Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/jtYU5oMJqLh99K4eTUSdHtbDVAE.roa
File: jtYU5oMJqLh99K4eTUSdHtbDVAE.roa (raw, json)
Hash identifier: b5KyloA7Vjm+A8tXH7lt2pzv7EwZ3jxAUkLOo8v6gyI=
Subject key identifier: 8E:D6:14:E6:83:09:A8:B8:7D:F4:AE:1E:4D:44:9D:1E:D6:C3:54:01
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 018572E822A1F9B8B659114E7E07B84FD147
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/jtYU5oMJqLh99K4eTUSdHtbDVAE.roa
Signing time: Mon 02 Jan 2023 14:34:53 +0000
ROA not before: Mon 02 Jan 2023 14:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56430
IP address blocks: 188.241.13.0/24 maxlen: 24
86.105.152.0/23 maxlen: 23
86.105.155.0/24 maxlen: 24
77.81.64.0/24 maxlen: 24
89.42.42.0/24 maxlen: 24
193.33.200.0/23 maxlen: 23
185.82.172.0/22 maxlen: 22
89.36.93.0/24 maxlen: 24
89.36.18.0/24 maxlen: 24
89.43.174.0/24 maxlen: 24
188.212.250.0/24 maxlen: 24
89.40.214.0/24 maxlen: 24
2a05:91c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 18 Jan 2023 00:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:22:a1:f9:b8:b6:59:11:4e:7e:07:b8:4f:d1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jan 2 14:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ed614e68309a8b87df4ae1e4d449d1ed6c35401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a4:b0:61:2a:2c:d6:d0:a8:38:e9:b5:55:33:
35:a7:0b:9b:57:13:23:26:ae:39:e6:6c:2c:e6:a8:
15:57:c5:c3:ca:af:1f:4e:29:6e:38:ce:46:55:60:
24:f4:5a:88:75:64:02:92:18:2a:d6:c0:44:0f:fb:
5e:ed:0d:27:a1:2d:a2:43:63:10:1f:7a:43:d0:48:
05:d6:22:a0:fa:f6:6e:0d:39:0f:bd:d9:5d:22:72:
2b:0d:6f:8c:ae:8b:63:b3:b3:e5:ca:b0:36:3e:28:
5c:7f:69:94:fd:e9:86:3c:01:56:81:0a:d9:f8:20:
6b:6c:b2:ec:7d:b2:0c:dd:cf:ba:e0:0d:8f:91:fb:
57:8c:ea:e0:22:c4:1c:f5:ea:97:25:dc:21:25:4f:
f2:ee:3b:44:22:e3:60:9e:fd:bc:4f:75:34:a8:5f:
dc:d1:53:32:90:30:8c:e8:c4:71:ab:76:1b:d5:f1:
7d:61:b7:51:6a:67:93:c2:29:cc:92:4c:66:63:7d:
b0:d7:64:d1:1e:ad:43:a9:1e:20:1e:ff:4c:b2:df:
e1:dd:c6:51:04:48:ad:ef:54:71:a0:69:8b:97:b4:
7f:8c:34:f6:0e:5a:38:f2:36:e0:8d:f7:22:0a:f6:
09:cd:e2:2d:37:a2:1c:1c:c9:94:0c:c9:04:a1:71:
99:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D6:14:E6:83:09:A8:B8:7D:F4:AE:1E:4D:44:9D:1E:D6:C3:54:01
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/jtYU5oMJqLh99K4eTUSdHtbDVAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.64.0/24
86.105.152.0/23
86.105.155.0/24
89.36.18.0/24
89.36.93.0/24
89.40.214.0/24
