Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/p0LKswYdH6tPhssUWeZeCf_GKbQ.roa
File: p0LKswYdH6tPhssUWeZeCf_GKbQ.roa (raw, json)
Hash identifier: cwRJC/ykGByTHXNMU0o5Lx5j0o3rXHRoKnaNmkHNwXg=
Subject key identifier: A7:42:CA:B3:06:1D:1F:AB:4F:86:CB:14:59:E6:5E:09:FF:C6:29:B4
Certificate issuer: /CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Certificate serial: 018B1D28CF7F5ECEB16CD96A83C69ED5F754
Authority key identifier: B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/p0LKswYdH6tPhssUWeZeCf_GKbQ.roa
Signing time: Wed 11 Oct 2023 05:14:55 +0000
ROA not before: Wed 11 Oct 2023 05:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200590
IP address blocks: 188.94.152.0/23 maxlen: 24
91.147.100.0/22 maxlen: 24
77.240.44.0/22 maxlen: 24
87.255.200.0/23 maxlen: 24
89.223.2.0/24 maxlen: 24
194.76.124.0/22 maxlen: 24
89.223.0.0/24 maxlen: 24
79.143.20.0/22 maxlen: 24
5.188.152.0/22 maxlen: 24
178.238.78.0/23 maxlen: 24
84.252.156.0/22 maxlen: 24
5.188.64.0/22 maxlen: 24
94.126.201.0/24 maxlen: 24
185.97.112.0/22 maxlen: 24
87.255.196.0/22 maxlen: 24
87.255.194.0/23 maxlen: 24
93.190.240.0/22 maxlen: 24
2a06:580::/29 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:28:cf:7f:5e:ce:b1:6c:d9:6a:83:c6:9e:d5:f7:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Validity
Not Before: Oct 11 05:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a742cab3061d1fab4f86cb1459e65e09ffc629b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:cb:4d:d0:54:1b:61:d5:5d:8c:09:46:fb:
bf:f7:67:c3:a9:98:1e:7b:3f:07:07:18:ee:02:07:
c2:3b:e2:3a:74:ae:79:37:4f:1c:55:cd:8e:9c:12:
14:31:c9:27:4a:6e:55:52:3b:67:1e:03:f6:82:8c:
da:9a:58:f8:68:65:24:d9:e6:6c:20:e4:8c:f3:1f:
24:47:ee:ae:4c:8a:ca:e5:8b:59:b2:e7:17:6f:38:
d1:5f:77:74:12:ba:5b:59:e6:0e:41:99:1a:7a:53:
9e:ad:89:6e:2d:33:b5:35:d1:17:d8:58:95:89:b6:
69:1f:bc:95:6b:90:96:e0:b0:74:91:14:74:23:1f:
37:40:cd:25:84:93:ae:21:cb:44:e5:0b:78:b9:1f:
0a:2d:cb:37:3c:18:e2:62:79:95:16:f5:f0:7c:ed:
0c:77:2d:88:06:45:a9:58:c7:c9:3c:6c:94:25:17:
c4:61:ea:21:63:44:89:5e:9b:97:1f:80:a7:cf:34:
a1:b3:58:53:8b:64:cc:4a:2e:54:a7:00:eb:f3:b2:
34:87:d0:7f:31:a1:e2:c5:56:d6:98:fc:cb:56:cb:
0d:2e:27:22:13:31:92:17:91:25:f7:4e:31:b8:f7:
db:66:26:53:b6:a2:be:4d:8e:af:aa:bd:1d:86:19:
2b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:42:CA:B3:06:1D:1F:AB:4F:86:CB:14:59:E6:5E:09:FF:C6:29:B4
X509v3 Authority Key Identifier:
keyid:B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/p0LKswYdH6tPhssUWeZeCf_GKbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.64.0/22
5.188.152.0/22
77.240.44.0/22
79.143.20.0/22
84.252.156.0/22
87.255.194.0-87.255.201.255
89.223.0.0/24
89.223.2.0/24
91.147.100.0/22
93.190.240.0/22
