA1UdIwQY
MBaAFMOw1TXuvPKOYKyYrklbNJgbWpPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmIt
OTUxOTY5M2VhYTdiLzEvQU9relQ1MjQtR1dQa2llbHVYUFZMaEpSeXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NTFlOTItOTkyZC00MWRhLTk4NmItOTUxOTY5M2VhYTdi
LzEvdzdEVk5lNjg4bzVnckppdVNWczBtQnRhay13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAtDQkD
BAAtDQoDBAK5MswDBAK596QDBAK8d2gDBADBK0owDQYJKoZIhvcNAQELBQADggEB
AAC1tIibEQQpg8tTEbMUqWKPath4yurcxF1P8I7+JrfMOgyL7Qz/50iED4dK5H35
LM3O3lykq2iYZmt/H7gQGyxyoRbRntquv40WtnFpiL5A6KhlRcGpETLG633ShbW9
UFb2i7/3ilaliDSrIRj3VeiVhc8gsh7Z666d/cL2rEuM+VAJF2fxj7RJN7DIve2c
fbrZIOAbif3dRBcg5zj+a0UaSxGnBmkpCcVYmPcJMDzR7K+urrpd8kbd2V6Mif+2
AUK+gxkUupW4sdySAPe60yuyyWVfqqC1vzkXI9Ly6gsYP4XIebIS7+vNyYtdAmEF
RDbbI9HI1TFrECEDqwt2AM0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:54 2024 by rpki-client on console-ams.rpki-client.org