Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/a5sQ2hSmxtJKLgkiPMkqVB2LkdM.roa
File: a5sQ2hSmxtJKLgkiPMkqVB2LkdM.roa (raw, json)
Hash identifier: yv/fWV0AUQTpPlLHCuODmzBqYAO5hM+ur07V/Jynq74=
Subject key identifier: 6B:9B:10:DA:14:A6:C6:D2:4A:2E:09:22:3C:C9:2A:54:1D:8B:91:D3
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14E5C2BFEEBA79F602081E0BD1D614
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/a5sQ2hSmxtJKLgkiPMkqVB2LkdM.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
193.231.226.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
217.156.41.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
217.156.92.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.73.0/24 maxlen: 24
80.96.82.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.12.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
193.230.217.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jan 2023 11:58:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e5:c2:bf:ee:ba:79:f6:02:08:1e:0b:d1:d6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b9b10da14a6c6d24a2e09223cc92a541d8b91d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:06:e3:fe:37:26:56:17:97:af:8d:69:66:
4e:c7:21:fc:d1:53:c0:39:46:81:24:d9:4e:1f:4c:
1f:14:b3:54:48:20:c2:82:75:55:25:dc:4b:3f:00:
3a:62:ec:2d:aa:33:29:ae:0d:a0:12:46:a0:69:48:
de:64:37:dc:88:a7:24:b5:4b:3c:46:a5:09:bc:9e:
05:c7:2c:b9:12:ee:79:d7:c1:86:c4:20:fd:5c:d1:
85:52:90:f2:1d:a3:b8:2a:08:02:c8:a6:d0:9a:a8:
f9:50:66:3e:a9:14:51:47:d8:ee:54:73:1a:e5:ec:
78:ff:02:de:35:32:c9:87:9c:60:3c:96:6f:c0:eb:
62:a4:59:6b:6e:da:86:2a:6e:c2:21:9d:b4:6d:07:
9b:13:7c:90:1a:1c:ab:e9:d1:eb:e3:83:ce:b1:20:
05:b9:3f:b8:4a:1f:9f:fe:4e:e0:2f:ea:fa:67:d5:
6e:29:6e:1c:8d:f4:63:80:86:e6:ac:7b:f4:ae:15:
ce:0a:72:81:1a:ce:35:9b:ec:3f:cf:6a:b0:55:97:
10:c1:b9:7b:2c:c5:b4:5f:c4:09:6f:a3:46:0f:ec:
49:3e:66:69:0c:2c:ad:29:64:db:0e:d8:3b:9f:e7:
5b:cc:7a:b0:11:40:95:19:56:0f:23:18:f2:e3:ea:
49:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:9B:10:DA:14:A6:C6:D2:4A:2E:09:22:3C:C9:2A:54:1D:8B:91:D3
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/a5sQ2hSmxtJKLgkiPMkqVB2LkdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.67.0/24
80.96.72.0/23
80.96.79.0/24
80.96.82.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.112.0/24
81.181.128.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.217.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.226.0/23
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
217.156.14.0/24
217.156.41.0/24
217.156.92.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:3b:fb:0e:35:5a:42:43:bb:53:1c:a4:d8:9c:2f:a1:8e:1e:
6b:42:af:a2:0e:8e:d2:22:33:89:25:f4:97:64:1f:0f:5e:18:
22:73:bc:b0:01:c1:19:f4:b0:2d:de:3b:1b:3e:3b:4a:d3:d0:
9f:d7:d5:5d:7a:b4:60:97:fe:13:2d:7f:20:aa:fc:75:c9:38:
be:43:92:91:3f:ad:61:85:a7:20:80:e6:ba:21:bd:88:77:4c:
d6:93:b2:81:c5:59:c2:f5:be:22:ba:15:52:3c:b6:6d:d4:45:
bc:35:1f:49:4a:8a:19:09:0d:cb:4a:a8:93:8c:20:19:c9:90:
c6:6e:f2:29:29:73:c8:15:75:de:1b:53:d3:21:d2:db:09:f2:
49:4b:83:12:05:24:b9:f3:64:07:60:89:95:f9:c3:8e:ce:97:
51:cb:af:0f:a3:cf:ea:04:94:f2:af:d0:b3:b5:32:03:f9:59:
9a:15:c1:0f:06:46:8a:8b:9d:7d:5d:cb:b4:25:fb:77:1d:d2:
b0:82:be:0e:9b:ec:3a:46:07:3d:55:ad:01:8c:0c:a0:44:9f:
81:87:a1:0b:19:6f:a9:36:a7:13:52:c1:8a:f1:c8:2f:ec:6a:
25:ee:fd:cd:64:57:f1:19:8b:e2:aa:7a:17:12:63:16:f0:6d:
42:6f:b6:04
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYVvFOXCv+66efYCCB4L0dYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjliMTBkYTE0YTZjNmQyNGEyZTA5MjIzY2M5MmE1NDFkOGI5MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoV8G4/43JlYXl6+NaWZOxyH80VPA
OUaBJNlOH0wfFLNUSCDCgnVVJdxLPwA6YuwtqjMprg2gEkagaUjeZDfciKcktUs8
RqUJvJ4Fxyy5Eu5518GGxCD9XNGFUpDyHaO4KggCyKbQmqj5UGY+qRRRR9juVHMa
5ex4/wLeNTLJh5xgPJZvwOtipFlrbtqGKm7CIZ20bQebE3yQGhyr6dHr44POsSAF
uT+4Sh+f/k7gL+r6Z9VuKW4cjfRjgIbmrHv0rhXOCnKBGs41m+w/z2qwVZcQwbl7
LMW0X8QJb6NGD+xJPmZpDCytKWTbDtg7n+dbzHqwEUCVGVYPIxjy4+pJaQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFGubENoUpsbSSi4JIjzJKlQdi5HTMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvYTVzUTJoU214dEpLTGdraVBNa3FWQjJMa2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQAUGAMAwQAUGArAwQAUGAvAwQAUGAzAwQAUGBDAwQBUGBIAwQAUGBPAwQAUGBS
AwQAUGDbMAwDBABQYZMDBAFQYZQDBABRtBsDBABRtXADBABRtYADBABRtacDBABR
tfYDBABVeBQDBABVeBcDBADB4nQDBADB4n0DBADB4n8DBADB5p4DBADB5tkDBADB
5uUDBADB50sDBADB52wDBADB57gwDAMEAMHnuwMEAcHnvAMEAcHn4gMEAMHn6QME
AMHn7AMEAMHn7gMEAMHn/AMEAMJmYgMEAMJmhgMEAMJm5QMEAMKZ4AMEANmcDgME
ANmcKQMEANmcXDANBgkqhkiG9w0BAQsFAAOCAQEAWzv7DjVaQkO7Uxyk2JwvoY4e
a0Kvog6O0iIziSX0l2QfD14YInO8sAHBGfSwLd47Gz47StPQn9fVXXq0YJf+Ey1/
IKr8dck4vkOSkT+tYYWnIIDmuiG9iHdM1pOygcVZwvW+IroVUjy2bdRFvDUfSUqK
GQkNy0qok4wgGcmQxm7yKSlzyBV13htT0yHS2wnySUuDEgUkufNkB2CJlfnDjs6X
UcuvD6PP6gSU8q/Qs7UyA/lZmhXBDwZGioudfV3LtCX7dx3SsIK+DpvsOkYHPVWt
AYwMoESfgYehCxlvqTanE1LBivHIL+xqJe79zWRX8RmL4qp6FxJjFvBtQm+2BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org