Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/acY-JviGqItVo8iqmgGvml67Ra0.roa
File: acY-JviGqItVo8iqmgGvml67Ra0.roa (raw, json)
Hash identifier: rDnya15QATRJucAEmLD7gHqjY73BDVkwtzXazDvoXSY=
Subject key identifier: 69:C6:3E:26:F8:86:A8:8B:55:A3:C8:AA:9A:01:AF:9A:5E:BB:45:AD
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 01863AF08B68184FEE81A4935A28C63F5B94
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/acY-JviGqItVo8iqmgGvml67Ra0.roa
Signing time: Fri 10 Feb 2023 10:48:08 +0000
ROA not before: Fri 10 Feb 2023 10:48:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205381
IP address blocks: 194.107.229.0/24 maxlen: 24
185.220.58.0/23 maxlen: 23
185.220.57.0/24 maxlen: 24
185.220.56.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
45.88.33.0/24 maxlen: 24
45.88.32.0/24 maxlen: 24
45.88.34.0/24 maxlen: 24
194.110.7.0/24 maxlen: 24
45.88.35.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
2a0c:f587:fffd::/48 maxlen: 48
2a07:86c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:f0:8b:68:18:4f:ee:81:a4:93:5a:28:c6:3f:5b:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Feb 10 10:48:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69c63e26f886a88b55a3c8aa9a01af9a5ebb45ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d6:2d:d7:19:fd:24:cc:84:65:2f:90:ca:14:
64:b4:1a:78:17:76:f6:fd:54:58:9e:03:05:be:b1:
e0:35:32:22:b1:b8:c5:30:be:16:ae:b0:31:cb:f6:
db:b5:2a:84:2c:af:6a:6a:e5:0e:16:33:93:3f:c6:
d8:d3:57:46:40:88:46:98:fe:34:7b:24:5f:7d:d6:
c5:c8:c0:65:f7:0c:7f:79:3c:fd:39:fd:14:58:cb:
99:4f:6e:53:1f:b3:2e:35:14:ab:9e:b9:b2:ba:1b:
e5:0c:5d:2f:5e:f6:d2:88:33:9b:c7:91:a4:88:d7:
8d:43:c3:dc:42:52:5b:2e:0a:29:8a:c1:a1:49:da:
bb:50:c6:60:da:45:56:5a:c5:da:c9:0b:7a:52:3c:
95:5a:3f:31:08:c7:c9:f2:ba:37:e0:ee:37:13:be:
ed:bc:49:17:e4:69:36:ae:c6:c1:80:14:d2:4f:77:
ee:95:57:9c:a8:09:cc:b9:22:96:b0:f3:f2:3d:21:
e9:18:2f:59:c4:35:e9:24:a6:d2:08:47:6a:39:30:
1e:4a:47:d6:5b:cd:01:c6:ca:e6:99:71:62:7c:28:
18:1e:17:0d:57:d1:00:22:2a:8c:66:be:50:40:50:
45:84:a7:32:ff:b0:a8:82:2f:0c:b5:c6:0d:8b:88:
84:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C6:3E:26:F8:86:A8:8B:55:A3:C8:AA:9A:01:AF:9A:5E:BB:45:AD
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/acY-JviGqItVo8iqmgGvml67Ra0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.32.0/22
185.220.56.0/22
194.107.229.0/24
194.110.1.0/24
194.110.7.0/24
194.110.19.0/24
IPv6:
2a07:86c0::/29
2a0c:f587:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
6b:cb:30:4f:75:c6:b7:42:8e:bd:4a:89:01:21:cb:48:1d:51:
1c:3a:6c:18:0d:7e:c9:ef:31:db:45:f7:7e:07:a4:1b:32:cf:
33:f5:21:f8:32:7d:c5:00:f8:cc:f5:bd:f5:60:f3:e1:38:24:
28:db:56:ed:02:6a:dc:30:fa:7c:93:49:4b:e8:c0:7e:be:1b:
27:5b:64:66:d2:d7:f2:72:d4:ae:eb:9f:23:14:1c:81:43:8f:
7b:08:f3:e9:7a:50:05:ce:7b:87:49:42:58:b2:6a:f2:bb:19:
51:d4:3c:83:4f:4b:b3:09:41:4a:c2:9b:c7:02:01:2f:f2:0a:
d8:91:6b:fd:48:bc:40:bb:33:a3:cb:38:0f:9f:2f:ce:20:7e:
4f:b7:4d:79:a3:be:73:00:6a:9b:c1:5a:5a:b2:8b:82:53:e5:
90:44:4f:5f:8e:b9:bc:60:01:96:71:66:55:56:25:01:35:9b:
04:a0:ae:c0:71:b2:4f:cc:53:e3:52:b5:4a:a6:e3:5c:fa:42:
28:75:05:fe:4b:ea:91:96:7e:01:45:9e:6b:df:dc:a0:99:a2:
5a:24:ed:02:f6:5b:da:89:0c:e6:40:b2:da:6a:22:40:b5:e3:
21:5c:21:d8:54:ac:35:c1:4d:42:91:4a:eb:b2:52:69:e1:27:
03:c3:59:65
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYY68ItoGE/ugaSTWijGP1uUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjMwMjEwMTA0ODA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWM2M2UyNmY4ODZhODhiNTVhM2M4YWE5YTAxYWY5YTVlYmI0NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNYt1xn9JMyEZS+QyhRktBp4F3b2
/VRYngMFvrHgNTIisbjFML4WrrAxy/bbtSqELK9qauUOFjOTP8bY01dGQIhGmP40
eyRffdbFyMBl9wx/eTz9Of0UWMuZT25TH7MuNRSrnrmyuhvlDF0vXvbSiDObx5Gk
iNeNQ8PcQlJbLgopisGhSdq7UMZg2kVWWsXayQt6UjyVWj8xCMfJ8ro34O43E77t
vEkX5Gk2rsbBgBTST3fulVecqAnMuSKWsPPyPSHpGC9ZxDXpJKbSCEdqOTAeSkfW
W80BxsrmmXFifCgYHhcNV9EAIiqMZr5QQFBFhKcy/7Cogi8MtcYNi4iEOQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGnGPib4hqiLVaPIqpoBr5peu0WtMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvYWNZLUp2aUdxSXRWbzhpcW1nR3ZtbDY3UmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAqBAIAATAkAwQCLVggAwQC
udw4AwQAwmvlAwQAwm4BAwQAwm4HAwQAwm4TMBYEAgACMBADBQMqB4bAAwcAKgz1
h//9MA0GCSqGSIb3DQEBCwUAA4IBAQBryzBPdca3Qo69SokBIctIHVEcOmwYDX7J
7zHbRfd+B6QbMs8z9SH4Mn3FAPjM9b31YPPhOCQo21btAmrcMPp8k0lL6MB+vhsn
W2Rm0tfyctSu658jFByBQ497CPPpelAFznuHSUJYsmryuxlR1DyDT0uzCUFKwpvH
AgEv8grYkWv9SLxAuzOjyzgPny/OIH5Pt015o75zAGqbwVpasouCU+WQRE9fjrm8
YAGWcWZVViUBNZsEoK7AcbJPzFPjUrVKpuNc+kIodQX+S+qRln4BRZ5r39ygmaJa
JO0C9lvaiQzmQLLaaiJAteMhXCHYVKw1wU1CkUrrslJp4ScDw1ll
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org