Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4Np_kr3Bf5e8a7kNJPBUOk2Ytfk.roa
File: 4Np_kr3Bf5e8a7kNJPBUOk2Ytfk.roa (raw, json)
Hash identifier: 4GLpnztithunvggtlRVOHsB61z6ILLRLm1RH0z9XxlY=
Subject key identifier: E0:DA:7F:92:BD:C1:7F:97:BC:6B:B9:0D:24:F0:54:3A:4D:98:B5:F9
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01869EE5DBF81FA6E7937A88EAF50C5CF34E
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4Np_kr3Bf5e8a7kNJPBUOk2Ytfk.roa
Signing time: Wed 01 Mar 2023 20:38:29 +0000
ROA not before: Wed 01 Mar 2023 20:38:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Mar 2023 09:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9e:e5:db:f8:1f:a6:e7:93:7a:88:ea:f5:0c:5c:f3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 1 20:38:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0da7f92bdc17f97bc6bb90d24f0543a4d98b5f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:4c:f9:f9:62:40:d6:ab:75:ec:5a:30:43:
d6:2b:0a:6e:3d:3a:c3:30:89:df:67:90:cd:c7:c3:
44:4f:4a:57:d4:9b:f5:e1:26:e4:78:a2:db:27:31:
78:3f:b1:ea:d7:4f:91:5e:88:b5:23:1a:43:77:43:
6c:2c:f2:ab:2c:e5:9c:8b:ff:dd:c1:e8:ec:3d:a3:
d9:6b:0f:f8:3c:e0:34:5d:06:d8:15:ee:99:60:58:
8f:77:37:7b:04:c5:b9:7e:34:4b:0b:ef:b1:f2:aa:
02:56:5b:06:50:bc:e7:01:b3:c3:58:57:b3:4d:b1:
cc:07:b3:88:a1:d7:03:9a:cc:36:86:22:05:c1:09:
01:a3:ea:bd:a9:f0:d8:77:bc:ad:34:e2:99:1e:97:
10:c1:13:73:69:89:d3:99:43:ed:57:98:48:65:85:
30:d1:17:16:03:fa:1e:51:91:f5:32:be:5c:cb:f8:
2d:d8:18:b7:db:84:7d:c0:b0:0f:88:81:86:d0:cd:
d6:dc:9d:35:7b:70:21:1d:7c:88:13:ad:92:5e:63:
54:35:e2:4a:e8:3e:3b:5c:40:76:54:f9:81:e3:3a:
3a:1c:07:6a:ca:1e:ce:be:35:1e:dc:c7:68:91:65:
0e:dc:d7:d0:0a:2e:9b:ba:72:e5:16:9d:18:70:3e:
f4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:DA:7F:92:BD:C1:7F:97:BC:6B:B9:0D:24:F0:54:3A:4D:98:B5:F9
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4Np_kr3Bf5e8a7kNJPBUOk2Ytfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.175.0/24
185.184.24.0/24
185.243.181.0/24
185.249.200.0/22
193.35.152.0/24
193.35.155.0/24
193.160.140.0/24
193.223.106.0/24
Signature Algorithm: sha256WithRSAEncryption
50:15:68:bb:19:46:a8:3b:09:43:ef:6f:d4:86:e4:ac:d2:66:
97:f0:63:b7:3e:4c:42:fa:32:b5:8f:93:dc:e2:de:3f:8a:c7:
94:0b:41:93:66:cb:91:52:58:ff:b2:7b:b0:5b:53:5c:65:7c:
cb:a1:be:3a:c4:75:3c:8b:4e:8d:8b:13:95:83:e2:71:38:aa:
1e:cd:87:5d:2e:35:45:71:8d:9f:8b:29:43:86:25:53:4d:cf:
c7:8b:b7:d8:ee:e5:39:db:41:d4:ed:5a:cc:91:d4:54:2c:8a:
ba:29:db:58:07:55:03:0b:ff:7e:ff:c6:c5:79:fd:8f:b2:bf:
49:9b:d1:cf:b0:e6:54:30:f9:8a:e2:f2:ee:fb:ad:e6:d9:e2:
b0:b6:d8:ea:bc:23:dc:2a:50:72:a3:09:82:78:69:7c:01:06:
10:f3:bc:63:7f:21:e5:39:06:a4:c9:95:4d:a5:cd:81:e0:4f:
46:d1:c1:2e:33:05:1a:f0:b0:7c:e0:85:f9:a8:6d:c4:a0:18:
de:6d:bc:9a:a2:e2:d3:09:8c:2b:b1:13:1b:87:bd:ea:c5:bd:
c5:9c:c7:93:dc:ce:8e:8f:f6:a2:af:33:53:90:52:78:8c:08:
36:64:d2:92:39:4b:55:3c:2e:e0:b4:a1:2e:06:06:a0:df:6b:
84:14:48:32
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYae5dv4H6bnk3qI6vUMXPNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMzAxMjAzODI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGRhN2Y5MmJkYzE3Zjk3YmM2YmI5MGQyNGYwNTQzYTRkOThiNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb5M+fliQNardexaMEPWKwpuPTrD
MInfZ5DNx8NET0pX1Jv14SbkeKLbJzF4P7Hq10+RXoi1IxpDd0NsLPKrLOWci//d
wejsPaPZaw/4POA0XQbYFe6ZYFiPdzd7BMW5fjRLC++x8qoCVlsGULznAbPDWFez
TbHMB7OIodcDmsw2hiIFwQkBo+q9qfDYd7ytNOKZHpcQwRNzaYnTmUPtV5hIZYUw
0RcWA/oeUZH1Mr5cy/gt2Bi324R9wLAPiIGG0M3W3J01e3AhHXyIE62SXmNUNeJK
6D47XEB2VPmB4zo6HAdqyh7OvjUe3MdokWUO3NfQCi6bunLlFp0YcD70XQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFODaf5K9wX+XvGu5DSTwVDpNmLX5MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvNE5wX2tyM0JmNWU4YTdrTkpQQlVPazJZdGZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAuVivAwQA
ubgYAwQAufO1AwQCufnIAwQAwSOYAwQAwSObAwQAwaCMAwQAwd9qMA0GCSqGSIb3
DQEBCwUAA4IBAQBQFWi7GUaoOwlD72/UhuSs0maX8GO3PkxC+jK1j5Pc4t4/iseU
C0GTZsuRUlj/snuwW1NcZXzLob46xHU8i06NixOVg+JxOKoezYddLjVFcY2fiylD
hiVTTc/Hi7fY7uU520HU7VrMkdRULIq6KdtYB1UDC/9+/8bFef2Psr9Jm9HPsOZU
MPmK4vLu+63m2eKwttjqvCPcKlByowmCeGl8AQYQ87xjfyHlOQakyZVNpc2B4E9G
0cEuMwUa8LB84IX5qG3EoBjebbyaouLTCYwrsRMbh73qxb3FnMeT3M6Oj/airzNT
kFJ4jAg2ZNKSOUtVPC7gtKEuBgag32uEFEgy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org