Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qOdwg2vhYviocnXtfpL5jyvAD04.roa
File: qOdwg2vhYviocnXtfpL5jyvAD04.roa (raw, json)
Hash identifier: uqSUuXmFf/j5d3ed7/cXIgjRc8H0eDwoLjS9LA6UPG8=
Subject key identifier: A8:E7:70:83:6B:E1:62:F8:A8:72:75:ED:7E:92:F9:8F:2B:C0:0F:4E
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A93CEEEC53556B84836002CABF80A85
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qOdwg2vhYviocnXtfpL5jyvAD04.roa
Signing time: Sat 25 Mar 2023 21:01:47 +0000
ROA not before: Sat 25 Mar 2023 21:01:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207710
IP address blocks: 194.28.158.0/24 maxlen: 24
194.28.156.0/24 maxlen: 24
194.104.4.0/24 maxlen: 24
212.69.132.0/24 maxlen: 24
185.177.78.0/23 maxlen: 24
194.104.6.0/24 maxlen: 24
194.104.5.0/24 maxlen: 24
212.69.134.0/24 maxlen: 24
212.69.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 Jun 2023 15:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:93:ce:ee:c5:35:56:b8:48:36:00:2c:ab:f8:0a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:01:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8e770836be162f8a87275ed7e92f98f2bc00f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2b:95:93:07:56:f3:df:74:68:6f:0f:34:3f:
73:54:a7:98:4b:fb:a8:84:6c:9d:76:67:9a:39:98:
fd:5c:53:12:8b:ed:41:dc:27:79:46:bd:68:8d:1f:
1a:25:eb:78:64:d8:56:17:5d:1f:09:5b:70:28:f9:
a4:5a:3e:94:6b:95:67:34:28:59:e9:c3:3f:6b:99:
d1:9a:41:2b:19:00:9f:69:54:05:29:9b:ef:d8:a2:
98:78:34:85:4c:37:b6:8e:6d:2c:31:8d:c9:0f:68:
6c:eb:29:b4:47:30:10:f1:9a:ad:4d:45:ff:24:95:
b1:52:89:39:8a:cc:29:57:ed:39:18:44:05:b5:bf:
7c:82:ce:d0:a3:85:5b:3b:d8:9e:57:fa:23:41:5d:
ea:04:e8:53:c7:55:63:9c:6f:78:03:b9:60:f3:4b:
d2:8e:85:1f:da:aa:1e:4d:52:dd:0e:f9:3e:09:ea:
1f:c2:b4:6b:4f:fb:7b:8c:c0:f8:14:d3:17:73:aa:
b5:1d:0c:2c:45:db:82:e8:35:f7:15:d6:4c:fa:24:
6e:1f:13:97:59:95:40:bc:ff:cc:97:5d:62:f7:61:
ab:19:2f:9c:79:97:40:ea:6a:9c:3d:73:a5:bc:e5:
7b:50:7d:55:d0:e7:dd:93:03:77:96:28:9d:42:ae:
e0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E7:70:83:6B:E1:62:F8:A8:72:75:ED:7E:92:F9:8F:2B:C0:0F:4E
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/qOdwg2vhYviocnXtfpL5jyvAD04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.78.0/23
194.28.156.0/24
194.28.158.0/24
194.104.4.0-194.104.6.255
212.69.132.0-212.69.134.255
Signature Algorithm: sha256WithRSAEncryption
8c:fa:00:ab:0d:de:df:85:7f:7a:6c:ba:76:1a:8f:25:10:50:
56:af:fa:73:8f:4b:a5:40:71:8d:6c:83:23:07:14:fc:0b:d2:
a4:7d:2c:68:26:1c:aa:30:07:11:f4:21:c3:12:4b:8e:bb:54:
3e:5d:61:2e:80:75:0f:06:70:bb:36:53:83:4a:95:c9:17:6b:
57:e7:46:15:b6:b1:35:59:b6:0c:45:7c:a0:9d:67:49:0d:c9:
5c:e5:38:7f:21:7e:3e:88:fd:bb:4a:78:80:ca:b5:a2:00:d0:
b4:ce:80:b6:3d:bd:4d:7b:6f:05:ff:1d:ab:39:6f:be:61:80:
f0:bc:2f:c2:16:c5:fe:0c:e7:4f:bf:b5:7a:25:7e:a1:27:b3:
9d:70:35:5e:70:e5:2f:aa:85:f0:94:c5:bc:94:d2:ca:43:eb:
f8:15:b7:61:a5:51:99:41:50:6b:00:ec:5d:fc:23:fe:90:ff:
01:72:6a:f7:59:7e:6a:12:00:46:0a:7b:01:3b:6b:c8:c4:bc:
fa:d3:cd:00:5e:c6:f4:81:1e:79:a0:08:8a:83:b4:0b:73:33:
0b:e5:60:3f:58:e1:b7:51:3e:12:38:30:25:71:39:90:e3:84:
64:37:0c:e7:1f:97:54:c1:3f:7b:df:be:3a:d9:2a:f0:11:84:
b0:73:c5:c3
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYcak87uxTVWuEg2ACyr+AqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU3NzA4MzZiZTE2MmY4YTg3Mjc1ZWQ3ZTkyZjk4ZjJiYzAwZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiuVkwdW8990aG8PND9zVKeYS/uo
hGyddmeaOZj9XFMSi+1B3Cd5Rr1ojR8aJet4ZNhWF10fCVtwKPmkWj6Ua5VnNChZ
6cM/a5nRmkErGQCfaVQFKZvv2KKYeDSFTDe2jm0sMY3JD2hs6ym0RzAQ8ZqtTUX/
JJWxUok5iswpV+05GEQFtb98gs7Qo4VbO9ieV/ojQV3qBOhTx1VjnG94A7lg80vS
joUf2qoeTVLdDvk+CeofwrRrT/t7jMD4FNMXc6q1HQwsRduC6DX3FdZM+iRuHxOX
WZVAvP/Ml11i92GrGS+ceZdA6mqcPXOlvOV7UH1V0OfdkwN3liidQq7gwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKjncINr4WL4qHJ17X6S+Y8rwA9OMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvcU9kd2cydmhZdmlvY25YdGZwTDVqeXZBRDA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBubFOAwQA
whycAwQAwhyeMAwDBALCaAQDBADCaAYwDAMEAtRFhAMEANRFhjANBgkqhkiG9w0B
AQsFAAOCAQEAjPoAqw3e34V/emy6dhqPJRBQVq/6c49LpUBxjWyDIwcU/AvSpH0s
aCYcqjAHEfQhwxJLjrtUPl1hLoB1DwZwuzZTg0qVyRdrV+dGFbaxNVm2DEV8oJ1n
SQ3JXOU4fyF+Poj9u0p4gMq1ogDQtM6Atj29TXtvBf8dqzlvvmGA8LwvwhbF/gzn
T7+1eiV+oSeznXA1XnDlL6qF8JTFvJTSykPr+BW3YaVRmUFQawDsXfwj/pD/AXJq
91l+ahIARgp7ATtryMS8+tPNAF7G9IEeeaAIioO0C3MzC+VgP1jht1E+EjgwJXE5
kOOEZDcM5x+XVME/e9++Otkq8BGEsHPFww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org