Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/SQwnvjwY13Z2uK2OIHWm3tjF5Q0.roa
File: SQwnvjwY13Z2uK2OIHWm3tjF5Q0.roa (raw, json)
Hash identifier: qQ8bFitl08AYgGRRELOfgKDlq3wxhVgTdVF6avqKq0g=
Subject key identifier: 49:0C:27:BE:3C:18:D7:76:76:B8:AD:8E:20:75:A6:DE:D8:C5:E5:0D
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018A4746EB168604EBEB26ED3D5C6AE55C51
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/SQwnvjwY13Z2uK2OIHWm3tjF5Q0.roa
Signing time: Wed 30 Aug 2023 16:29:04 +0000
ROA not before: Wed 30 Aug 2023 16:29:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12302
IP address blocks: 193.231.120.0/24 maxlen: 24
193.231.121.0/24 maxlen: 24
193.231.126.0/24 maxlen: 24
194.102.90.0/24 maxlen: 24
81.181.32.0/21 maxlen: 21
80.96.134.0/23 maxlen: 23
81.181.40.0/22 maxlen: 22
81.181.45.0/24 maxlen: 24
81.181.46.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:46:eb:16:86:04:eb:eb:26:ed:3d:5c:6a:e5:5c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Aug 30 16:29:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=490c27be3c18d77676b8ad8e2075a6ded8c5e50d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:29:d3:f1:b5:d4:77:b1:8c:b3:1a:94:08:cb:
fe:5d:b7:e7:ab:be:26:d3:71:65:84:4d:41:05:e8:
91:16:14:0c:bc:16:7d:a9:70:0c:b1:0f:f4:66:a3:
cc:84:af:2f:1f:66:22:3e:76:1f:32:9d:72:9d:c4:
8d:9e:ee:4e:66:61:5d:bd:b0:3e:dc:40:ac:04:d0:
20:81:25:14:33:ba:b0:32:d2:e1:0a:26:ca:37:1a:
74:b7:8a:c5:f1:63:9d:44:2c:d5:64:be:cb:e1:c7:
f5:cc:a7:ff:e0:61:91:e1:3e:f7:5b:d6:58:c9:e9:
43:8c:e7:c7:8b:ad:c6:78:26:86:2a:28:4f:9e:50:
12:b2:19:6a:8e:d0:8b:e8:67:ac:20:70:10:c1:58:
47:22:23:44:f7:67:13:ed:04:12:e2:b9:d3:ef:92:
47:bb:c1:53:3c:31:96:92:eb:74:73:c7:29:a0:67:
e9:a7:6b:20:0d:a6:12:4f:aa:6f:de:1e:c8:22:45:
3e:0f:68:ef:25:74:30:b5:d4:a3:fd:5d:b8:93:88:
4e:5d:c9:6b:80:bd:fd:b4:55:01:bf:10:c7:19:6b:
95:ba:68:91:d1:92:08:df:7d:33:f0:de:72:b8:87:
7b:82:72:55:d3:9c:7b:ad:75:13:93:9e:f6:b1:f2:
07:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0C:27:BE:3C:18:D7:76:76:B8:AD:8E:20:75:A6:DE:D8:C5:E5:0D
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/SQwnvjwY13Z2uK2OIHWm3tjF5Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.134.0/23
81.181.32.0-81.181.43.255
81.181.45.0-81.181.47.255
193.231.120.0/23
193.231.126.0/24
194.102.90.0/24
Signature Algorithm: sha256WithRSAEncryption
33:b0:c8:ca:18:60:f3:1b:6e:9e:09:b2:31:78:a2:61:02:2c:
b2:d0:a0:03:e6:d3:62:2c:e5:6b:6b:d6:a9:6c:16:7c:f3:ad:
1a:20:12:97:89:bb:72:28:67:f5:27:98:15:1e:be:c3:ee:a9:
3c:2c:5b:71:7c:d7:17:b5:0f:56:b0:84:6d:e2:d7:c2:93:2d:
9c:73:c2:aa:93:c7:7c:4c:99:35:da:00:8e:e9:6a:dc:b4:43:
2b:74:32:40:0e:fd:7a:8b:da:e6:52:18:9f:b4:49:5f:fc:5b:
fa:a9:7c:95:ec:7a:c0:04:43:a6:18:bf:05:51:3e:6f:fd:f4:
cd:14:f5:0e:11:ea:92:fe:bb:32:5c:06:f1:39:05:b5:a1:48:
b3:2d:76:9c:ad:73:03:22:01:17:23:b7:ba:f8:db:6b:7f:d7:
fe:64:d6:1d:cc:e0:fe:40:2a:29:cd:a6:a1:31:b4:d5:39:47:
84:3c:11:7a:dc:d7:7e:23:6a:88:e8:7e:ba:56:ca:39:58:4f:
85:db:a8:69:76:8f:17:9f:59:11:c5:f4:5e:36:07:92:a6:03:
8a:91:48:42:3a:52:1e:f1:8d:72:80:3f:38:90:81:ae:94:71:
a0:e2:ee:b3:f5:28:55:3f:46:0f:42:d8:30:16:bb:f9:f2:a2:
e4:9e:c8:cc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYpHRusWhgTr6ybtPVxq5VxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwODMwMTYyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBjMjdiZTNjMThkNzc2NzZiOGFkOGUyMDc1YTZkZWQ4YzVlNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSnT8bXUd7GMsxqUCMv+Xbfnq74m
03FlhE1BBeiRFhQMvBZ9qXAMsQ/0ZqPMhK8vH2YiPnYfMp1yncSNnu5OZmFdvbA+
3ECsBNAggSUUM7qwMtLhCibKNxp0t4rF8WOdRCzVZL7L4cf1zKf/4GGR4T73W9ZY
yelDjOfHi63GeCaGKihPnlASshlqjtCL6GesIHAQwVhHIiNE92cT7QQS4rnT75JH
u8FTPDGWkut0c8cpoGfpp2sgDaYST6pv3h7IIkU+D2jvJXQwtdSj/V24k4hOXclr
gL39tFUBvxDHGWuVumiR0ZII330z8N5yuId7gnJV05x7rXUTk572sfIHowIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFEkMJ748GNd2dritjiB1pt7YxeUNMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvU1F3bnZqd1kxM1oydUsyT0lIV20zdGpGNVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQBUGCGMAwD
BAVRtSADBAJRtSgwDAMEAFG1LQMEBFG1IAMEAcHneAMEAMHnfgMEAMJmWjANBgkq
hkiG9w0BAQsFAAOCAQEAM7DIyhhg8xtungmyMXiiYQIsstCgA+bTYizla2vWqWwW
fPOtGiASl4m7cihn9SeYFR6+w+6pPCxbcXzXF7UPVrCEbeLXwpMtnHPCqpPHfEyZ
NdoAjulq3LRDK3QyQA79eova5lIYn7RJX/xb+ql8lex6wARDphi/BVE+b/30zRT1
DhHqkv67MlwG8TkFtaFIsy12nK1zAyIBFyO3uvjba3/X/mTWHczg/kAqKc2moTG0
1TlHhDwRetzXfiNqiOh+ulbKOVhPhduoaXaPF59ZEcX0XjYHkqYDipFIQjpSHvGN
coA/OJCBrpRxoOLus/UoVT9GD0LYMBa7+fKi5J7IzA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org