Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ASW7xajQZ77BV6KcFyHjcvfNcD4.roa
File: ASW7xajQZ77BV6KcFyHjcvfNcD4.roa (raw, json)
Hash identifier: tysQKkpvMIrqlb89YnhaB96o/S1jZ++ER+XinVvEfrw=
Subject key identifier: 01:25:BB:C5:A8:D0:67:BE:C1:57:A2:9C:17:21:E3:72:F7:CD:70:3E
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018E18D78491095F8F97ED4C76812E01EFC7
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ASW7xajQZ77BV6KcFyHjcvfNcD4.roa
Signing time: Thu 07 Mar 2024 12:16:01 +0000
ROA not before: Thu 07 Mar 2024 12:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8342
IP address blocks: 147.45.88.0/21 maxlen: 21
147.45.117.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.120.0/22 maxlen: 22
147.45.205.0/24 maxlen: 24
193.233.60.0/24 maxlen: 24
193.233.62.0/24 maxlen: 24
193.233.124.0/22 maxlen: 22
193.233.170.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 18:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:18:d7:84:91:09:5f:8f:97:ed:4c:76:81:2e:01:ef:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Mar 7 12:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0125bbc5a8d067bec157a29c1721e372f7cd703e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:22:f3:51:0f:44:96:b5:a1:83:aa:c0:76:bc:
d5:c7:22:f4:89:2e:07:39:3f:1f:90:1e:f6:dd:82:
3e:7c:83:cc:68:21:26:af:2b:d7:09:7e:a9:52:4c:
f7:bd:11:87:83:10:2a:2e:6d:55:da:d3:09:d9:29:
d1:38:51:90:3e:b9:82:11:48:d6:15:6f:10:fa:62:
cc:76:2b:57:2d:8b:4c:43:f9:9a:f4:95:01:4e:b2:
70:26:12:70:1c:c5:29:96:ff:74:da:ff:5b:63:1e:
f6:ba:6f:0c:6a:24:1d:40:2c:03:14:25:9a:49:4a:
d7:6f:73:c0:ca:85:d7:72:c7:fe:6a:3b:3b:b8:ea:
6e:23:e2:65:80:ad:a8:32:51:6b:b6:8f:13:10:00:
7c:34:7c:ee:a8:dd:cd:f6:01:18:8e:8f:4a:3c:ae:
14:92:6c:82:d5:79:e4:02:f4:45:93:a5:7c:45:0d:
d1:42:3e:10:bc:b9:31:36:84:b3:27:76:e8:20:0e:
ad:76:e9:58:ca:48:fb:fb:3f:97:06:ef:c7:6c:16:
99:a9:23:af:a8:92:d2:47:7b:c1:65:a6:34:d6:53:
1c:56:e4:a8:48:b8:c2:54:81:9f:78:b0:94:c0:a5:
46:eb:fd:78:e9:d3:0d:ab:3a:89:3f:77:21:c4:7a:
e0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:25:BB:C5:A8:D0:67:BE:C1:57:A2:9C:17:21:E3:72:F7:CD:70:3E
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ASW7xajQZ77BV6KcFyHjcvfNcD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.88.0/21
147.45.117.0-147.45.123.255
147.45.205.0/24
193.233.60.0/24
193.233.62.0/24
193.233.124.0/22
193.233.170.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ae:47:24:05:5c:b6:4c:53:16:52:e0:57:de:db:7d:c0:61:
5e:57:33:f7:41:54:c5:c8:8a:dc:f6:f7:d1:9e:20:b8:ea:f9:
9c:df:5c:e1:d9:8f:d0:0e:5d:3f:c7:e9:78:b4:98:02:91:86:
68:9f:dd:fd:94:91:95:8c:10:bc:8b:27:56:a7:16:d2:42:92:
d9:2b:8d:dd:85:54:2a:e0:b3:6e:26:85:0c:38:cb:26:38:f5:
1b:e0:6c:a3:9b:ae:23:f3:c3:37:c2:35:ad:c2:7b:32:94:d3:
8f:e5:42:32:4a:ea:05:cd:fa:76:5a:ad:2f:e2:33:a1:b3:22:
a2:43:fd:63:76:e3:e0:14:c6:ff:32:06:ce:17:c7:29:d2:d6:
9b:1a:25:2c:19:f1:1a:56:31:52:17:83:3e:61:00:71:84:8a:
dd:fb:68:ae:a1:d5:4e:ed:9d:1e:5f:19:61:e9:23:85:78:7c:
64:61:f9:37:93:f3:2b:7b:d8:ed:bc:6b:11:9c:68:fe:36:b4:
24:b6:33:7d:2f:95:ce:db:ef:b7:f9:e8:0d:20:a4:a0:4b:88:
88:75:9d:d3:95:b1:43:db:bc:4a:06:dd:ee:c3:c1:0e:be:f2:
0f:08:73:96:b0:f0:97:b9:1c:ea:4e:10:eb:6b:e7:60:d3:92:
b6:a4:e7:d2
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY4Y14SRCV+Pl+1MdoEuAe/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMzA3MTIxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTI1YmJjNWE4ZDA2N2JlYzE1N2EyOWMxNzIxZTM3MmY3Y2Q3MDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSLzUQ9ElrWhg6rAdrzVxyL0iS4H
OT8fkB723YI+fIPMaCEmryvXCX6pUkz3vRGHgxAqLm1V2tMJ2SnROFGQPrmCEUjW
FW8Q+mLMditXLYtMQ/ma9JUBTrJwJhJwHMUplv902v9bYx72um8MaiQdQCwDFCWa
SUrXb3PAyoXXcsf+ajs7uOpuI+JlgK2oMlFrto8TEAB8NHzuqN3N9gEYjo9KPK4U
kmyC1XnkAvRFk6V8RQ3RQj4QvLkxNoSzJ3boIA6tdulYykj7+z+XBu/HbBaZqSOv
qJLSR3vBZaY01lMcVuSoSLjCVIGfeLCUwKVG6/146dMNqzqJP3chxHrgzwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAElu8Wo0Ge+wVeinBch43L3zXA+MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvQVNXN3hhalFaNzdCVjZLY0Z5SGpjdmZOY0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDky1YMAwD
BACTLXUDBAKTLXgDBACTLc0DBADB6TwDBADB6T4DBALB6XwDBADB6aowDQYJKoZI
hvcNAQELBQADggEBAB2uRyQFXLZMUxZS4Ffe233AYV5XM/dBVMXIitz299GeILjq
+ZzfXOHZj9AOXT/H6Xi0mAKRhmif3f2UkZWMELyLJ1anFtJCktkrjd2FVCrgs24m
hQw4yyY49RvgbKObriPzwzfCNa3CezKU04/lQjJK6gXN+nZarS/iM6GzIqJD/WN2
4+AUxv8yBs4XxynS1psaJSwZ8RpWMVIXgz5hAHGEit37aK6h1U7tnR5fGWHpI4V4
fGRh+TeT8yt72O28axGcaP42tCS2M30vlc7b77f56A0gpKBLiIh1ndOVsUPbvEoG
3e7DwQ6+8g8Ic5aw8Je5HOpOEOtr52DTkrak59I=
-----END CERTIFICATE-----
Generated at Tue Mar 12 21:02:14 2024 by rpki-client on console-fra.rpki-client.org