Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/23EPsUuZrQ6kRlD2V786fIepoTE.roa
File: 23EPsUuZrQ6kRlD2V786fIepoTE.roa (raw, json)
Hash identifier: oON8ozZV+yH1P03n5t1yfgJB/t2OZ2WZqHDc5x7hZDI=
Subject key identifier: DB:71:0F:B1:4B:99:AD:0E:A4:46:50:F6:57:BF:3A:7C:87:A9:A1:31
Certificate issuer: /CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Certificate serial: 01856F1DB247EE673A38441765744DA20D91
Authority key identifier: C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/23EPsUuZrQ6kRlD2V786fIepoTE.roa
Signing time: Sun 01 Jan 2023 20:54:55 +0000
ROA not before: Sun 01 Jan 2023 20:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62336
IP address blocks: 91.198.32.0/24 maxlen: 24
37.228.144.0/22 maxlen: 22
5.63.32.0/19 maxlen: 20
91.200.108.0/22 maxlen: 22
91.211.8.0/22 maxlen: 22
91.191.176.0/22 maxlen: 22
195.230.108.0/24 maxlen: 24
185.39.84.0/22 maxlen: 22
2a01:41e1::/32 maxlen: 32
2a01:41e0::/32 maxlen: 32
2a01:41e3::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:b2:47:ee:67:3a:38:44:17:65:74:4d:a2:0d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c1fdbaf9ac0e5adeec60a0923c4dd4a01e92dc
Validity
Not Before: Jan 1 20:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db710fb14b99ad0ea44650f657bf3a7c87a9a131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:99:87:87:4e:fb:a8:9a:a7:bb:07:da:1f:0a:
5a:21:70:47:09:26:e0:a9:dc:a6:83:ae:92:79:88:
3f:56:d7:aa:2b:9f:aa:8a:c1:2a:00:be:c1:04:d6:
e7:a0:6f:07:92:4b:28:a8:09:90:bc:4e:4b:1e:49:
11:30:09:2e:6f:0b:a8:f5:64:53:a2:2a:c4:7d:4c:
cc:35:c5:58:5d:6c:43:fd:c3:6a:da:33:7c:49:32:
24:f7:5b:0e:43:08:d9:0a:6e:e7:9e:41:e8:5c:8a:
49:9c:9d:b6:1a:70:44:09:a3:28:92:e9:a4:d4:ef:
bc:5d:18:2e:d3:76:11:64:5a:42:8b:10:b6:2c:da:
ef:92:44:be:51:3f:53:e7:a9:3d:8d:6b:c3:5b:c1:
d4:68:cb:2a:27:4c:a4:70:7b:35:f7:a2:4d:e1:01:
43:93:a2:66:65:5f:9a:80:5d:29:64:35:e8:be:89:
8e:e4:51:43:2c:55:c2:a5:84:f7:ac:e9:ea:ba:bb:
36:b5:75:74:81:cc:10:0a:c1:9f:64:3c:e4:51:e8:
3b:f5:f5:4f:71:4f:bb:1b:72:ec:eb:30:a5:a1:fd:
da:ba:32:b4:cb:b0:07:53:64:f7:c5:63:7e:76:c8:
c2:b3:97:0c:2e:f9:69:64:d8:62:dc:ca:6b:b1:e7:
2d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:71:0F:B1:4B:99:AD:0E:A4:46:50:F6:57:BF:3A:7C:87:A9:A1:31
X509v3 Authority Key Identifier:
keyid:C7:C1:FD:BA:F9:AC:0E:5A:DE:EC:60:A0:92:3C:4D:D4:A0:1E:92:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8H9uvmsDlre7GCgkjxN1KAektw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/23EPsUuZrQ6kRlD2V786fIepoTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/6a272b-8b6f-4fe3-8f29-f0029816097e/1/x8H9uvmsDlre7GCgkjxN1KAektw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.32.0/19
37.228.144.0/22
91.191.176.0/22
91.198.32.0/24
91.200.108.0/22
91.211.8.0/22
