Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/oO9q4TV2l7aSXfaFtKx9BQsSDjw.roa
File: oO9q4TV2l7aSXfaFtKx9BQsSDjw.roa (raw, json)
Hash identifier: A2xMAY5CsLtTNeTDeHoww6n7LmQm9Y+Xd9QOgU5vDwQ=
Subject key identifier: A0:EF:6A:E1:35:76:97:B6:92:5D:F6:85:B4:AC:7D:05:0B:12:0E:3C
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 018726FB9CAA8F9D6EFB822E5F1603156C0D
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/oO9q4TV2l7aSXfaFtKx9BQsSDjw.roa
Signing time: Tue 28 Mar 2023 06:50:36 +0000
ROA not before: Tue 28 Mar 2023 06:50:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51175
IP address blocks: 194.29.180.0/22 maxlen: 22
185.101.190.0/24 maxlen: 24
185.101.188.0/22 maxlen: 22
195.110.50.0/23 maxlen: 23
213.5.0.0/21 maxlen: 21
46.148.80.0/20 maxlen: 20
178.219.128.0/20 maxlen: 20
2a00:c020::/32 maxlen: 32
2a03:22c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 24 Apr 2023 07:12:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:26:fb:9c:aa:8f:9d:6e:fb:82:2e:5f:16:03:15:6c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Mar 28 06:50:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0ef6ae1357697b6925df685b4ac7d050b120e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0a:ac:56:5b:ee:78:22:05:b2:1c:cd:17:d1:
b5:42:98:99:98:bd:46:99:2c:d4:ca:ad:fe:14:48:
0a:ea:60:0f:56:de:15:21:19:3e:dc:16:dd:78:0b:
85:38:6b:9c:1c:eb:eb:a9:3b:e7:45:76:dc:63:9c:
a2:31:12:e5:37:05:d8:79:7f:2a:18:ad:44:b4:c5:
fa:71:72:11:b4:3f:7f:ca:16:fe:3f:66:04:d9:09:
b0:28:0a:40:d9:f6:84:1a:b2:61:b4:69:8e:ac:c5:
a8:85:70:88:73:9e:52:e8:05:2b:b8:4b:0c:d7:70:
0a:39:6b:3b:23:4a:be:b2:cb:19:a6:25:03:36:b1:
c7:63:a4:47:62:83:d2:16:34:d4:33:63:7a:7f:f2:
40:d6:68:05:9f:43:7f:a1:5d:66:b5:80:e1:07:c6:
94:8a:6a:c4:74:7f:d2:7d:dd:20:50:33:36:d3:66:
d4:da:8a:e7:5b:93:c0:0c:e5:b7:d8:58:84:ca:24:
3b:77:80:8b:73:60:0e:78:d2:d9:51:e3:6d:60:f7:
85:63:2e:30:e4:76:27:92:09:14:06:a3:14:48:c3:
ff:cc:67:b2:3c:2b:dc:cb:2d:47:5f:3d:12:ec:e7:
7a:3f:ba:f5:3f:a4:7a:05:c6:b0:0f:a3:bc:10:08:
c7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EF:6A:E1:35:76:97:B6:92:5D:F6:85:B4:AC:7D:05:0B:12:0E:3C
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/oO9q4TV2l7aSXfaFtKx9BQsSDjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.80.0/20
178.219.128.0/20
185.101.188.0/22
194.29.180.0/22
195.110.50.0/23
213.5.0.0/21
IPv6:
2a00:c020::/32
2a03:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
77:d3:06:58:d2:72:0a:26:16:d0:4c:00:52:2b:1f:07:87:29:
