Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ORH5q1X00YjufybCEk_Y6VQjo2w.roa
File: ORH5q1X00YjufybCEk_Y6VQjo2w.roa (raw, json)
Hash identifier: naFY5f+e09smx2lRRNyyv9aYunkP0Gv9/tyUZKoG9wM=
Subject key identifier: 39:11:F9:AB:55:F4:D1:88:EE:7F:26:C2:12:4F:D8:E9:54:23:A3:6C
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D6D1337694FED2CC532B2F7426F0
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ORH5q1X00YjufybCEk_Y6VQjo2w.roa
Signing time: Sun 01 Jan 2023 07:55:11 +0000
ROA not before: Sun 01 Jan 2023 07:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211567
IP address blocks: 193.35.153.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Mar 2023 20:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d6:d1:33:76:94:fe:d2:cc:53:2b:2f:74:26:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3911f9ab55f4d188ee7f26c2124fd8e95423a36c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7a:8b:2a:7a:4e:79:74:fd:d8:4c:81:d6:53:
13:6d:ef:0c:68:7d:fc:11:dc:17:52:c3:4e:5a:4d:
63:62:69:23:28:10:5e:b5:64:22:67:44:dd:64:ed:
c6:a9:51:a8:98:cc:ca:b7:8f:e6:ad:1c:63:27:b5:
2f:2d:ba:c4:6e:74:05:8a:81:45:e0:a7:f5:f7:b0:
ea:40:bf:48:0c:4c:e4:0c:4a:7b:7b:70:48:20:2c:
f7:c6:7a:5c:9d:3e:03:94:e8:1d:f6:bf:a8:fa:b4:
44:16:bb:56:2b:8c:d9:c4:65:60:72:ff:0b:33:f9:
29:95:b6:aa:4a:7f:29:9d:fe:6b:e4:d5:4e:5e:bf:
db:85:5f:cf:8a:90:c6:ca:32:00:d0:44:aa:65:17:
b6:49:a8:3f:7a:c9:aa:27:19:67:ac:cf:47:3c:d5:
85:aa:f0:cc:6e:be:6c:68:78:3c:6d:59:43:b5:e7:
18:d3:c9:80:81:9b:66:71:35:11:ad:f0:b4:4f:17:
fd:80:f4:d9:b5:fd:23:a2:ee:33:70:ed:c3:ad:5b:
66:51:88:e1:f3:ab:de:06:2c:41:23:08:5f:a4:ff:
77:75:d3:6d:69:6b:62:10:b8:91:4f:95:24:8a:6a:
39:b8:ba:2b:e3:d5:30:c4:4a:2b:11:be:e2:e5:91:
34:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:11:F9:AB:55:F4:D1:88:EE:7F:26:C2:12:4F:D8:E9:54:23:A3:6C
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/ORH5q1X00YjufybCEk_Y6VQjo2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/24
185.88.173.0/24
193.35.153.0/24
194.62.52.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a4:15:86:ca:76:66:ef:07:d7:68:a6:ae:74:c1:4d:ea:28:
db:1c:17:b1:bb:bd:bd:8b:0a:23:5a:c1:c3:c7:8a:09:ea:06:
16:2c:7a:cb:72:e2:64:8e:8f:d8:23:a0:f8:3b:7b:27:af:e0:
94:1e:1e:60:0b:f9:53:ff:eb:9b:33:a7:50:1d:38:9d:66:3c:
38:9a:21:74:35:bc:3f:bf:56:a0:21:0e:6f:5d:b4:2d:4a:b8:
28:c5:96:4b:c7:ac:37:e2:1c:b2:90:54:f9:95:bf:ca:ab:85:
a9:39:97:58:7d:ed:bf:22:6e:dc:6b:8b:5e:d9:58:fa:a5:cd:
f1:45:30:46:33:6b:6a:5f:5b:96:63:4f:c6:93:28:cd:2c:81:
3d:8b:97:8c:7a:9e:34:06:fd:4b:5e:c4:d2:d1:06:d5:72:70:
ee:ad:59:82:81:05:f7:08:34:87:67:dc:5f:28:37:2d:02:69:
83:73:32:ea:6f:2a:2e:dc:4e:21:87:85:ef:0f:ab:9f:32:bc:
99:74:55:7e:7d:d9:b3:d6:73:6e:2f:9a:f6:70:5b:3a:4a:8c:
19:6e:d7:bc:98:24:02:25:af:af:22:a1:c9:01:2c:26:ea:dd:
e8:dd:92:36:48:ac:1f:97:43:ee:6d:e8:9b:2a:3b:7d:0b:12:
bb:96:e6:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsU9bRM3aU/tLMUysvdCbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTExZjlhYjU1ZjRkMTg4ZWU3ZjI2YzIxMjRmZDhlOTU0MjNhMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXqLKnpOeXT92EyB1lMTbe8MaH38
EdwXUsNOWk1jYmkjKBBetWQiZ0TdZO3GqVGomMzKt4/mrRxjJ7UvLbrEbnQFioFF
4Kf197DqQL9IDEzkDEp7e3BIICz3xnpcnT4DlOgd9r+o+rREFrtWK4zZxGVgcv8L
M/kplbaqSn8pnf5r5NVOXr/bhV/PipDGyjIA0ESqZRe2Sag/esmqJxlnrM9HPNWF
qvDMbr5saHg8bVlDtecY08mAgZtmcTURrfC0Txf9gPTZtf0jou4zcO3DrVtmUYjh
86veBixBIwhfpP93ddNtaWtiELiRT5Ukimo5uLor49UwxEorEb7i5ZE0rwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDkR+atV9NGI7n8mwhJP2OlUI6NsMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvT1JINXExWDAwWWp1ZnliQ0VrX1k2VlFqbzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbewwAwQA
uVitAwQAwSOZAwQAwj40MA0GCSqGSIb3DQEBCwUAA4IBAQAUpBWGynZm7wfXaKau
dMFN6ijbHBexu729iwojWsHDx4oJ6gYWLHrLcuJkjo/YI6D4O3snr+CUHh5gC/lT
/+ubM6dQHTidZjw4miF0Nbw/v1agIQ5vXbQtSrgoxZZLx6w34hyykFT5lb/Kq4Wp
OZdYfe2/Im7ca4te2Vj6pc3xRTBGM2tqX1uWY0/GkyjNLIE9i5eMep40Bv1LXsTS
0QbVcnDurVmCgQX3CDSHZ9xfKDctAmmDczLqbyou3E4hh4XvD6ufMryZdFV+fdmz
1nNuL5r2cFs6SowZbte8mCQCJa+vIqHJASwm6t3o3ZI2SKwfl0PubeibKjt9CxK7
luYJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org