185.39.84.0/22
195.230.108.0/24
IPv6:
2a01:41e0::/31
2a01:41e3::/32
Signature Algorithm: sha256WithRSAEncryption
57:72:60:a0:81:5c:ed:85:ac:98:f6:41:ac:88:37:aa:34:c3:
29:b4:c6:4b:0d:27:43:63:66:f0:a0:72:7a:a2:81:1e:43:93:
0e:93:e1:f8:9f:70:8f:82:9a:6e:0c:41:d7:c8:5d:f7:ae:49:
96:d1:fc:f5:1c:57:e3:62:d8:e7:62:bc:bf:91:4d:d7:49:c7:
30:4f:75:53:49:de:26:40:3d:da:c0:43:ea:da:44:86:79:c9:
9b:96:e5:8a:d0:4c:6c:72:68:c0:de:b8:46:64:fe:34:d6:05:
28:d7:30:2e:a0:05:87:d3:ce:8c:9d:92:cc:64:b2:7d:79:09:
47:bc:1e:3d:31:8e:71:72:f8:9a:6d:ad:cc:08:68:ca:d6:ff:
9c:d9:3c:59:7e:e3:f5:fb:11:ef:95:fd:be:6f:56:fb:f5:f7:
bb:ec:40:ee:53:95:64:45:e1:c6:4a:f5:c3:9e:6f:03:42:20:
fa:64:04:33:92:b4:6e:9e:b5:82:7c:df:85:9b:3f:9c:23:63:
0c:16:55:9c:89:9f:36:2f:a4:fb:5b:ec:50:28:35:21:31:84:
d2:03:d4:d1:dc:da:77:d5:b8:89:4b:e8:e6:d1:d3:06:24:c2:
b7:b9:78:e5:df:75:89:47:36:94:80:b7:37:79:6c:f3:fb:c3:
80:c0:11:f8
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVvHbJH7mc6OEQXZXRNog2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzFmZGJhZjlhYzBlNWFkZWVjNjBhMDkyM2M0ZGQ0YTAx
ZTkyZGMwHhcNMjMwMTAxMjA1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjcxMGZiMTRiOTlhZDBlYTQ0NjUwZjY1N2JmM2E3Yzg3YTlhMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpmHh077qJqnuwfaHwpaIXBHCSbg
qdymg66SeYg/VteqK5+qisEqAL7BBNbnoG8HkksoqAmQvE5LHkkRMAkubwuo9WRT
oirEfUzMNcVYXWxD/cNq2jN8STIk91sOQwjZCm7nnkHoXIpJnJ22GnBECaMokumk
1O+8XRgu03YRZFpCixC2LNrvkkS+UT9T56k9jWvDW8HUaMsqJ0ykcHs196JN4QFD
k6JmZV+agF0pZDXovomO5FFDLFXCpYT3rOnqurs2tXV0gcwQCsGfZDzkUeg79fVP
cU+7G3Ls6zClof3aujK0y7AHU2T3xWN+dsjCs5cMLvlpZNhi3MprsectUQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFNtxD7FLma0OpEZQ9le/OnyHqaExMB8GA1UdIwQY
MBaAFMfB/br5rA5a3uxgoJI8TdSgHpLcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhIOXV2bXNEbHJlN0dDZ2tqeE4xS0Fla3R3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi82YTI3MmItOGI2Zi00ZmUzLThmMjkt
ZjAwMjk4MTYwOTdlLzEvMjNFUHNVdVpyUTZrUmxEMlY3ODZmSWVwb1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi82YTI3MmItOGI2Zi00ZmUzLThmMjktZjAwMjk4MTYwOTdl
LzEveDhIOXV2bXNEbHJlN0dDZ2tqeE4xS0Fla3R3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQFBT8gAwQC
JeSQAwQCW7+wAwQAW8YgAwQCW8hsAwQCW9MIAwQCuSdUAwQAw+ZsMBQEAgACMA4D
BQEqAUHgAwUAKgFB4zANBgkqhkiG9w0BAQsFAAOCAQEAV3JgoIFc7YWsmPZBrIg3
qjTDKbTGSw0nQ2Nm8KByeqKBHkOTDpPh+J9wj4KabgxB18hd965JltH89RxX42LY
52K8v5FN10nHME91U0neJkA92sBD6tpEhnnJm5blitBMbHJowN64RmT+NNYFKNcw
LqAFh9POjJ2SzGSyfXkJR7wePTGOcXL4mm2tzAhoytb/nNk8WX7j9fsR75X9vm9W
+/X3u+xA7lOVZEXhxkr1w55vA0Ig+mQEM5K0bp61gnzfhZs/nCNjDBZVnImfNi+k
+1vsUCg1ITGE0gPU0dzad9W4iUvo5tHTBiTCt7l45d91iUc2lIC3N3ls8/vDgMAR
+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:52 2024 by rpki-client on console-ams.rpki-client.org