b6:1e:8c:ee:fd:2c:2f:7f:55:d9:89:11:82:8a:b0:c7:dd:32:
92:2a:d3:62:8d:47:c7:50:d3:49:26:82:5c:72:9e:99:94:76:
5a:da:aa:18:2c:bc:f2:6a:3a:73:dd:b5:6f:3c:90:37:8a:3f:
ad:0b:e6:9f:06:74:0e:dd:e6:2a:d9:0b:0e:bd:fa:58:71:57:
50:da:a8:40:a9:92:ce:6d:dd:d6:32:df:bf:52:3f:6a:52:55:
41:db:1d:2b:71:89:64:7b:f5:4f:94:98:c2:97:d0:59:54:64:
ae:29:86:59:79:c6:1a:77:83:74:b2:10:0c:08:da:27:70:85:
b0:5f:e6:dd:dd:4c:55:f8:3b:e6:2a:15:4f:69:35:84:c1:01:
9b:c5:ad:88:ff:a2:66:5a:b0:45:19:11:61:4a:4e:fd:66:d7:
0e:80:59:18:e7:88:b8:5c:d0:1e:09:30:6a:91:8b:66:ab:9a:
8d:d3:4c:50:5b:80:12:f8:67:b3:91:69:30:89:5b:01:a4:4f:
aa:f3:ed:44:07:61:52:ad:6b:f7:ea:6b:db:e8:e6:7d:cb:a3:
a9:cf:a4:1a:08:aa:c0:ab:4f:a0:1a:89:2e:fb:85:cf:68:91:
29:74:f9:0b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYcm+5yqj51u+4IuXxYDFWwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNWYwY2IwNmE1YTQ3YjRkZGFjN2Y0ZDZkZmQ0NGFiYTRk
MzFmMmUwHhcNMjMwMzI4MDY1MDM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGVmNmFlMTM1NzY5N2I2OTI1ZGY2ODViNGFjN2QwNTBiMTIwZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQqsVlvueCIFshzNF9G1QpiZmL1G
mSzUyq3+FEgK6mAPVt4VIRk+3BbdeAuFOGucHOvrqTvnRXbcY5yiMRLlNwXYeX8q
GK1EtMX6cXIRtD9/yhb+P2YE2QmwKApA2faEGrJhtGmOrMWohXCIc55S6AUruEsM
13AKOWs7I0q+sssZpiUDNrHHY6RHYoPSFjTUM2N6f/JA1mgFn0N/oV1mtYDhB8aU
imrEdH/Sfd0gUDM202bU2ornW5PADOW32FiEyiQ7d4CLc2AOeNLZUeNtYPeFYy4w
5HYnkgkUBqMUSMP/zGeyPCvcyy1HXz0S7Od6P7r1P6R6BcawD6O8EAjHrQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKDvauE1dpe2kl32hbSsfQULEg48MB8GA1UdIwQY
MBaAFE1fDLBqWke03ax/TW39RKuk0x8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2Mt
ZGM4YjUyZTNlYTBhLzEvb085cTRUVjJsN2FTWGZhRnRLeDlCUXNTRGp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9jYjgzMzktY2VlMy00MDM3LWJhY2MtZGM4YjUyZTNlYTBh
LzEvVFY4TXNHcGFSN1Rkckg5TmJmMUVxNlRUSHk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQELpRQAwQE
stuAAwQCuWW8AwQCwh20AwQBw24yAwQD1QUAMBQEAgACMA4DBQAqAMAgAwUAKgMi
wDANBgkqhkiG9w0BAQsFAAOCAQEAd9MGWNJyCiYW0EwAUisfB4cpth6M7v0sL39V
2YkRgoqwx90ykirTYo1Hx1DTSSaCXHKemZR2WtqqGCy88mo6c921bzyQN4o/rQvm
nwZ0Dt3mKtkLDr36WHFXUNqoQKmSzm3d1jLfv1I/alJVQdsdK3GJZHv1T5SYwpfQ
WVRkrimGWXnGGneDdLIQDAjaJ3CFsF/m3d1MVfg75ioVT2k1hMEBm8WtiP+iZlqw
RRkRYUpO/WbXDoBZGOeIuFzQHgkwapGLZquajdNMUFuAEvhns5FpMIlbAaRPqvPt
RAdhUq1r9+pr2+jmfcujqc+kGgiqwKtPoBqJLvuFz2iRKXT5Cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:00 2024 by rpki-client on console-ams.rpki-client.org