Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/5n9CjhRysicGe9L-yR293GLjgjU.roa
File: 5n9CjhRysicGe9L-yR293GLjgjU.roa (raw, json)
Hash identifier: dDIB6x4sv2Q0wfoLWosriW+9rilSO2PwhXvsG8xViMw=
Subject key identifier: E6:7F:42:8E:14:72:B2:27:06:7B:D2:FE:C9:1D:BD:DC:62:E3:82:35
Certificate issuer: /CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Certificate serial: 01856ED4D2C85C2ED666F1083CD6A2910E8C
Authority key identifier: 00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/5n9CjhRysicGe9L-yR293GLjgjU.roa
Signing time: Sun 01 Jan 2023 19:35:19 +0000
ROA not before: Sun 01 Jan 2023 19:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 193.58.80.0/21 maxlen: 24
160.92.0.0/16 maxlen: 24
193.16.186.0/23 maxlen: 24
193.16.188.0/22 maxlen: 24
193.201.76.0/23 maxlen: 24
192.136.30.0/24 maxlen: 24
89.106.184.0/21 maxlen: 24
193.56.46.0/24 maxlen: 24
2a01:20:6::/48 maxlen: 48
2a01:20:4::/48 maxlen: 48
2a01:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d2:c8:5c:2e:d6:66:f1:08:3c:d6:a2:91:0e:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=007e6b5aa437d3693151502a211496e37d4ae2c5
Validity
Not Before: Jan 1 19:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e67f428e1472b227067bd2fec91dbddc62e38235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e1:f9:ac:bc:bf:ec:07:d9:f5:ee:62:88:4d:
ba:ef:3b:b3:7b:46:2a:b5:29:23:c6:7d:5d:9b:6b:
6e:de:82:6a:18:4b:54:10:52:63:f4:c5:8c:2c:c6:
91:bb:f6:51:e4:cc:e1:6a:57:47:36:ab:85:8e:4d:
d8:69:1d:ec:54:cd:94:c1:0c:e1:29:8c:b9:42:6b:
8a:5c:eb:8e:77:b9:89:34:01:2f:7f:0a:21:a8:6f:
fe:0e:ee:d0:98:4b:cc:df:0c:7c:a8:18:c5:e6:21:
62:36:d7:9a:7d:71:e9:4a:ff:47:ff:c9:80:58:a2:
4a:ef:f0:f0:b7:e8:99:e7:5b:e2:a5:4e:87:d9:9d:
c2:fa:e5:71:85:44:be:95:69:25:0c:0b:8e:06:73:
35:88:5f:b7:01:ec:01:37:fd:e3:17:82:5e:c2:3d:
75:01:12:de:83:c1:16:5a:f1:26:f8:73:f2:97:cf:
05:8c:d9:71:a0:37:43:6a:f8:39:15:8c:0c:61:e1:
a0:1a:8f:fa:db:43:46:e0:aa:d4:4f:5c:23:85:6f:
ed:b4:34:05:40:e8:1b:c4:34:9e:5b:52:02:e3:ec:
8f:85:94:d5:c5:c6:f0:c4:dd:b8:65:50:90:92:79:
22:d9:b1:5b:8c:f3:27:f1:8a:35:ed:bf:e5:ed:05:
75:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:7F:42:8E:14:72:B2:27:06:7B:D2:FE:C9:1D:BD:DC:62:E3:82:35
X509v3 Authority Key Identifier:
keyid:00:7E:6B:5A:A4:37:D3:69:31:51:50:2A:21:14:96:E3:7D:4A:E2:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AH5rWqQ302kxUVAqIRSW431K4sU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/5n9CjhRysicGe9L-yR293GLjgjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/518fab-7606-4832-aa66-5a8c67842389/1/AH5rWqQ302kxUVAqIRSW431K4sU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.184.0/21
160.92.0.0/16
192.136.30.0/24
