Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/c2IHJDUlZWT0dLOmD7Rd_sbL9TE.roa
File: c2IHJDUlZWT0dLOmD7Rd_sbL9TE.roa (raw, json)
Hash identifier: qOkqfgkm3a5S8UUcUUPNlbIyGA3ZdJiK6lZ6ENU7uaU=
Subject key identifier: 73:62:07:24:35:25:65:64:F4:74:B3:A6:0F:B4:5D:FE:C6:CB:F5:31
Certificate issuer: /CN=f9503c075a690556bd462122b24699e1b6b19278
Certificate serial: 0186A494A06B589D19B1079B2EA9AA504435
Authority key identifier: F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/c2IHJDUlZWT0dLOmD7Rd_sbL9TE.roa
Signing time: Thu 02 Mar 2023 23:07:29 +0000
ROA not before: Thu 02 Mar 2023 23:07:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60350
IP address blocks: 195.189.178.0/23 maxlen: 24
185.45.180.0/22 maxlen: 24
193.161.254.0/23 maxlen: 24
193.105.151.0/24 maxlen: 24
91.221.146.0/23 maxlen: 24
193.164.2.0/24 maxlen: 24
193.164.2.0/23 maxlen: 23
193.148.6.0/23 maxlen: 24
185.183.112.0/22 maxlen: 22
185.183.112.0/24 maxlen: 24
185.183.113.0/24 maxlen: 24
45.137.178.0/23 maxlen: 23
45.137.176.0/23 maxlen: 23
45.137.176.0/22 maxlen: 22
2a0b:c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 03 Mar 2023 06:52:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a4:94:a0:6b:58:9d:19:b1:07:9b:2e:a9:aa:50:44:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9503c075a690556bd462122b24699e1b6b19278
Validity
Not Before: Mar 2 23:07:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7362072435256564f474b3a60fb45dfec6cbf531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a9:c5:ec:4e:9f:04:09:e8:55:50:f1:d0:ff:
aa:56:35:11:90:80:f0:37:56:31:a1:90:ca:6e:b3:
bf:5b:ad:d7:64:76:04:a4:2c:f7:cb:ea:bd:1a:69:
31:7f:f0:e6:dd:92:d4:ba:6f:24:90:d4:c9:07:ed:
de:02:c0:08:ab:ba:3c:c3:af:f2:ad:d2:da:5c:d2:
c4:2b:80:50:43:51:c1:ba:fb:39:09:88:22:72:ac:
d3:1c:59:9b:2d:9d:1a:aa:8a:ff:e5:88:61:c5:9f:
9c:63:d7:be:82:a6:b6:1e:31:14:ba:d1:9f:4f:5c:
94:ce:75:68:5b:9b:bc:a8:30:b0:14:9c:d9:96:8e:
c6:f7:a1:a8:c9:91:65:b7:78:8b:4b:72:30:af:25:
b8:24:a0:e8:95:b7:3c:0a:78:27:c8:c0:5c:06:df:
3c:3d:08:f0:56:68:80:90:db:b5:d3:26:fa:48:3c:
fa:41:a8:e1:51:47:b7:e9:db:d9:42:54:4c:42:1b:
87:ea:e3:b6:a4:5b:fa:f0:06:77:d9:0c:af:d9:7a:
5c:7c:3e:57:c6:2c:78:b3:45:43:f5:9d:8f:d5:48:
04:c6:39:a4:1a:a0:fc:bb:7a:5a:e8:49:33:5d:16:
26:92:7e:54:e2:24:b6:11:e7:31:5f:c3:9d:f9:43:
c6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:62:07:24:35:25:65:64:F4:74:B3:A6:0F:B4:5D:FE:C6:CB:F5:31
X509v3 Authority Key Identifier:
keyid:F9:50:3C:07:5A:69:05:56:BD:46:21:22:B2:46:99:E1:B6:B1:92:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-VA8B1ppBVa9RiEiskaZ4baxkng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/c2IHJDUlZWT0dLOmD7Rd_sbL9TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4fa4b4-7c96-4eb7-9940-3f2316b553f5/1/1-VA8B1ppBVa9RiEiskaZ4baxkng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.176.0/22
