Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/caG_Nn5W3IRpbPmJCZ36zvgkIqM.roa
File: caG_Nn5W3IRpbPmJCZ36zvgkIqM.roa (raw, json)
Hash identifier: vPRp0JaZpyo1ETOPhcGfmyzcKpBayZ7xX0ZG/cQDge8=
Subject key identifier: 71:A1:BF:36:7E:56:DC:84:69:6C:F9:89:09:9D:FA:CE:F8:24:22:A3
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01907F6894AB7AB0F537F101CA98BB8D4642
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/caG_Nn5W3IRpbPmJCZ36zvgkIqM.roa
Signing time: Thu 04 Jul 2024 20:21:18 +0000
ROA not before: Thu 04 Jul 2024 20:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.66.0/24 maxlen: 24
147.45.67.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jul 2024 15:59:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7f:68:94:ab:7a:b0:f5:37:f1:01:ca:98:bb:8d:46:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 4 20:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71a1bf367e56dc84696cf989099dfacef82422a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:4d:e6:33:a6:fe:bd:9d:d2:65:9e:f7:89:
36:d1:55:0a:44:4c:11:0e:81:32:5b:cf:2d:21:98:
36:1a:02:90:cb:ea:c3:29:e6:79:f1:67:96:27:03:
84:e1:ad:63:63:cc:c7:94:c5:e5:d4:f9:e1:ee:63:
ae:65:78:0b:96:dd:25:5b:2c:4d:f4:44:86:7a:a1:
5c:e1:9f:5b:5a:b7:4f:d8:7a:c0:03:57:eb:18:b7:
40:e5:30:a8:5a:a3:2d:83:ce:50:b2:42:14:91:0e:
8d:f2:81:e6:04:c4:d7:80:14:c9:ce:26:df:5d:f5:
65:05:6a:8d:f2:13:b9:13:38:72:1d:7d:a0:3c:54:
10:29:ba:22:5f:a1:c1:0b:e0:a4:4c:40:aa:24:e5:
c1:ea:c6:3a:57:71:b3:ce:74:5a:66:86:7e:33:7c:
8b:c0:dd:8f:53:45:61:3e:dd:63:38:83:7d:09:fb:
16:80:80:12:61:c1:af:f3:39:68:0b:66:1a:b0:f5:
c4:12:a2:4e:66:0c:af:bb:60:d5:1c:0a:40:e7:75:
25:82:f7:4c:ae:34:c7:08:47:3f:14:c2:01:67:0e:
f9:d5:54:42:19:79:5e:7a:ca:63:f8:7e:82:88:77:
4e:89:b3:f0:2c:4e:1d:85:19:9c:37:34:13:c3:f7:
a0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A1:BF:36:7E:56:DC:84:69:6C:F9:89:09:9D:FA:CE:F8:24:22:A3
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/caG_Nn5W3IRpbPmJCZ36zvgkIqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.66.0/23
147.45.193.0/24
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.85.0/24
193.233.164.0/24
193.233.171.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
14:6c:f1:a5:e9:87:a6:f3:9f:18:0a:a4:ec:b3:87:f6:15:41:
30:6f:40:85:4d:6a:77:fa:8a:23:bf:44:f0:63:0c:a5:44:8e:
65:31:47:cc:6a:75:5e:5c:2e:bd:bb:c9:8b:62:df:a4:c1:1a:
61:0f:b3:e2:7e:cc:da:e4:ad:48:61:85:f8:ff:6c:b5:7b:ae:
00:54:70:b1:d3:85:1f:9e:cd:57:d6:fa:3e:e3:c2:8a:3a:13:
ec:c3:03:37:c5:53:eb:1c:b4:22:2c:15:c1:4b:c5:be:77:38:
9c:3e:3d:21:a7:e8:e2:45:39:f3:59:aa:1a:b9:a6:48:3a:42:
d7:b0:8f:07:bf:66:1f:a6:cc:5c:2c:84:86:7e:3e:5c:02:20:
f7:c2:da:06:3c:95:81:b6:19:35:e4:b5:6e:b9:45:f5:42:25:
93:f6:77:22:57:4a:e6:71:38:69:d0:7c:78:64:14:05:40:86:
d4:f8:0b:45:b5:1c:fa:7c:a9:e6:d3:b7:30:59:ad:92:ce:21:
dc:0a:f7:d6:85:78:eb:e6:d3:65:b2:e8:50:05:6d:50:48:1a:
51:6c:05:0d:bc:44:e8:86:aa:9f:e0:7e:45:60:61:20:af:fd:
c3:5f:b4:26:e1:66:00:2d:fa:8a:57:31:32:0e:4a:86:6f:2d:
42:20:92:ca
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZB/aJSrerD1N/EBypi7jUZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNzA0MjAyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWExYmYzNjdlNTZkYzg0Njk2Y2Y5ODkwOTlkZmFjZWY4MjQyMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6dN5jOm/r2d0mWe94k20VUKREwR
DoEyW88tIZg2GgKQy+rDKeZ58WeWJwOE4a1jY8zHlMXl1Pnh7mOuZXgLlt0lWyxN
9ESGeqFc4Z9bWrdP2HrAA1frGLdA5TCoWqMtg85QskIUkQ6N8oHmBMTXgBTJzibf
XfVlBWqN8hO5EzhyHX2gPFQQKboiX6HBC+CkTECqJOXB6sY6V3GzznRaZoZ+M3yL
wN2PU0VhPt1jOIN9CfsWgIASYcGv8zloC2YasPXEEqJOZgyvu2DVHApA53UlgvdM
rjTHCEc/FMIBZw751VRCGXleespj+H6CiHdOibPwLE4dhRmcNzQTw/egAQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHGhvzZ+VtyEaWz5iQmd+s74JCKjMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvY2FHX05uNVczSVJwYlBtSkNaMzZ6dmdrSXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBky1CAwQA
ky3BAwQCuWdkAwQBwelKAwQAwelQAwQAwelVAwQAwemkAwQAwemrAwQBwen8MA0G
CSqGSIb3DQEBCwUAA4IBAQAUbPGl6Yem858YCqTss4f2FUEwb0CFTWp3+oojv0Tw
YwylRI5lMUfManVeXC69u8mLYt+kwRphD7Pifsza5K1IYYX4/2y1e64AVHCx04Uf
ns1X1vo+48KKOhPswwM3xVPrHLQiLBXBS8W+dzicPj0hp+jiRTnzWaoauaZIOkLX
sI8Hv2YfpsxcLISGfj5cAiD3wtoGPJWBthk15LVuuUX1QiWT9nciV0rmcThp0Hx4
ZBQFQIbU+AtFtRz6fKnm07cwWa2SziHcCvfWhXjr5tNlsuhQBW1QSBpRbAUNvETo
hqqf4H5FYGEgr/3DX7Qm4WYALfqKVzEyDkqGby1CIJLK
-----END CERTIFICATE-----
Generated at Sat Jul 6 16:42:36 2024 by rpki-client on console-fra.rpki-client.org