Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/49c5IMCi8fKhEHkNpWINjm5yquU.roa
File: 49c5IMCi8fKhEHkNpWINjm5yquU.roa (raw, json)
Hash identifier: fS9VVvWSvWXyZBvvamBkNgxP/7Z4A6xpf5nMqjhtZ9c=
Subject key identifier: E3:D7:39:20:C0:A2:F1:F2:A1:10:79:0D:A5:62:0D:8E:6E:72:AA:E5
Certificate issuer: /CN=adf0df77114741e13a17d7213e6956bf9627b558
Certificate serial: 01856EF427FCE2CB45D89E93A3D92C2E11B1
Authority key identifier: AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/49c5IMCi8fKhEHkNpWINjm5yquU.roa
Signing time: Sun 01 Jan 2023 20:09:32 +0000
ROA not before: Sun 01 Jan 2023 20:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62319
IP address blocks: 91.142.136.0/24 maxlen: 24
178.209.175.0/24 maxlen: 24
178.209.174.0/24 maxlen: 24
178.209.173.0/24 maxlen: 24
178.209.178.0/23 maxlen: 23
178.209.176.0/23 maxlen: 23
91.216.118.0/24 maxlen: 24
178.209.184.0/22 maxlen: 22
193.169.74.0/23 maxlen: 23
178.209.180.0/22 maxlen: 22
178.209.188.0/23 maxlen: 23
185.203.0.0/22 maxlen: 22
178.209.191.0/24 maxlen: 24
178.209.190.0/24 maxlen: 24
185.66.184.0/22 maxlen: 22
185.4.219.0/24 maxlen: 24
185.4.218.0/24 maxlen: 24
185.4.216.0/23 maxlen: 23
185.40.44.0/22 maxlen: 22
193.106.120.0/22 maxlen: 22
185.150.72.0/22 maxlen: 22
178.209.160.0/22 maxlen: 22
178.209.166.0/24 maxlen: 24
178.209.165.0/24 maxlen: 24
178.209.172.0/24 maxlen: 24
178.209.171.0/24 maxlen: 24
178.209.170.0/24 maxlen: 24
178.209.169.0/24 maxlen: 24
178.209.168.0/24 maxlen: 24
178.209.167.0/24 maxlen: 24
194.126.192.0/24 maxlen: 24
91.194.36.0/23 maxlen: 23
194.116.178.0/23 maxlen: 23
2a02:c900::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:f4:27:fc:e2:cb:45:d8:9e:93:a3:d9:2c:2e:11:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf0df77114741e13a17d7213e6956bf9627b558
Validity
Not Before: Jan 1 20:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3d73920c0a2f1f2a110790da5620d8e6e72aae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8c:13:0a:d7:76:18:50:34:de:3b:05:f4:6a:
b8:2a:4d:81:17:3d:0d:23:f2:80:f6:b2:94:8c:bf:
45:48:17:c8:bf:fc:c6:5f:64:bd:b0:fe:e9:e6:fb:
02:61:a4:d1:16:a5:d3:1a:c9:c0:24:01:e9:cc:3e:
f8:77:59:e4:10:18:7d:78:54:1b:ae:ac:5d:86:1e:
32:06:46:7e:fa:d6:a8:42:0a:ed:58:01:35:a6:67:
7c:a7:5b:00:df:16:cf:6f:d4:e6:59:da:ef:f1:45:
1b:82:59:2b:6c:bb:31:47:41:77:9d:3c:05:2f:4c:
23:25:f5:e7:a8:7f:59:7b:9a:9b:db:77:9f:75:3a:
8c:62:d2:7e:74:4c:ea:8c:98:b5:a1:9e:bb:90:a4:
7d:dc:d3:b7:96:7b:2e:e2:8f:fb:10:c8:b8:7b:02:
2f:c2:8b:59:52:37:c7:39:86:2e:06:24:24:67:d3:
c1:6e:6e:c7:50:90:30:10:ab:57:fc:7b:c6:9a:b1:
fa:60:80:50:c1:28:30:37:1b:cc:b6:df:fd:1a:6a:
d4:49:4c:27:e7:43:03:f0:00:1a:fc:df:db:6c:7c:
79:e5:c0:15:f2:a1:a4:e6:26:91:16:80:00:7f:6a:
3f:be:0e:da:eb:c4:e7:6a:24:dd:6c:99:23:95:32:
e3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D7:39:20:C0:A2:F1:F2:A1:10:79:0D:A5:62:0D:8E:6E:72:AA:E5
X509v3 Authority Key Identifier:
keyid:AD:F0:DF:77:11:47:41:E1:3A:17:D7:21:3E:69:56:BF:96:27:B5:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfDfdxFHQeE6F9chPmlWv5YntVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/49c5IMCi8fKhEHkNpWINjm5yquU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/a30bea-9e93-4091-b6e1-e1ef27772eaf/1/rfDfdxFHQeE6F9chPmlWv5YntVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.136.0/24
91.194.36.0/23
91.216.118.0/24
178.209.160.0/22
178.209.165.0-178.209.191.255
185.4.216.0/22
185.40.44.0/22
185.66.184.0/22
185.150.72.0/22
185.203.0.0/22
193.106.120.0/22
193.169.74.0/23
194.116.178.0/23
194.126.192.0/24
IPv6:
2a02:c900::/29
Signature Algorithm: sha256WithRSAEncryption
42:c7:81:1a:f7:07:50:db:99:9d:4a:e2:ed:f0:7a:e2:dd:4f:
75:d4:15:24:7a:ca:6e:66:95:40:27:96:6c:15:59:cd:48:c9:
e7:b2:cd:2d:67:e1:58:26:11:48:6d:47:8a:5b:e7:53:b0:55:
98:86:e1:d2:45:93:4d:f5:0a:f3:43:d4:54:07:21:67:fd:0f:
e2:6c:2e:4f:97:ba:a8:e3:2e:ae:46:9d:fc:b6:69:24:22:7d:
ce:28:89:3d:83:76:d0:cf:e4:cf:f7:6d:85:2c:ee:c8:b0:d0:
01:2a:ed:b5:b0:30:76:1e:ee:8e:da:32:e7:17:d4:86:2d:fa:
83:63:c5:61:a8:60:26:30:a8:7b:39:85:e2:0b:77:46:f6:d6:
24:ce:37:3f:cd:9e:50:e2:54:3e:30:ef:86:a4:ac:38:88:66:
07:3e:60:5e:fe:5f:6f:04:a8:10:cc:6a:6a:6d:a6:91:53:92:
7c:1b:ac:29:14:ad:df:80:9b:ea:27:2f:41:cd:f6:98:92:8e:
22:a6:6a:75:9a:c5:c5:9d:db:3d:7e:f0:af:37:2b:9b:03:62:
96:d6:fe:f4:80:b6:f2:c7:b9:7e:05:6c:32:e1:1e:4b:ad:6f:
de:25:d5:c5:0c:16:85:dc:2d:86:ac:e1:6a:3d:6a:e4:5b:42:
5e:06:ba:d2
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYVu9Cf84stF2J6To9ksLhGxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjBkZjc3MTE0NzQxZTEzYTE3ZDcyMTNlNjk1NmJmOTYy
N2I1NTgwHhcNMjMwMTAxMjAwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2Q3MzkyMGMwYTJmMWYyYTExMDc5MGRhNTYyMGQ4ZTZlNzJhYWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIwTCtd2GFA03jsF9Gq4Kk2BFz0N
I/KA9rKUjL9FSBfIv/zGX2S9sP7p5vsCYaTRFqXTGsnAJAHpzD74d1nkEBh9eFQb
rqxdhh4yBkZ++taoQgrtWAE1pmd8p1sA3xbPb9TmWdrv8UUbglkrbLsxR0F3nTwF
L0wjJfXnqH9Ze5qb23efdTqMYtJ+dEzqjJi1oZ67kKR93NO3lnsu4o/7EMi4ewIv
wotZUjfHOYYuBiQkZ9PBbm7HUJAwEKtX/HvGmrH6YIBQwSgwNxvMtt/9GmrUSUwn
50MD8AAa/N/bbHx55cAV8qGk5iaRFoAAf2o/vg7a68TnaiTdbJkjlTLjHwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFOPXOSDAovHyoRB5DaViDY5ucqrlMB8GA1UdIwQY
MBaAFK3w33cRR0HhOhfXIT5pVr+WJ7VYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9hMzBiZWEtOWU5My00MDkxLWI2ZTEt
ZTFlZjI3NzcyZWFmLzEvNDljNUlNQ2k4ZktoRUhrTnBXSU5qbTV5cXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9hMzBiZWEtOWU5My00MDkxLWI2ZTEtZTFlZjI3NzcyZWFm
LzEvcmZEZmR4RkhRZUU2RjljaFBtbFd2NVludFZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAFuOiAME
AVvCJAMEAFvYdgMEArLRoDAMAwQAstGlAwQGstGAAwQCuQTYAwQCuSgsAwQCuUK4
AwQCuZZIAwQCucsAAwQCwWp4AwQBwalKAwQBwnSyAwQAwn7AMA0EAgACMAcDBQMq
AskAMA0GCSqGSIb3DQEBCwUAA4IBAQBCx4Ea9wdQ25mdSuLt8Hri3U911BUkespu
ZpVAJ5ZsFVnNSMnnss0tZ+FYJhFIbUeKW+dTsFWYhuHSRZNN9QrzQ9RUByFn/Q/i
bC5Pl7qo4y6uRp38tmkkIn3OKIk9g3bQz+TP922FLO7IsNABKu21sDB2Hu6O2jLn
F9SGLfqDY8VhqGAmMKh7OYXiC3dG9tYkzjc/zZ5Q4lQ+MO+GpKw4iGYHPmBe/l9v
BKgQzGpqbaaRU5J8G6wpFK3fgJvqJy9BzfaYko4ipmp1msXFnds9fvCvNyubA2KW
1v70gLbyx7l+BWwy4R5LrW/eJdXFDBaF3C2GrOFqPWrkW0JeBrrS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:12 2024 by rpki-client on console-fra.rpki-client.org