Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/Azm0nsQjz0xiAI4bFw0yZ8dEZ88.roa
File: Azm0nsQjz0xiAI4bFw0yZ8dEZ88.roa (raw, json)
Hash identifier: kDVs8jna8tkjohSYUiotSXMsV1eLGjZh7D2dwdae+6Y=
Subject key identifier: 03:39:B4:9E:C4:23:CF:4C:62:00:8E:1B:17:0D:32:67:C7:44:67:CF
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 018CC56EE6D52276312F97E9FDB3313AFA58
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/Azm0nsQjz0xiAI4bFw0yZ8dEZ88.roa
Signing time: Mon 01 Jan 2024 14:30:28 +0000
ROA not before: Mon 01 Jan 2024 14:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51235
IP address blocks: 185.136.182.0/24 maxlen: 24
185.136.180.0/24 maxlen: 24
185.136.183.0/24 maxlen: 24
185.136.181.0/24 maxlen: 24
195.2.234.0/24 maxlen: 24
185.107.245.0/24 maxlen: 24
185.107.246.0/24 maxlen: 24
185.107.244.0/24 maxlen: 24
185.107.247.0/24 maxlen: 24
2a12:5440:8::/45 maxlen: 45
2a12:5440::/45 maxlen: 45
Validation: Failed, certificate revoked on Sat 03 Feb 2024 06:23:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e6:d5:22:76:31:2f:97:e9:fd:b3:31:3a:fa:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Jan 1 14:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0339b49ec423cf4c62008e1b170d3267c74467cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:20:ea:05:85:c4:74:23:23:15:5d:cd:ac:8d:
fb:c7:d7:49:c5:2f:70:af:f0:22:59:20:f4:97:d1:
8f:e5:cc:a1:2a:0d:fd:e2:3f:2b:e8:71:fc:c3:b0:
70:88:40:3e:a2:f7:d7:54:12:34:39:2b:67:30:b0:
da:ed:d3:29:27:9f:6c:0d:0c:50:e1:e4:89:ba:65:
b4:96:c8:7a:d6:8b:f9:c6:cd:c8:c2:46:19:fa:d1:
7c:27:2b:f7:cc:d3:c1:59:f8:7d:ea:94:c9:b5:5a:
21:d4:cc:ef:73:15:0b:f3:2b:22:b2:aa:3e:c6:26:
b3:6b:4f:ce:b6:b4:d0:b9:d4:d0:2f:69:94:88:db:
ae:22:82:06:5f:e3:27:ff:3e:72:fa:24:28:a3:32:
57:f8:b0:5e:03:df:b8:7f:b3:bd:6c:f3:0c:b4:99:
6a:dd:ec:2f:1e:52:75:56:eb:cd:ef:d7:79:25:00:
d8:c1:07:73:39:0e:69:bc:df:c5:8a:6a:44:82:9f:
c8:31:cf:b7:9a:31:ba:39:8b:ae:8b:61:a3:34:47:
5d:b1:31:0d:15:0d:d2:b5:15:f7:83:45:08:aa:e0:
99:fa:3e:dc:20:41:4a:6a:2e:ca:2d:f1:54:83:0a:
e2:a9:37:1f:81:d8:78:ed:6a:26:a7:92:ef:1f:91:
98:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:39:B4:9E:C4:23:CF:4C:62:00:8E:1B:17:0D:32:67:C7:44:67:CF
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/Azm0nsQjz0xiAI4bFw0yZ8dEZ88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.244.0/22
185.136.180.0/22
195.2.234.0/24
IPv6:
2a12:5440::/44
Signature Algorithm: sha256WithRSAEncryption
05:ef:15:d8:26:7b:57:d2:c8:1e:f7:cf:46:5b:a5:a2:df:ca:
9c:d7:80:f9:bf:fd:f6:43:09:dd:2a:4d:52:61:b9:15:c1:8b:
81:08:90:e8:5b:24:54:f4:20:ce:81:62:7d:c1:ce:59:4c:62:
e2:4e:be:fd:b1:10:86:36:1f:b5:df:1e:c0:56:f2:eb:d0:97:
2b:3c:6e:c2:09:ba:be:b3:af:87:a5:ef:6e:9c:68:cb:88:4b:
86:09:20:ee:cb:da:4e:53:d3:79:c4:a7:ea:9e:38:d9:8a:c9:
d9:44:8d:e1:09:5e:ce:c6:31:6e:f0:c5:1f:58:69:7d:1d:dc:
df:b7:57:d6:22:1c:16:00:65:08:bc:5f:fc:22:0d:84:ce:06:
c6:d1:84:64:b3:7b:31:29:61:17:9a:52:d8:89:59:a5:b8:d0:
56:0f:68:d8:04:3b:76:d7:15:4a:82:2b:b5:30:a9:1d:cd:70:
6d:89:8c:d4:25:35:be:69:9e:6e:f7:6a:5d:ed:f3:4d:76:35:
07:28:8b:87:ea:c4:03:b0:f4:29:b7:d5:b8:66:df:53:b2:e1:
7a:e4:3c:f0:da:7b:42:91:bd:83:1e:c8:90:05:50:f0:01:f0:
ff:9a:e7:1b:4d:49:68:62:db:d4:a9:dd:20:a8:a3:64:e2:b1:
61:f3:40:fd
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFbubVInYxL5fp/bMxOvpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjQwMTAxMTQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM5YjQ5ZWM0MjNjZjRjNjIwMDhlMWIxNzBkMzI2N2M3NDQ2N2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCDqBYXEdCMjFV3NrI37x9dJxS9w
r/AiWSD0l9GP5cyhKg394j8r6HH8w7BwiEA+ovfXVBI0OStnMLDa7dMpJ59sDQxQ
4eSJumW0lsh61ov5xs3IwkYZ+tF8Jyv3zNPBWfh96pTJtVoh1MzvcxUL8ysisqo+
xiaza0/OtrTQudTQL2mUiNuuIoIGX+Mn/z5y+iQoozJX+LBeA9+4f7O9bPMMtJlq
3ewvHlJ1VuvN79d5JQDYwQdzOQ5pvN/FimpEgp/IMc+3mjG6OYuui2GjNEddsTEN
FQ3StRX3g0UIquCZ+j7cIEFKai7KLfFUgwriqTcfgdh47Womp5LvH5GYNQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAM5tJ7EI89MYgCOGxcNMmfHRGfPMB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvQXptMG5zUWp6MHhpQUk0YkZ3MHlaOGRFWjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuWv0AwQC
uYi0AwQAwwLqMA8EAgACMAkDBwQqElRAAAAwDQYJKoZIhvcNAQELBQADggEBAAXv
Fdgme1fSyB73z0ZbpaLfypzXgPm//fZDCd0qTVJhuRXBi4EIkOhbJFT0IM6BYn3B
zllMYuJOvv2xEIY2H7XfHsBW8uvQlys8bsIJur6zr4el726caMuIS4YJIO7L2k5T
03nEp+qeONmKydlEjeEJXs7GMW7wxR9YaX0d3N+3V9YiHBYAZQi8X/wiDYTOBsbR
hGSzezEpYReaUtiJWaW40FYPaNgEO3bXFUqCK7UwqR3NcG2JjNQlNb5pnm73al3t
8012NQcoi4fqxAOw9Cm31bhm31Oy4XrkPPDae0KRvYMeyJAFUPAB8P+a5xtNSWhi
29Sp3SCoo2TisWHzQP0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:49 2024 by rpki-client on console-fra.rpki-client.org