91.221.146.0/23
185.45.180.0/22
185.183.112.0/22
193.105.151.0/24
193.148.6.0/23
193.161.254.0/23
193.164.2.0/23
195.189.178.0/23
IPv6:
2a0b:c80::/29
Signature Algorithm: sha256WithRSAEncryption
ad:56:c2:ce:1e:67:56:93:a6:91:a7:9d:bd:2c:b5:e0:e6:3c:
e8:45:a7:9c:6b:aa:1e:ff:0f:fa:6e:a5:de:66:13:29:b3:92:
19:3e:cc:6a:89:ef:f4:f5:b0:d9:f7:d9:0d:e7:44:23:8c:55:
e1:d9:7c:a3:a0:2d:72:dd:a1:42:1b:75:a5:0e:58:ee:e6:4e:
fb:86:6f:0f:52:fb:aa:d1:d9:5b:d5:ca:30:cf:29:95:fb:b3:
02:1c:7e:53:e9:e3:07:65:b7:a7:a2:32:05:34:d1:43:a8:77:
17:95:13:f9:94:24:20:73:dc:0d:83:34:5d:0b:4b:4f:2d:51:
7b:fb:fd:e9:f3:73:0f:4e:ad:20:73:b6:3e:66:1c:aa:e7:1e:
61:89:d8:51:53:20:6a:c4:97:a5:99:ba:c1:35:e0:e4:9e:f7:
b6:53:07:21:6d:5a:6f:2b:7c:e8:0f:49:6d:ec:7d:41:9d:10:
e8:dc:4e:38:b8:93:4e:3a:37:c9:4c:16:20:bf:3e:02:8c:37:
76:07:16:43:07:a9:82:21:b6:86:8e:a9:18:fd:19:19:32:3d:
1d:f7:43:cd:b0:b3:e8:7b:07:34:69:96:07:eb:d5:55:95:27:
04:4d:1b:cd:f6:d6:84:2c:45:92:39:5e:99:6c:ae:39:6b:a8:
2e:50:ae:dc
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYaklKBrWJ0ZsQebLqmqUEQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTAzYzA3NWE2OTA1NTZiZDQ2MjEyMmIyNDY5OWUxYjZi
MTkyNzgwHhcNMjMwMzAyMjMwNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzYyMDcyNDM1MjU2NTY0ZjQ3NGIzYTYwZmI0NWRmZWM2Y2JmNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qnF7E6fBAnoVVDx0P+qVjURkIDw
N1YxoZDKbrO/W63XZHYEpCz3y+q9Gmkxf/Dm3ZLUum8kkNTJB+3eAsAIq7o8w6/y
rdLaXNLEK4BQQ1HBuvs5CYgicqzTHFmbLZ0aqor/5YhhxZ+cY9e+gqa2HjEUutGf
T1yUznVoW5u8qDCwFJzZlo7G96GoyZFlt3iLS3IwryW4JKDolbc8CngnyMBcBt88
PQjwVmiAkNu10yb6SDz6QajhUUe36dvZQlRMQhuH6uO2pFv68AZ32Qyv2XpcfD5X
xix4s0VD9Z2P1UgExjmkGqD8u3pa6EkzXRYmkn5U4iS2EecxX8Od+UPGpQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHNiByQ1JWVk9HSzpg+0Xf7Gy/UxMB8GA1UdIwQY
MBaAFPlQPAdaaQVWvUYhIrJGmeG2sZJ4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WQThCMXBwQlZhOVJpRWlza2FaNGJheGtuZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQw
LTNmMjMxNmI1NTNmNS8xL2MySUhKRFVsWldUMGRMT21EN1JkX3NiTDlURS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzUvNGZhNGI0LTdjOTYtNGViNy05OTQwLTNmMjMxNmI1NTNm
NS8xLzEtVkE4QjFwcEJWYTlSaUVpc2thWjRiYXhrbmcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwXgYIKwYBBQUHAQcBAf8ETzBNMDwEAgABMDYDBAItibAD
BAFb3ZIDBAK5LbQDBAK5t3ADBADBaZcDBAHBlAYDBAHBof4DBAHBpAIDBAHDvbIw
DQQCAAIwBwMFAyoLDIAwDQYJKoZIhvcNAQELBQADggEBAK1Wws4eZ1aTppGnnb0s
teDmPOhFp5xrqh7/D/pupd5mEymzkhk+zGqJ7/T1sNn32Q3nRCOMVeHZfKOgLXLd
oUIbdaUOWO7mTvuGbw9S+6rR2VvVyjDPKZX7swIcflPp4wdlt6eiMgU00UOodxeV
E/mUJCBz3A2DNF0LS08tUXv7/enzcw9OrSBztj5mHKrnHmGJ2FFTIGrEl6WZusE1
4OSe97ZTByFtWm8rfOgPSW3sfUGdEOjcTji4k046N8lMFiC/PgKMN3YHFkMHqYIh
toaOqRj9GRkyPR33Q82ws+h7BzRplgfr1VWVJwRNG8321oQsRZI5XplsrjlrqC5Q
rtw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:12 2024 by rpki-client on console-fra.rpki-client.org