94.126.201.0/24
178.238.78.0/23
185.97.112.0/22
188.94.152.0/23
194.76.124.0/22
IPv6:
2a06:580::/29
Signature Algorithm: sha256WithRSAEncryption
e5:be:d0:0b:98:49:bd:f6:10:c6:9b:bc:b7:e2:bd:4d:05:d8:
47:22:06:54:c4:d4:6e:6d:b0:66:dd:9a:41:16:78:8a:68:37:
71:12:f7:bf:6c:62:25:92:d1:ce:c8:a2:a8:83:1a:6b:00:e6:
d2:45:0e:88:a8:96:2a:d9:2a:a8:db:5b:1d:51:39:d1:58:d7:
d2:66:00:21:1b:1c:bf:f9:ed:93:aa:9e:2c:01:d7:6f:a8:1d:
b7:85:7c:bb:3b:88:66:0c:02:b1:9c:d2:db:97:e8:5b:0e:56:
07:5c:dc:ed:38:a7:9a:90:e0:ba:88:2d:5b:43:91:01:e0:af:
85:6d:2c:9b:61:80:f4:63:1b:19:92:5b:f1:e6:83:10:8d:4f:
1e:d9:7f:48:61:c7:73:6c:29:b6:88:8d:61:dc:de:19:c2:72:
ee:cf:ee:bc:10:b6:ad:cb:d1:89:c4:0b:9f:17:2f:db:e2:92:
f4:a8:eb:ec:69:92:c0:97:16:38:92:2a:24:d8:3c:2d:36:e1:
0e:95:96:2c:39:3e:c6:a8:d0:07:53:c3:16:ad:66:29:27:df:
85:7d:6f:f4:e3:49:cb:3a:03:2d:b8:00:e0:da:76:c6:43:9e:
07:35:5c:04:c4:ab:dd:62:4f:2f:70:73:80:ae:da:e6:64:62:
8e:98:0d:b3
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYsdKM9/Xs6xbNlqg8ae1fdUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwOWZmZjhlOGZmZDhmOGU3ZDlhN2I2NmQxY2M3M2RjMzky
ODFlZjYwHhcNMjMxMDExMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQyY2FiMzA2MWQxZmFiNGY4NmNiMTQ1OWU2NWUwOWZmYzYyOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDHLTdBUG2HVXYwJRvu/92fDqZge
ez8HBxjuAgfCO+I6dK55N08cVc2OnBIUMcknSm5VUjtnHgP2gozamlj4aGUk2eZs
IOSM8x8kR+6uTIrK5YtZsucXbzjRX3d0ErpbWeYOQZkaelOerYluLTO1NdEX2FiV
ibZpH7yVa5CW4LB0kRR0Ix83QM0lhJOuIctE5Qt4uR8KLcs3PBjiYnmVFvXwfO0M
dy2IBkWpWMfJPGyUJRfEYeohY0SJXpuXH4CnzzShs1hTi2TMSi5UpwDr87I0h9B/
MaHixVbWmPzLVssNLiciEzGSF5El904xuPfbZiZTtqK+TY6vqr0dhhkrZwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFKdCyrMGHR+rT4bLFFnmXgn/xim0MB8GA1UdIwQY
MBaAFLCf/46P/Y+OfZp7ZtHMc9w5KB72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTIt
ZTVhNzdmN2E3YWEyLzEvcDBMS3N3WWRINnRQaHNzVVdlWmVDZl9HS2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy84ZmJjN2UtMWY0Ny00ODdjLTgyOTItZTVhNzdmN2E3YWEy
LzEvc0pfX2pvXzlqNDU5bW50bTBjeHozRGtvSHZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAgW8QAME
AgW8mAMEAk3wLAMEAk+PFAMEAlT8nDAMAwQBV//CAwQBV//IAwQAWd8AAwQAWd8C
AwQCW5NkAwQCXb7wAwQAXn7JAwQBsu5OAwQCuWFwAwQBvF6YAwQCwkx8MA0EAgAC
MAcDBQMqBgWAMA0GCSqGSIb3DQEBCwUAA4IBAQDlvtALmEm99hDGm7y34r1NBdhH
IgZUxNRubbBm3ZpBFniKaDdxEve/bGIlktHOyKKogxprAObSRQ6IqJYq2Sqo21sd
UTnRWNfSZgAhGxy/+e2Tqp4sAddvqB23hXy7O4hmDAKxnNLbl+hbDlYHXNztOKea
kOC6iC1bQ5EB4K+FbSybYYD0YxsZklvx5oMQjU8e2X9IYcdzbCm2iI1h3N4ZwnLu
z+68ELaty9GJxAufFy/b4pL0qOvsaZLAlxY4kiok2DwtNuEOlZYsOT7GqNAHU8MW
rWYpJ9+FfW/040nLOgMtuADg2nbGQ54HNVwExKvdYk8vcHOArtrmZGKOmA2z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:58 2024 by rpki-client on console-fra.rpki-client.org