Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/tFy3oPngoux9W3eKv_zvx_Eh9h4.roa
File: tFy3oPngoux9W3eKv_zvx_Eh9h4.roa (raw, json)
Hash identifier: W4TX9A5CBkv5w+fSdkQTZR8yptOPmogGnB4F2GPj0LQ=
Subject key identifier: B4:5C:B7:A0:F9:E0:A2:EC:7D:5B:77:8A:BF:FC:EF:C7:F1:21:F6:1E
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0186A18FEDB93C52DE8F042A5D4465079AE9
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/tFy3oPngoux9W3eKv_zvx_Eh9h4.roa
Signing time: Thu 02 Mar 2023 09:03:29 +0000
ROA not before: Thu 02 Mar 2023 09:03:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209371
IP address blocks: 193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:8f:ed:b9:3c:52:de:8f:04:2a:5d:44:65:07:9a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Mar 2 09:03:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b45cb7a0f9e0a2ec7d5b778abffcefc7f121f61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:54:0f:bd:28:9e:1d:26:f9:b8:33:be:84:41:
6f:0f:47:0c:f8:58:a7:fd:85:0b:8b:73:3d:ac:80:
23:36:cb:34:ec:52:fa:b5:77:f0:de:f0:90:47:91:
7d:c5:d1:de:3b:88:a0:4f:7a:fa:6c:1b:0a:5a:cc:
87:4a:f8:b3:76:41:e7:10:4c:ce:c7:4c:da:f6:35:
9c:ed:d4:9f:6d:be:d3:7c:f1:b6:91:af:3f:27:e0:
ef:12:68:4c:5f:77:9b:da:47:9a:69:d5:f1:84:9f:
07:ad:8e:be:34:b3:ed:4b:8e:8d:20:ab:d2:7f:c0:
0e:9d:d5:27:f5:a1:b6:e6:23:8c:3b:ab:f7:83:2e:
fa:fe:9b:60:c9:11:30:a7:bb:6f:cd:c4:af:bd:df:
4e:84:f3:a5:1b:f3:98:36:60:0e:f1:d7:33:89:27:
3a:a7:84:8a:e3:d4:0f:35:f3:22:ed:b8:f8:d4:f8:
6a:3d:8e:e7:41:55:44:bd:96:f3:6a:ae:bb:31:18:
12:f4:9c:94:44:04:ab:98:53:aa:fd:2e:ab:c6:78:
46:1d:16:73:d8:6a:ea:34:8d:4a:e2:3d:bb:20:2a:
a6:8b:b5:34:a0:5b:46:00:8a:39:a8:ad:2e:0b:3c:
b9:ec:3a:26:12:44:e1:de:87:d0:a3:12:1a:9a:16:
54:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:5C:B7:A0:F9:E0:A2:EC:7D:5B:77:8A:BF:FC:EF:C7:F1:21:F6:1E
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/tFy3oPngoux9W3eKv_zvx_Eh9h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.175.0/24
185.184.24.0/24
185.243.181.0/24
185.249.200.0/23
185.249.203.0/24
193.35.152.0/24
193.35.155.0/24
193.160.140.0/24
193.223.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:3a:a9:27:75:96:8c:56:64:64:3f:67:57:30:21:55:4f:19:
46:7a:1d:fe:90:b5:b9:07:dd:83:e4:2b:f4:fd:21:ad:d4:43:
ae:b1:b0:2e:82:c5:19:4d:c2:7f:ba:30:d8:27:0c:ff:99:34:
21:0d:8a:ca:dd:59:72:0f:aa:b6:d0:86:67:79:37:eb:98:1c:
19:42:28:da:fe:dd:e7:47:21:ed:87:4a:46:24:81:44:e8:db:
d4:34:8b:37:1d:b0:ee:c6:ec:0c:31:7c:95:5f:d2:ed:1e:d7:
a0:e6:61:8b:5a:af:15:34:c8:30:1a:c1:a9:b9:4b:1a:c5:03:
be:3f:4a:02:7e:cf:ba:86:7f:71:32:9f:81:92:9f:4c:ab:7b:
17:f5:ff:9b:27:21:5b:44:71:88:ea:b0:d4:e0:5b:d7:cc:3e:
6b:02:15:72:2b:93:a5:51:3d:50:29:8b:fd:b8:a4:3f:5d:89:
9e:80:7e:89:29:db:3d:a7:9f:6c:2c:9b:19:a4:73:65:58:0c:
71:c6:36:c6:0d:7f:66:de:0e:c7:0c:66:53:19:48:bd:4e:29:
6f:63:13:34:14:8d:74:38:2d:cc:7c:6d:d1:5a:44:03:0f:7e:
f9:1a:b3:ed:bd:a8:f6:70:a7:23:95:e7:78:53:da:01:55:1a:
2b:73:32:db
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYahj+25PFLejwQqXURlB5rpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMzAyMDkwMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDVjYjdhMGY5ZTBhMmVjN2Q1Yjc3OGFiZmZjZWZjN2YxMjFmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFQPvSieHSb5uDO+hEFvD0cM+Fin
/YULi3M9rIAjNss07FL6tXfw3vCQR5F9xdHeO4igT3r6bBsKWsyHSvizdkHnEEzO
x0za9jWc7dSfbb7TfPG2ka8/J+DvEmhMX3eb2keaadXxhJ8HrY6+NLPtS46NIKvS
f8AOndUn9aG25iOMO6v3gy76/ptgyREwp7tvzcSvvd9OhPOlG/OYNmAO8dcziSc6
p4SK49QPNfMi7bj41PhqPY7nQVVEvZbzaq67MRgS9JyURASrmFOq/S6rxnhGHRZz
2GrqNI1K4j27ICqmi7U0oFtGAIo5qK0uCzy57DomEkTh3ofQoxIamhZU1wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLRct6D54KLsfVt3ir/878fxIfYeMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvdEZ5M29QbmdvdXg5VzNlS3ZfenZ4X0VoOWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAuVivAwQA
ubgYAwQAufO1AwQBufnIAwQAufnLAwQAwSOYAwQAwSObAwQAwaCMAwQAwd9qMA0G
CSqGSIb3DQEBCwUAA4IBAQCnOqkndZaMVmRkP2dXMCFVTxlGeh3+kLW5B92D5Cv0
/SGt1EOusbAugsUZTcJ/ujDYJwz/mTQhDYrK3VlyD6q20IZneTfrmBwZQija/t3n
RyHth0pGJIFE6NvUNIs3HbDuxuwMMXyVX9LtHteg5mGLWq8VNMgwGsGpuUsaxQO+
P0oCfs+6hn9xMp+Bkp9Mq3sX9f+bJyFbRHGI6rDU4FvXzD5rAhVyK5OlUT1QKYv9
uKQ/XYmegH6JKds9p59sLJsZpHNlWAxxxjbGDX9m3g7HDGZTGUi9TilvYxM0FI10
OC3MfG3RWkQDD375GrPtvaj2cKcjled4U9oBVRorczLb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org