89.42.42.0/24
89.43.174.0/24
185.82.172.0/22
188.212.250.0/24
188.241.13.0/24
193.33.200.0/23
IPv6:
2a05:91c0::/32
Signature Algorithm: sha256WithRSAEncryption
6d:55:bf:86:86:c9:59:80:7b:b8:c7:75:21:b0:a8:b0:0b:bd:
e1:8e:56:7d:44:7a:e2:a1:13:5d:8b:65:a6:57:1c:6b:fa:71:
cc:60:be:f9:af:34:97:4b:0a:a5:ef:32:c9:6e:e7:1d:63:9b:
e0:51:5d:9a:54:83:a7:b2:2f:ad:4d:0b:bb:57:79:38:d8:40:
85:1c:47:f2:7f:f5:71:ac:25:d6:0e:92:fb:49:57:3e:3d:cf:
9b:87:5b:1d:a4:f3:31:18:38:23:6b:45:99:8a:c5:22:a8:4e:
08:a8:dc:24:1b:61:7f:e3:f8:c4:9d:f1:4c:5b:df:de:de:82:
57:5b:a3:21:2f:2d:45:d7:70:d1:a9:f0:bd:4c:ed:e8:ea:61:
72:c3:f7:1e:66:33:06:cb:ab:ba:d5:e6:66:b3:ef:1a:57:84:
c4:2d:b2:f2:a2:9a:aa:41:c7:4f:24:a9:4a:cf:0a:49:34:75:
17:0c:1f:27:b9:e8:a9:46:3a:0c:15:b7:76:a2:b5:7a:ab:48:
42:53:d6:2a:a2:43:a4:61:9f:4b:ac:6e:d9:90:c3:57:e2:88:
8e:6d:67:46:a9:a5:5c:0e:e5:a6:d0:47:60:9d:29:26:c3:c4:
8a:88:d8:71:06:3c:78:32:72:bf:c0:41:33:17:6b:db:6f:b0:
93:d9:f4:e6
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYVy6CKh+bi2WRFOfge4T9FHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjMwMTAyMTQzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWQ2MTRlNjgzMDlhOGI4N2RmNGFlMWU0ZDQ0OWQxZWQ2YzM1NDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKSwYSos1tCoOOm1VTM1pwubVxMj
Jq455mws5qgVV8XDyq8fTiluOM5GVWAk9FqIdWQCkhgq1sBED/te7Q0noS2iQ2MQ
H3pD0EgF1iKg+vZuDTkPvdldInIrDW+Mrotjs7PlyrA2Pihcf2mU/emGPAFWgQrZ
+CBrbLLsfbIM3c+64A2PkftXjOrgIsQc9eqXJdwhJU/y7jtEIuNgnv28T3U0qF/c
0VMykDCM6MRxq3Yb1fF9YbdRameTwinMkkxmY32w12TRHq1DqR4gHv9Mst/h3cZR
BEit71RxoGmLl7R/jDT2Dlo48jbgjfciCvYJzeItN6IcHMmUDMkEoXGZ+QIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFI7WFOaDCai4ffSuHk1EnR7Ww1QBMB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvanRZVTVvTUpxTGg5OUs0ZVRVU2RIdGJEVkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQATVFAAwQB
VmmYAwQAVmmbAwQAWSQSAwQAWSRdAwQAWSjWAwQAWSoqAwQAWSuuAwQCuVKsAwQA
vNT6AwQAvPENAwQBwSHIMA0EAgACMAcDBQAqBZHAMA0GCSqGSIb3DQEBCwUAA4IB
AQBtVb+GhslZgHu4x3UhsKiwC73hjlZ9RHrioRNdi2WmVxxr+nHMYL75rzSXSwql
7zLJbucdY5vgUV2aVIOnsi+tTQu7V3k42ECFHEfyf/VxrCXWDpL7SVc+Pc+bh1sd
pPMxGDgja0WZisUiqE4IqNwkG2F/4/jEnfFMW9/e3oJXW6MhLy1F13DRqfC9TO3o
6mFyw/ceZjMGy6u61eZms+8aV4TELbLyopqqQcdPJKlKzwpJNHUXDB8nueipRjoM
Fbd2orV6q0hCU9YqokOkYZ9LrG7ZkMNX4oiObWdGqaVcDuWm0EdgnSkmw8SKiNhx
Bjx4MnK/wEEzF2vbb7CT2fTm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:01 2024 by rpki-client on console-ams.rpki-client.org