Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/AiNiFTHehQnV7P5dLV6ofbo7JfM.roa
File: AiNiFTHehQnV7P5dLV6ofbo7JfM.roa (raw, json)
Hash identifier: 66Qyv7tt/r9RQSnBsEAJQyAR8aESLNIe06BnZMzJD4I=
Subject key identifier: 02:23:62:15:31:DE:85:09:D5:EC:FE:5D:2D:5E:A8:7D:BA:3B:25:F3
Certificate issuer: /CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Certificate serial: 01856EC232560F04B503EDD659EF6474A29C
Authority key identifier: B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/AiNiFTHehQnV7P5dLV6ofbo7JfM.roa
Signing time: Sun 01 Jan 2023 19:14:58 +0000
ROA not before: Sun 01 Jan 2023 19:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 188.94.152.0/23 maxlen: 24
77.240.44.0/22 maxlen: 24
87.255.200.0/23 maxlen: 24
89.223.2.0/24 maxlen: 24
194.76.124.0/22 maxlen: 24
89.223.0.0/24 maxlen: 24
79.143.20.0/22 maxlen: 24
5.188.152.0/22 maxlen: 24
178.238.78.0/23 maxlen: 24
84.252.156.0/22 maxlen: 24
5.188.64.0/22 maxlen: 24
94.126.201.0/24 maxlen: 24
185.97.112.0/22 maxlen: 24
87.255.196.0/22 maxlen: 24
87.255.194.0/23 maxlen: 24
93.190.240.0/22 maxlen: 24
2a06:580::/29 maxlen: 40
Validation: Failed, certificate revoked on Wed 11 Oct 2023 05:14:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:32:56:0f:04:b5:03:ed:d6:59:ef:64:74:a2:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Validity
Not Before: Jan 1 19:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0223621531de8509d5ecfe5d2d5ea87dba3b25f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:65:b3:cd:ed:e5:b9:fb:2e:c0:82:be:2f:b9:
35:e0:61:08:a2:ea:80:b4:be:5e:38:02:36:78:be:
d1:35:ca:e7:74:e4:e2:14:fa:be:41:8a:04:ae:bc:
00:36:72:65:99:2a:5f:0f:c3:61:09:4e:91:7f:79:
c0:cc:d8:00:56:47:aa:8b:27:f8:fb:0d:a3:ab:f3:
51:7c:50:bc:55:c0:f7:f6:a4:4e:b5:d4:73:73:d6:
06:04:dd:6e:23:77:3f:81:27:72:6a:78:3c:89:4e:
d0:f1:66:97:e5:b2:e2:87:1f:20:b4:eb:c9:eb:15:
b0:99:2a:1a:17:63:d3:b7:50:bb:a5:2c:b3:62:96:
ca:52:fb:b2:c9:56:d5:bc:00:d2:93:00:c2:a6:54:
06:f9:c2:78:d9:b7:3b:f4:28:27:75:c6:53:af:87:
ab:30:ce:a5:8c:71:ff:39:b6:1f:23:3e:cd:23:76:
ab:0b:68:b1:3b:ab:9b:44:7a:55:56:91:c2:ee:b4:
9f:4e:4d:51:f7:c8:48:46:9a:2b:54:af:50:fb:e2:
69:1d:e7:8f:d4:7f:93:28:1c:52:90:f8:2b:ea:73:
a2:c8:e4:3b:d9:65:68:0a:e1:41:60:60:cd:83:e3:
62:18:b9:3b:ea:74:58:f0:29:77:4b:19:50:49:44:
06:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:23:62:15:31:DE:85:09:D5:EC:FE:5D:2D:5E:A8:7D:BA:3B:25:F3
X509v3 Authority Key Identifier:
keyid:B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/AiNiFTHehQnV7P5dLV6ofbo7JfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.64.0/22
5.188.152.0/22
77.240.44.0/22
79.143.20.0/22
84.252.156.0/22
87.255.194.0-87.255.201.255
