Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vyiEmTQoiLpvrFVOq9hX1-kpwvI.roa
File: vyiEmTQoiLpvrFVOq9hX1-kpwvI.roa (raw, json)
Hash identifier: 7dAQeVCkITKl/2ZYi2flhoMvKq3DhwmLv6Hl2OkNHWo=
Subject key identifier: BF:28:84:99:34:28:88:BA:6F:AC:55:4E:AB:D8:57:D7:E9:29:C2:F2
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01908EACF8536ADEB09640162737F6E92745
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vyiEmTQoiLpvrFVOq9hX1-kpwvI.roa
Signing time: Sun 07 Jul 2024 19:30:18 +0000
ROA not before: Sun 07 Jul 2024 19:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.65.0/24 maxlen: 24
147.45.66.0/24 maxlen: 24
147.45.67.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 20:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8e:ac:f8:53:6a:de:b0:96:40:16:27:37:f6:e9:27:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 7 19:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf288499342888ba6fac554eabd857d7e929c2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:02:b6:0e:19:e4:cc:cb:64:69:b6:f5:fa:a1:
c7:c4:9c:f2:92:89:ab:b8:a5:4f:68:e9:7d:2c:ae:
f0:63:ac:2a:14:e5:4e:c1:b1:8d:38:71:3e:44:f8:
f2:ff:ed:7d:50:dd:73:9f:aa:fd:d8:c2:69:1d:e7:
7a:12:a8:76:04:da:b7:be:de:15:a5:7a:cb:7b:8f:
04:59:6e:c4:f6:dc:e3:ff:0a:4f:84:98:f8:b7:f4:
1b:d6:33:39:6a:e8:ef:70:65:5d:bb:3f:98:00:6e:
8d:1c:59:74:db:08:e8:f1:d1:a6:15:3f:65:68:ae:
59:a0:41:02:1a:e0:3f:17:9d:18:c6:4d:15:c9:82:
e1:66:e1:27:d5:2a:b7:91:87:22:eb:02:22:47:31:
77:49:f6:7b:64:bb:59:85:81:53:7e:5c:20:b1:13:
ea:91:de:f7:9e:9a:85:79:56:4f:6d:cb:42:d7:0a:
65:4a:19:28:df:6f:3e:99:74:3d:46:c9:21:dd:85:
ed:e3:57:c1:53:5f:d5:b4:04:3c:60:6f:1c:11:cd:
9b:f6:3e:f4:06:fa:a0:6b:31:ba:be:af:0a:23:ca:
40:e1:e2:43:74:1f:74:02:12:02:d3:cf:74:e9:04:
84:9c:3e:e2:8c:52:54:51:ee:44:49:70:4f:c7:81:
0e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:28:84:99:34:28:88:BA:6F:AC:55:4E:AB:D8:57:D7:E9:29:C2:F2
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/vyiEmTQoiLpvrFVOq9hX1-kpwvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.65.0-147.45.67.255
147.45.193.0/24
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.85.0/24
193.233.164.0/24
193.233.171.0/24
193.233.175.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
61:ab:7a:1b:80:3c:79:a4:e2:79:4c:af:de:3c:25:8f:e3:1f:
b8:37:20:c6:d5:75:1e:31:93:e0:63:e0:f0:46:18:b0:11:8c:
a5:e4:f8:31:7e:65:49:a0:7d:f2:43:ab:d7:f7:d5:93:25:ae:
d1:64:ff:2a:a4:6b:01:18:ed:3c:09:8c:a6:b2:02:2c:a7:59:
4d:4f:56:99:64:b0:84:72:c3:d0:fd:62:0d:aa:9d:b3:02:56:
15:5d:a5:0f:ba:9b:db:40:d7:b2:17:84:f6:a4:0e:2c:ec:d7:
57:6f:3b:e3:17:e9:1c:22:63:66:ea:43:f6:98:1e:32:6b:a6:
a8:e4:25:b0:6b:40:56:2d:62:88:e8:97:87:d1:be:7a:8d:3a:
53:38:e4:23:0a:df:c1:b1:65:28:de:96:dd:c4:30:4e:a3:a4:
1e:04:78:a9:62:f7:fe:52:4a:9b:16:5a:ad:a0:dc:14:e6:5e:
94:5d:05:9b:7c:8e:90:22:a7:4e:f1:52:30:e5:73:b2:c6:30:
0d:9e:82:24:90:d4:3a:8c:0b:07:db:37:a3:ab:33:d6:0e:f0:
0f:f4:23:1d:5b:33:04:11:22:8d:5e:f2:71:69:a5:f9:f8:d5:
09:88:c5:db:4e:d7:85:3c:96:46:07:dd:38:72:08:27:41:ac:
ec:d5:06:8f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZCOrPhTat6wlkAWJzf26SdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNzA3MTkzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjI4ODQ5OTM0Mjg4OGJhNmZhYzU1NGVhYmQ4NTdkN2U5MjljMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAK2DhnkzMtkabb1+qHHxJzykomr
uKVPaOl9LK7wY6wqFOVOwbGNOHE+RPjy/+19UN1zn6r92MJpHed6Eqh2BNq3vt4V
pXrLe48EWW7E9tzj/wpPhJj4t/Qb1jM5aujvcGVduz+YAG6NHFl02wjo8dGmFT9l
aK5ZoEECGuA/F50Yxk0VyYLhZuEn1Sq3kYci6wIiRzF3SfZ7ZLtZhYFTflwgsRPq
kd73npqFeVZPbctC1wplShko328+mXQ9Rskh3YXt41fBU1/VtAQ8YG8cEc2b9j70
BvqgazG6vq8KI8pA4eJDdB90AhIC08906QSEnD7ijFJUUe5ESXBPx4EO6QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFL8ohJk0KIi6b6xVTqvYV9fpKcLyMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvdnlpRW1UUW9pTHB2ckZWT3E5aFgxLWtwd3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACTLUED
BAKTLUADBACTLcEDBAK5Z2QDBAHB6UoDBADB6VADBADB6VUDBADB6aQDBADB6asD
BADB6a8DBAHB6fwwDQYJKoZIhvcNAQELBQADggEBAGGrehuAPHmk4nlMr948JY/j
H7g3IMbVdR4xk+Bj4PBGGLARjKXk+DF+ZUmgffJDq9f31ZMlrtFk/yqkawEY7TwJ
jKayAiynWU1PVplksIRyw9D9Yg2qnbMCVhVdpQ+6m9tA17IXhPakDizs11dvO+MX
6RwiY2bqQ/aYHjJrpqjkJbBrQFYtYojol4fRvnqNOlM45CMK38GxZSjelt3EME6j
pB4EeKli9/5SSpsWWq2g3BTmXpRdBZt8jpAip07xUjDlc7LGMA2egiSQ1DqMCwfb
N6OrM9YO8A/0Ix1bMwQRIo1e8nFppfn41QmIxdtO14U8lkYH3ThyCCdBrOzVBo8=
-----END CERTIFICATE-----
Generated at Tue Jul 16 00:09:57 2024 by rpki-client on console-ams.rpki-client.org