Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/bYbDLHHgKGVTcyzCCnCdvpEItRs.roa
File: bYbDLHHgKGVTcyzCCnCdvpEItRs.roa (raw, json)
Hash identifier: Z2LA/3yK80o3naGki4pcM4PV+4nsy8QI7DnKSzzdY5g=
Subject key identifier: 6D:86:C3:2C:71:E0:28:65:53:73:2C:C2:0A:70:9D:BE:91:08:B5:1B
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0185719E7C90C45A3B5EAB61D94F46A43B1D
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/bYbDLHHgKGVTcyzCCnCdvpEItRs.roa
Signing time: Mon 02 Jan 2023 08:34:49 +0000
ROA not before: Mon 02 Jan 2023 08:34:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41740
IP address blocks: 195.208.4.0/24 maxlen: 24
195.208.6.0/24 maxlen: 24
195.208.7.0/24 maxlen: 24
195.208.5.0/24 maxlen: 24
193.232.253.0/24 maxlen: 24
193.232.147.0/24 maxlen: 24
2a0c:a9c7:b::/48 maxlen: 48
2a0c:a9c7:253::/48 maxlen: 48
2a0c:a9c7:8::/48 maxlen: 48
2a0c:a9c7:a::/48 maxlen: 48
2a0c:a9c7:147::/48 maxlen: 48
2a0c:a9c7:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:7c:90:c4:5a:3b:5e:ab:61:d9:4f:46:a4:3b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 08:34:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d86c32c71e0286553732cc20a709dbe9108b51b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:58:56:14:e5:c7:c0:56:2a:6e:fd:56:84:b8:
0c:01:da:93:a4:a7:77:a9:28:8f:68:5b:49:c0:6a:
e5:e9:6b:af:57:84:cf:bc:9b:27:c0:89:26:11:81:
c0:b9:1c:9b:4f:a0:db:5b:85:d9:79:4c:45:d6:1b:
bf:0f:35:d5:32:29:3c:96:79:bb:8a:ba:4f:9b:78:
31:ed:e8:73:e8:8f:2a:6f:cf:7b:55:27:7d:56:89:
f7:43:d3:11:69:ee:81:6f:c9:d4:05:a8:32:07:c0:
bb:6d:99:94:01:eb:d7:35:e6:c3:67:fb:6a:c8:79:
e3:de:d0:d6:4f:7a:fb:69:f1:ca:e8:2f:6f:5d:e4:
b6:d4:04:c5:13:8a:58:36:f1:68:20:e8:33:3d:e3:
36:ea:56:b0:59:5a:93:4b:ca:14:86:ef:dd:be:fb:
46:df:1d:ae:50:20:ee:9d:06:7a:12:65:4e:3b:ad:
9c:49:66:d7:2b:81:8a:15:aa:87:8c:a8:44:76:e1:
a3:0b:a9:b9:6e:4d:5d:ed:27:d6:9e:c1:d3:86:0b:
32:06:0c:f5:54:ab:86:f4:f4:16:e8:8f:76:e3:39:
a8:51:88:07:72:1d:ea:fc:a7:02:4e:3d:ae:06:a2:
fa:87:b7:5b:34:ab:a9:42:b5:19:0d:c2:7c:19:64:
1d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:86:C3:2C:71:E0:28:65:53:73:2C:C2:0A:70:9D:BE:91:08:B5:1B
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/bYbDLHHgKGVTcyzCCnCdvpEItRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.147.0/24
193.232.253.0/24
195.208.4.0/22
IPv6:
2a0c:a9c7:8::/46
2a0c:a9c7:147::/48
2a0c:a9c7:253::/48
Signature Algorithm: sha256WithRSAEncryption
19:31:e9:20:95:54:ed:ce:5f:f2:71:51:14:f5:03:6f:37:dd:
74:44:ca:c0:75:3f:08:da:e6:98:92:0e:70:30:45:75:b7:05:
91:28:57:9b:74:5f:61:e4:af:7e:47:b7:ed:9a:c2:03:ef:c8:
15:4f:26:b1:e8:f4:cc:f9:77:68:65:0d:11:ae:a4:9d:09:1f:
8e:e2:30:06:08:73:17:f8:b5:35:e0:a3:8c:4d:3e:c8:59:dd:
0e:15:d6:f7:b6:25:15:b8:e6:52:30:7d:7e:ca:2a:ec:9e:57:
ac:96:44:62:cd:ed:be:3e:18:a9:8a:f0:3a:37:14:c7:e0:91:
54:3d:7d:ad:3b:51:c2:b3:e3:5a:2a:cc:71:1a:9b:2a:95:56:
f4:5d:7f:a5:36:1c:07:b3:30:c6:a6:02:4a:24:de:73:9f:c7:
52:4b:de:3e:3f:b8:d1:ac:04:52:11:00:f3:4c:1e:fb:d8:01:
5f:c6:40:22:c0:68:39:94:dc:02:4c:79:d8:b7:78:9d:85:0e:
fe:ed:72:40:fd:55:3d:4d:52:2c:3e:5c:f7:30:9f:6f:c3:98:
1d:79:6e:6a:fe:5a:db:26:42:ed:d9:32:60:de:65:40:6e:bd:
c6:09:a7:2d:62:81:0b:6b:8d:2c:ea:11:bb:d0:2f:46:74:2f:
5e:41:03:0b
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVxnnyQxFo7Xqth2U9GpDsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMTAyMDgzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDg2YzMyYzcxZTAyODY1NTM3MzJjYzIwYTcwOWRiZTkxMDhiNTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1hWFOXHwFYqbv1WhLgMAdqTpKd3
qSiPaFtJwGrl6WuvV4TPvJsnwIkmEYHAuRybT6DbW4XZeUxF1hu/DzXVMik8lnm7
irpPm3gx7ehz6I8qb897VSd9Von3Q9MRae6Bb8nUBagyB8C7bZmUAevXNebDZ/tq
yHnj3tDWT3r7afHK6C9vXeS21ATFE4pYNvFoIOgzPeM26lawWVqTS8oUhu/dvvtG
3x2uUCDunQZ6EmVOO62cSWbXK4GKFaqHjKhEduGjC6m5bk1d7SfWnsHThgsyBgz1
VKuG9PQW6I924zmoUYgHch3q/KcCTj2uBqL6h7dbNKupQrUZDcJ8GWQduQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFG2Gwyxx4ChlU3Mswgpwnb6RCLUbMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvYlliRExISGdLR1ZUY3l6Q0NuQ2R2cEVJdFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAweiTAwQA
wej9AwQCw9AEMCEEAgACMBsDBwIqDKnHAAgDBwAqDKnHAUcDBwAqDKnHAlMwDQYJ
KoZIhvcNAQELBQADggEBABkx6SCVVO3OX/JxURT1A2833XREysB1Pwja5piSDnAw
RXW3BZEoV5t0X2Hkr35Ht+2awgPvyBVPJrHo9Mz5d2hlDRGupJ0JH47iMAYIcxf4
tTXgo4xNPshZ3Q4V1ve2JRW45lIwfX7KKuyeV6yWRGLN7b4+GKmK8Do3FMfgkVQ9
fa07UcKz41oqzHEamyqVVvRdf6U2HAezMMamAkok3nOfx1JL3j4/uNGsBFIRAPNM
HvvYAV/GQCLAaDmU3AJMedi3eJ2FDv7tckD9VT1NUiw+XPcwn2/DmB15bmr+Wtsm
Qu3ZMmDeZUBuvcYJpy1igQtrjSzqEbvQL0Z0L15BAws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org