Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/A6LFd0m1UAJdEnSbUUA8H4gxhzM.roa
File: A6LFd0m1UAJdEnSbUUA8H4gxhzM.roa (raw, json)
Hash identifier: Mj6napgnNcaKVMZAnUj4ydWR2SlKmFGiOLGJnhngWxQ=
Subject key identifier: 03:A2:C5:77:49:B5:50:02:5D:12:74:9B:51:40:3C:1F:88:31:87:33
Certificate issuer: /CN=c3df2ef37007d54f86bba27573d33ad695c9ee5c
Certificate serial: 01856E38DF852DC2B57AF3616601862D4149
Authority key identifier: C3:DF:2E:F3:70:07:D5:4F:86:BB:A2:75:73:D3:3A:D6:95:C9:EE:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/A6LFd0m1UAJdEnSbUUA8H4gxhzM.roa
Signing time: Sun 01 Jan 2023 16:44:59 +0000
ROA not before: Sun 01 Jan 2023 16:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198187
IP address blocks: 193.42.241.0/24 maxlen: 24
193.42.242.0/24 maxlen: 24
193.42.242.0/23 maxlen: 23
193.42.243.0/24 maxlen: 24
185.174.112.0/23 maxlen: 23
185.174.112.0/22 maxlen: 22
185.174.112.0/24 maxlen: 24
185.174.115.0/24 maxlen: 24
185.174.113.0/24 maxlen: 24
185.174.114.0/24 maxlen: 24
185.174.114.0/23 maxlen: 23
91.232.62.0/24 maxlen: 24
91.232.62.0/23 maxlen: 23
91.232.63.0/24 maxlen: 24
176.100.192.0/21 maxlen: 21
176.100.192.0/23 maxlen: 23
176.100.192.0/22 maxlen: 22
176.100.198.0/23 maxlen: 23
176.100.196.0/23 maxlen: 23
176.100.196.0/22 maxlen: 22
176.100.194.0/23 maxlen: 23
91.231.23.0/24 maxlen: 24
195.170.190.0/24 maxlen: 24
193.42.240.0/24 maxlen: 24
193.42.240.0/22 maxlen: 22
193.42.240.0/23 maxlen: 23
195.182.10.0/24 maxlen: 24
195.182.15.0/24 maxlen: 24
195.182.19.0/24 maxlen: 24
2a0b:9d02:c000::/34 maxlen: 34
2a0b:9d02:8000::/34 maxlen: 34
2a0b:9d02:4000::/34 maxlen: 34
2a0b:9d02::/34 maxlen: 34
2a0b:9d02::/32 maxlen: 32
2a0b:9d02:8000::/33 maxlen: 33
2a0b:9d02::/33 maxlen: 33
2a0b:9d03:8000::/33 maxlen: 33
2a0b:9d03::/33 maxlen: 33
2a0b:9d03::/32 maxlen: 32
2a0b:9d03:c000::/34 maxlen: 34
2a0b:9d03:8000::/34 maxlen: 34
2a0b:9d03:4000::/34 maxlen: 34
2a0b:9d03::/34 maxlen: 34
2a0b:9d01:c000::/34 maxlen: 34
2a0b:9d01:8000::/34 maxlen: 34
2a0b:9d01:4000::/34 maxlen: 34
2a0b:9d01::/34 maxlen: 34
2a0b:9d01::/32 maxlen: 32
2a0b:9d01:8000::/33 maxlen: 33
2a0b:9d01::/33 maxlen: 33
2a0b:9d00:c000::/34 maxlen: 34
2a0b:9d00:8000::/34 maxlen: 34
2a0b:9d00:4000::/34 maxlen: 34
2a0b:9d00::/34 maxlen: 34
2a0b:9d00:8000::/33 maxlen: 33
2a0b:9d00::/33 maxlen: 33
2a0b:9d00::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:38:df:85:2d:c2:b5:7a:f3:61:66:01:86:2d:41:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3df2ef37007d54f86bba27573d33ad695c9ee5c
Validity
Not Before: Jan 1 16:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03a2c57749b550025d12749b51403c1f88318733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:88:e7:ae:95:c3:62:2b:cc:78:a3:86:b1:fc:
f2:c1:e1:e7:3a:12:6f:05:3a:39:7f:2b:1b:95:99:
a1:5b:50:88:36:8a:c8:bc:fb:00:92:fc:cf:d5:cc:
9b:85:25:01:a1:a4:79:46:d1:e6:9b:46:43:f7:c5:
ce:56:7b:79:92:90:6b:9f:9c:55:64:3a:66:b0:1b:
0c:1c:16:e1:35:22:82:01:61:73:66:43:b1:cd:7c:
0d:26:23:51:7c:7f:e2:6a:7f:82:5d:0c:a1:4d:d3:
d5:6e:e8:12:68:57:dd:e7:24:25:04:ef:5f:39:94:
7d:4d:af:2e:76:ad:ce:49:1b:13:48:c0:55:4c:6d:
bc:cc:f9:09:62:0c:94:91:e0:f8:a1:4f:03:bb:0e:
8b:ef:21:f5:98:34:09:6e:57:5a:d1:48:53:f7:44:
41:1c:92:4e:4a:e9:15:40:98:51:5d:73:60:9f:34:
47:35:43:5a:ca:9e:4f:4c:3f:7e:6e:7a:38:98:bc:
97:3d:82:5e:f9:40:59:a5:b4:34:56:e0:4c:b9:ae:
3c:ce:a5:a8:8c:24:68:4d:91:94:d0:55:4b:67:75:
fc:be:60:ee:e3:7a:c0:53:87:5e:f2:34:40:d1:44:
