Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/awEMPsVqUIINJg3uDRoOTncWQZg.roa
File: awEMPsVqUIINJg3uDRoOTncWQZg.roa (raw, json)
Hash identifier: RqJVwqkYFPkNEMzpadn8jQ5a1D6U08UcQzwLC7UDTwI=
Subject key identifier: 6B:01:0C:3E:C5:6A:50:82:0D:26:0D:EE:0D:1A:0E:4E:77:16:41:98
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018FE3B1BE566DCCA131237F4143231E410B
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/awEMPsVqUIINJg3uDRoOTncWQZg.roa
Signing time: Tue 04 Jun 2024 14:40:27 +0000
ROA not before: Tue 04 Jun 2024 14:40:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209737
IP address blocks: 93.190.12.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:b1:be:56:6d:cc:a1:31:23:7f:41:43:23:1e:41:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jun 4 14:40:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b010c3ec56a50820d260dee0d1a0e4e77164198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:27:34:0e:aa:92:cf:71:da:0a:82:6e:67:05:
21:79:2f:fb:7e:f8:fd:3f:fb:27:d1:42:5b:c0:6d:
ee:96:3e:45:a7:78:c9:e9:98:69:46:4e:4c:f9:fe:
b0:b8:47:6f:eb:e9:01:89:bd:61:a4:91:4b:b9:38:
71:d8:cf:89:5c:e9:62:9d:12:fb:8d:a3:93:13:eb:
8d:9a:fd:1c:55:f8:91:ac:be:c3:63:14:fb:48:f3:
91:78:f3:00:a4:b8:07:d4:e6:b3:c3:42:61:3d:6e:
22:1b:8b:89:85:41:72:5e:f7:76:95:8e:6a:c8:80:
16:4b:23:b0:d6:33:31:79:7d:70:18:df:21:a3:d1:
49:15:92:92:cc:4e:d4:8f:10:e0:d1:b7:4a:1b:18:
7f:68:c8:73:1f:86:96:e0:ff:8e:3d:22:3c:8a:f5:
a0:70:f8:37:93:6e:c8:04:4c:de:88:43:08:cb:cc:
f3:6f:93:0d:78:03:f4:b6:c7:b4:0a:b4:87:7b:b5:
a8:16:ba:cb:ab:ad:46:ac:2f:a2:23:d3:e7:d9:b8:
ee:c2:b6:55:8f:bc:54:38:92:a3:8c:34:f9:e9:b0:
eb:3f:4a:39:12:8a:14:0b:fb:5c:cd:8c:09:35:03:
79:54:b2:4e:59:27:69:02:ed:de:90:72:47:61:3b:
ba:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:01:0C:3E:C5:6A:50:82:0D:26:0D:EE:0D:1A:0E:4E:77:16:41:98
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/awEMPsVqUIINJg3uDRoOTncWQZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.12.0/24
109.236.51.0/24
160.20.109.0/24
185.86.6.0/24
185.243.181.0/24
185.254.239.0/24
193.160.143.0/24
194.62.54.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b5:3a:b3:50:80:a0:e9:fb:b1:81:5e:e9:df:a4:f5:65:05:
94:cf:19:21:b7:c1:55:fa:5a:c9:03:2a:c2:0c:8a:90:4a:8b:
ba:ee:6a:a6:81:21:79:8a:63:b6:c4:67:ad:ee:1d:35:aa:19:
1f:39:9f:1f:48:ef:82:62:5b:70:67:2b:64:27:42:19:c6:09:
7a:28:ce:29:30:5f:b1:a6:6b:f0:84:d8:3c:f2:02:7a:22:32:
0e:75:b4:8a:c7:c8:04:c0:71:47:6a:72:93:eb:9e:d2:27:3b:
a6:83:4d:b6:a7:9a:0a:86:ae:51:1e:d4:5c:bf:71:9a:2c:e8:
a7:29:0f:ac:40:37:86:30:31:f9:21:cd:eb:87:39:8b:1b:87:
ee:a1:3b:25:1a:53:a5:c4:83:32:c0:c2:e0:c0:d7:e8:23:c4:
e3:ac:a8:5c:ee:d5:d8:31:df:85:a7:34:96:56:8e:61:95:80:
61:bc:52:9d:46:2c:3f:6d:19:04:82:93:49:a0:db:2c:36:ed:
c3:e7:73:f7:38:e2:c1:10:4a:6f:8a:53:7f:0d:f7:01:a0:f1:
ad:5c:0e:a6:5a:4b:9f:61:ab:28:40:b2:0f:f9:46:91:ed:00:
0f:24:da:3a:da:bf:bc:6d:81:38:50:fa:1d:7d:43:95:b2:8e:
5b:87:9c:6d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY/jsb5WbcyhMSN/QUMjHkELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwNjA0MTQ0MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjAxMGMzZWM1NmE1MDgyMGQyNjBkZWUwZDFhMGU0ZTc3MTY0MTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxic0DqqSz3HaCoJuZwUheS/7fvj9
P/sn0UJbwG3ulj5Fp3jJ6ZhpRk5M+f6wuEdv6+kBib1hpJFLuThx2M+JXOlinRL7
jaOTE+uNmv0cVfiRrL7DYxT7SPORePMApLgH1Oazw0JhPW4iG4uJhUFyXvd2lY5q
yIAWSyOw1jMxeX1wGN8ho9FJFZKSzE7UjxDg0bdKGxh/aMhzH4aW4P+OPSI8ivWg
cPg3k27IBEzeiEMIy8zzb5MNeAP0tse0CrSHe7WoFrrLq61GrC+iI9Pn2bjuwrZV
j7xUOJKjjDT56bDrP0o5EooUC/tczYwJNQN5VLJOWSdpAu3ekHJHYTu6JwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGsBDD7FalCCDSYN7g0aDk53FkGYMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvYXdFTVBzVnFVSUlOSmczdURSb09UbmNXUVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAXb4MAwQA
bewzAwQAoBRtAwQAuVYGAwQAufO1AwQAuf7vAwQAwaCPAwQAwj42MA0GCSqGSIb3
DQEBCwUAA4IBAQBwtTqzUICg6fuxgV7p36T1ZQWUzxkht8FV+lrJAyrCDIqQSou6
7mqmgSF5imO2xGet7h01qhkfOZ8fSO+CYltwZytkJ0IZxgl6KM4pMF+xpmvwhNg8
8gJ6IjIOdbSKx8gEwHFHanKT657SJzumg022p5oKhq5RHtRcv3GaLOinKQ+sQDeG
MDH5Ic3rhzmLG4fuoTslGlOlxIMywMLgwNfoI8TjrKhc7tXYMd+FpzSWVo5hlYBh
vFKdRiw/bRkEgpNJoNssNu3D53P3OOLBEEpvilN/DfcBoPGtXA6mWkufYasoQLIP
+UaR7QAPJNo62r+8bYE4UPodfUOVso5bh5xt
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org