193.16.186.0-193.16.191.255
193.56.46.0/24
193.58.80.0/21
193.201.76.0/23
IPv6:
2a01:20::/48
2a01:20:4::/48
2a01:20:6::/48
Signature Algorithm: sha256WithRSAEncryption
93:71:4a:c2:7b:bb:35:c4:66:83:cd:38:83:f1:f2:fa:9f:6c:
26:09:68:cd:7d:54:df:ba:9f:29:70:ed:e1:de:5d:bd:2b:db:
13:cc:c1:4e:1d:cf:95:66:26:23:d4:ab:8f:be:e3:39:bd:06:
c7:ba:5d:fd:7f:78:ec:66:b7:c5:5d:85:9a:9d:6b:92:e7:2b:
c3:71:32:41:6b:0a:18:24:fc:57:56:54:9c:d1:25:f9:a6:24:
f9:b0:ab:9c:7d:88:7f:63:a5:d6:4e:7c:28:66:73:ab:5f:a6:
7e:06:33:e7:48:ae:e4:dc:60:3e:df:81:14:65:5a:b6:d1:ef:
ee:af:26:76:0f:75:df:02:de:e3:52:99:25:a9:d8:04:f9:68:
b6:fd:ff:4b:e9:9b:b9:24:69:f3:46:5f:0b:39:81:11:dd:cb:
10:0a:d8:fe:0a:bf:05:0b:95:fc:f7:81:c5:eb:af:78:ae:87:
45:32:ac:83:03:61:71:6e:2b:55:82:fa:33:96:c3:81:02:fc:
d9:ad:a7:23:69:c5:98:68:0f:52:c5:84:f4:b4:33:5c:c2:53:
c5:b3:f5:9c:19:7c:32:a7:16:98:60:26:4a:4e:97:14:f4:ca:
8d:52:9b:3a:17:9b:0e:7e:b7:ed:27:28:8a:a6:0a:37:97:12:
41:9a:02:af
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYVu1NLIXC7WZvEIPNaikQ6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwN2U2YjVhYTQzN2QzNjkzMTUxNTAyYTIxMTQ5NmUzN2Q0
YWUyYzUwHhcNMjMwMTAxMTkzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjdmNDI4ZTE0NzJiMjI3MDY3YmQyZmVjOTFkYmRkYzYyZTM4MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOH5rLy/7AfZ9e5iiE267zuze0Yq
tSkjxn1dm2tu3oJqGEtUEFJj9MWMLMaRu/ZR5MzhaldHNquFjk3YaR3sVM2UwQzh
KYy5QmuKXOuOd7mJNAEvfwohqG/+Du7QmEvM3wx8qBjF5iFiNteafXHpSv9H/8mA
WKJK7/Dwt+iZ51vipU6H2Z3C+uVxhUS+lWklDAuOBnM1iF+3AewBN/3jF4Jewj11
ARLeg8EWWvEm+HPyl88FjNlxoDdDavg5FYwMYeGgGo/620NG4KrUT1wjhW/ttDQF
QOgbxDSeW1IC4+yPhZTVxcbwxN24ZVCQknki2bFbjPMn8Yo17b/l7QV1qQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFOZ/Qo4UcrInBnvS/skdvdxi44I1MB8GA1UdIwQY
MBaAFAB+a1qkN9NpMVFQKiEUluN9SuLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYt
NWE4YzY3ODQyMzg5LzEvNW45Q2poUnlzaWNHZTlMLXlSMjkzR0xqZ2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MThmYWItNzYwNi00ODMyLWFhNjYtNWE4YzY3ODQyMzg5
LzEvQUg1cldxUTMwMmt4VVZBcUlSU1c0MzFLNHNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDA3BAIAATAxAwQDWWq4AwMA
oFwDBADAiB4wDAMEAcEQugMEBsEQgAMEAME4LgMEA8E6UAMEAcHJTDAhBAIAAjAb
AwcAKgEAIAAAAwcAKgEAIAAEAwcAKgEAIAAGMA0GCSqGSIb3DQEBCwUAA4IBAQCT
cUrCe7s1xGaDzTiD8fL6n2wmCWjNfVTfup8pcO3h3l29K9sTzMFOHc+VZiYj1KuP
vuM5vQbHul39f3jsZrfFXYWanWuS5yvDcTJBawoYJPxXVlSc0SX5piT5sKucfYh/
Y6XWTnwoZnOrX6Z+BjPnSK7k3GA+34EUZVq20e/uryZ2D3XfAt7jUpklqdgE+Wi2
/f9L6Zu5JGnzRl8LOYER3csQCtj+Cr8FC5X894HF6694rodFMqyDA2FxbitVgvoz
lsOBAvzZracjacWYaA9SxYT0tDNcwlPFs/WcGXwypxaYYCZKTpcU9MqNUps6F5sO
frftJyiKpgo3lxJBmgKv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:07 2024 by rpki-client on console-ams.rpki-client.org