89.223.0.0/24
89.223.2.0/24
93.190.240.0/22
94.126.201.0/24
178.238.78.0/23
185.97.112.0/22
188.94.152.0/23
194.76.124.0/22
IPv6:
2a06:580::/29
Signature Algorithm: sha256WithRSAEncryption
8e:d9:c1:c4:fc:4e:03:e0:de:86:ad:cb:f9:7c:0e:20:fc:55:
a7:09:2f:b7:97:d3:9c:a4:d8:8d:2a:71:33:78:91:8c:3f:14:
98:3a:5b:7e:e8:85:af:85:63:29:dd:21:9a:b5:52:60:fb:25:
76:1f:41:d1:29:89:ac:27:3e:bb:64:70:90:03:9f:f7:a9:64:
c9:df:0c:f5:82:6a:82:4f:52:e5:82:a8:ae:cc:df:b9:9d:3e:
1e:72:6f:96:7a:f0:58:b8:a3:8c:db:c0:b9:df:52:33:19:2f:
49:12:19:a1:1f:e7:b2:96:47:7d:bd:5b:a4:04:c1:b4:98:92:
c4:0c:f2:e6:5f:50:ed:dd:b0:56:77:db:ba:1e:0a:6e:28:f4:
d1:20:6c:f4:2d:7e:c7:b6:4f:33:d1:49:3d:08:26:72:7b:50:
ca:0a:c2:91:39:49:ae:00:fc:2c:a0:d9:40:48:18:41:68:13:
bc:a8:04:70:36:5a:8a:99:5a:c0:1f:36:2d:a9:d0:7b:7c:ed:
6e:2c:ef:78:73:36:98:c6:27:9a:a0:fa:b4:1c:23:74:b5:f3:
09:a9:ae:39:28:63:5a:b7:e3:32:e3:cb:f1:e1:90:cf:d4:1b:
17:3e:98:57:5b:5b:56:12:9d:22:ba:2f:62:7d:f0:98:76:38:
a1:ad:bb:9f
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYVuwjJWDwS1A+3WWe9kdKKcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwOWZmZjhlOGZmZDhmOGU3ZDlhN2I2NmQxY2M3M2RjMzky
ODFlZjYwHhcNMjMwMTAxMTkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjIzNjIxNTMxZGU4NTA5ZDVlY2ZlNWQyZDVlYTg3ZGJhM2IyNWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22Wzze3lufsuwIK+L7k14GEIouqA
tL5eOAI2eL7RNcrndOTiFPq+QYoErrwANnJlmSpfD8NhCU6Rf3nAzNgAVkeqiyf4
+w2jq/NRfFC8VcD39qROtdRzc9YGBN1uI3c/gSdyang8iU7Q8WaX5bLihx8gtOvJ
6xWwmSoaF2PTt1C7pSyzYpbKUvuyyVbVvADSkwDCplQG+cJ42bc79CgndcZTr4er
MM6ljHH/ObYfIz7NI3arC2ixO6ubRHpVVpHC7rSfTk1R98hIRporVK9Q++JpHeeP
1H+TKBxSkPgr6nOiyOQ72WVoCuFBYGDNg+NiGLk76nRY8Cl3SxlQSUQGowIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFAIjYhUx3oUJ1ez+XS1eqH26OyXzMB8GA1UdIwQY
MBaAFLCf/46P/Y+OfZp7ZtHMc9w5KB72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTIt
ZTVhNzdmN2E3YWEyLzEvQWlOaUZUSGVoUW5WN1A1ZExWNm9mYm83SmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTItZTVhNzdmN2E3YWEy
LzEvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEAgW8QAME
AgW8mAMEAk3wLAMEAk+PFAMEAlT8nDAMAwQBV//CAwQBV//IAwQAWd8AAwQAWd8C
AwQCXb7wAwQAXn7JAwQBsu5OAwQCuWFwAwQBvF6YAwQCwkx8MA0EAgACMAcDBQMq
BgWAMA0GCSqGSIb3DQEBCwUAA4IBAQCO2cHE/E4D4N6Grcv5fA4g/FWnCS+3l9Oc
pNiNKnEzeJGMPxSYOlt+6IWvhWMp3SGatVJg+yV2H0HRKYmsJz67ZHCQA5/3qWTJ
3wz1gmqCT1LlgqiuzN+5nT4ecm+WevBYuKOM28C531IzGS9JEhmhH+eylkd9vVuk
BMG0mJLEDPLmX1Dt3bBWd9u6HgpuKPTRIGz0LX7Htk8z0Uk9CCZye1DKCsKROUmu
APwsoNlASBhBaBO8qARwNlqKmVrAHzYtqdB7fO1uLO94czaYxieaoPq0HCN0tfMJ
qa45KGNat+My48vx4ZDP1BsXPphXW1tWEp0iui9iffCYdjihrbuf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:58 2024 by rpki-client on console-fra.rpki-client.org