ba:9e:c8:2c:88:05:4d:a4:cd:8f:cb:1a:d8:52:a4:
c6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A2:C5:77:49:B5:50:02:5D:12:74:9B:51:40:3C:1F:88:31:87:33
X509v3 Authority Key Identifier:
keyid:C3:DF:2E:F3:70:07:D5:4F:86:BB:A2:75:73:D3:3A:D6:95:C9:EE:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w98u83AH1U-Gu6J1c9M61pXJ7lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/A6LFd0m1UAJdEnSbUUA8H4gxhzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/9a97f0-50b6-4844-89d4-23a276a428ab/1/w98u83AH1U-Gu6J1c9M61pXJ7lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.23.0/24
91.232.62.0/23
176.100.192.0/21
185.174.112.0/22
193.42.240.0/22
195.170.190.0/24
195.182.10.0/24
195.182.15.0/24
195.182.19.0/24
IPv6:
2a0b:9d00::/30
Signature Algorithm: sha256WithRSAEncryption
60:2c:e8:be:d1:ba:a9:d3:7d:4b:cf:d2:2f:eb:5a:cd:ed:e8:
73:f9:d9:83:9e:ad:5a:06:5d:a6:59:4a:b6:8c:ab:1b:a8:fa:
96:32:c4:e0:5d:47:e2:65:38:1f:c2:c6:79:18:23:17:73:ee:
1f:5f:58:f0:73:a2:19:55:ee:19:db:63:44:d6:92:13:fc:f3:
04:05:e2:91:c2:91:87:da:9c:f0:17:e2:22:4a:30:b4:71:09:
f0:b1:c1:97:6b:fd:d6:ea:51:81:48:fd:32:cd:ff:19:ca:d9:
29:0b:24:31:26:00:91:60:82:2d:39:05:59:5f:37:0a:7f:5d:
91:5a:b8:1a:26:71:3c:92:57:c5:0c:57:d4:e4:64:f0:f5:81:
92:8c:fa:b9:0b:c6:45:70:bf:0c:09:1e:cb:e9:8f:b9:26:db:
83:45:23:8c:a6:a5:01:59:34:06:b0:b4:ac:47:fa:02:4f:96:
c3:ec:69:5c:82:4a:9f:86:27:22:e7:f1:a3:f0:b6:8c:9e:c4:
4d:cf:3b:9f:95:06:48:0a:8f:7b:20:ec:78:cc:90:fb:33:5a:
7b:73:88:22:1e:2c:6a:95:46:ac:6d:37:5a:89:4d:f9:c0:d5:
e6:f7:a4:50:c7:ac:5f:e0:23:79:89:ca:70:ba:3f:2b:a7:ba:
ae:c1:99:38
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVuON+FLcK1evNhZgGGLUFJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZGYyZWYzNzAwN2Q1NGY4NmJiYTI3NTczZDMzYWQ2OTVj
OWVlNWMwHhcNMjMwMTAxMTY0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2EyYzU3NzQ5YjU1MDAyNWQxMjc0OWI1MTQwM2MxZjg4MzE4NzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIjnrpXDYivMeKOGsfzyweHnOhJv
BTo5fysblZmhW1CINorIvPsAkvzP1cybhSUBoaR5RtHmm0ZD98XOVnt5kpBrn5xV
ZDpmsBsMHBbhNSKCAWFzZkOxzXwNJiNRfH/ian+CXQyhTdPVbugSaFfd5yQlBO9f
OZR9Ta8udq3OSRsTSMBVTG28zPkJYgyUkeD4oU8Duw6L7yH1mDQJblda0UhT90RB
HJJOSukVQJhRXXNgnzRHNUNayp5PTD9+bno4mLyXPYJe+UBZpbQ0VuBMua48zqWo
jCRoTZGU0FVLZ3X8vmDu43rAU4de8jRA0US6nsgsiAVNpM2PyxrYUqTGsQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAOixXdJtVACXRJ0m1FAPB+IMYczMB8GA1UdIwQY
MBaAFMPfLvNwB9VPhruidXPTOtaVye5cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzk4dTgzQUgxVS1HdTZKMWM5TTYxcFhKN2x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85YTk3ZjAtNTBiNi00ODQ0LTg5ZDQt
MjNhMjc2YTQyOGFiLzEvQTZMRmQwbTFVQUpkRW5TYlVVQThINGd4aHpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85YTk3ZjAtNTBiNi00ODQ0LTg5ZDQtMjNhMjc2YTQyOGFi
LzEvdzk4dTgzQUgxVS1HdTZKMWM5TTYxcFhKN2x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAW+cXAwQB
W+g+AwQDsGTAAwQCua5wAwQCwSrwAwQAw6q+AwQAw7YKAwQAw7YPAwQAw7YTMA0E
AgACMAcDBQIqC50AMA0GCSqGSIb3DQEBCwUAA4IBAQBgLOi+0bqp031Lz9Iv61rN
7ehz+dmDnq1aBl2mWUq2jKsbqPqWMsTgXUfiZTgfwsZ5GCMXc+4fX1jwc6IZVe4Z
22NE1pIT/PMEBeKRwpGH2pzwF+IiSjC0cQnwscGXa/3W6lGBSP0yzf8ZytkpCyQx
JgCRYIItOQVZXzcKf12RWrgaJnE8klfFDFfU5GTw9YGSjPq5C8ZFcL8MCR7L6Y+5
JtuDRSOMpqUBWTQGsLSsR/oCT5bD7Glcgkqfhici5/Gj8LaMnsRNzzuflQZICo97
IOx4zJD7M1p7c4giHixqlUasbTdaiU35wNXm96RQx6xf4CN5icpwuj8rp7quwZk4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:50 2024 by rpki-client on console-fra.rpki-client.org