Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/yS1tK24NDhesr7Om2tqBK5imrK8.roa
File: yS1tK24NDhesr7Om2tqBK5imrK8.roa (raw, json)
Hash identifier: 7PEtZj0wK7WGEiuRtH6j5LP5VYl3S9B437fHZaonpcA=
Subject key identifier: C9:2D:6D:2B:6E:0D:0E:17:AC:AF:B3:A6:DA:DA:81:2B:98:A6:AC:AF
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0185BFE259FD7B13AA4D02ABA40CF52D1538
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/yS1tK24NDhesr7Om2tqBK5imrK8.roa
Signing time: Tue 17 Jan 2023 13:19:20 +0000
ROA not before: Tue 17 Jan 2023 13:19:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34471
IP address blocks: 185.228.124.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
185.83.132.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
89.40.84.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
46.28.160.0/21 maxlen: 24
91.242.148.0/22 maxlen: 24
176.56.64.0/19 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
185.4.32.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
185.239.160.0/22 maxlen: 24
2a09:eac0::/29 maxlen: 29
2a05:9b00::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
2a02:5fc0::/32 maxlen: 32
2a05:a800::/29 maxlen: 29
2a02:5dc0::/32 maxlen: 32
2a06:3c00::/29 maxlen: 29
2a03:440::/32 maxlen: 32
2a0a:1280::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 17 Jan 2023 16:07:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:e2:59:fd:7b:13:aa:4d:02:ab:a4:0c:f5:2d:15:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jan 17 13:19:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c92d6d2b6e0d0e17acafb3a6dada812b98a6acaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:87:bd:34:94:5d:5b:f1:67:95:ae:23:dc:86:
b7:aa:c7:67:21:0b:36:72:a7:17:a3:17:a6:32:ca:
3c:9c:d5:0a:4e:47:46:77:e0:8b:b7:9b:d4:39:3a:
a8:90:96:02:2a:3d:19:7f:8f:c0:f6:45:c9:d4:36:
62:c2:8a:09:87:5b:38:a0:3c:97:22:4e:a9:7b:c1:
b4:bd:01:ed:d1:a2:28:3c:56:e0:98:97:31:82:ef:
0a:34:98:12:e5:95:07:6d:17:35:4c:4d:d3:ee:b3:
4f:98:d8:e3:4e:da:94:e0:a6:3c:1d:a4:21:e2:6e:
d1:ec:9e:ba:e4:5f:21:ed:f4:6b:43:6c:74:f6:31:
ec:f4:db:35:3d:9f:a4:f5:01:c2:8e:30:44:04:e1:
dd:f4:23:bc:01:66:8f:63:9e:7c:17:98:56:26:5b:
f0:31:81:fd:ee:3f:ae:ef:07:46:1c:e6:ef:61:24:
40:8b:c4:57:9c:9a:92:79:b2:24:29:46:ea:21:a2:
ac:7b:ac:4f:31:f9:37:aa:05:de:a6:c0:9c:79:05:
d5:3b:25:04:fc:ca:a3:de:80:a3:a4:8f:ca:d8:77:
c9:bb:63:ee:8a:5c:1f:8b:08:08:3f:f7:ea:56:0a:
82:23:42:89:a7:2a:c6:8f:5e:5c:a8:96:5e:a8:2c:
df:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:2D:6D:2B:6E:0D:0E:17:AC:AF:B3:A6:DA:DA:81:2B:98:A6:AC:AF
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/yS1tK24NDhesr7Om2tqBK5imrK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.176.0/21
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.176.104.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
2e:c8:d4:03:5e:28:dd:69:61:07:61:af:7d:13:5f:ec:55:ca:
f5:3c:8f:c3:42:0c:7d:c3:7d:85:54:8b:19:46:f1:9a:92:2d:
48:92:f5:8a:70:c9:2f:a8:2f:6a:4c:98:1f:37:bb:3d:12:cd:
53:b6:1e:7c:eb:50:46:45:8b:da:78:fd:27:7f:bb:a0:e0:34:
a4:2e:45:9d:3c:00:38:45:bc:4d:fc:75:d5:f3:89:3f:e3:84:
7d:59:29:a6:77:7e:e6:9e:c3:72:2e:cb:d3:91:b3:ee:98:e6:
6d:50:ae:ea:83:2b:da:0f:15:11:c4:0a:9b:4a:40:fd:ce:b1:
f6:df:37:8d:53:1e:07:b9:95:e8:ea:14:a7:04:74:75:5b:f5:
db:04:26:38:d4:29:f9:4f:f3:07:80:3b:91:e1:2a:8a:c8:e1:
dc:1e:13:21:78:03:f3:ef:19:00:31:c7:42:be:d8:b6:10:bd:
aa:f9:47:b1:f6:c1:f5:a8:0d:21:51:14:f1:58:20:7a:ac:09:
96:2b:ac:a6:a9:fa:0f:61:60:fc:d4:a9:d4:b5:3b:bc:3d:c6:
e9:42:38:3f:65:af:ab:9f:3c:fb:4a:2c:47:89:4b:36:19:75:
41:bd:c5:8a:48:66:c4:0a:cd:34:05:cb:de:ad:99:4d:14:a0:
85:c1:d8:06
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYW/4ln9exOqTQKrpAz1LRU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTE3MTMxOTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTJkNmQyYjZlMGQwZTE3YWNhZmIzYTZkYWRhODEyYjk4YTZhY2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ye9NJRdW/Fnla4j3Ia3qsdnIQs2
cqcXoxemMso8nNUKTkdGd+CLt5vUOTqokJYCKj0Zf4/A9kXJ1DZiwooJh1s4oDyX
Ik6pe8G0vQHt0aIoPFbgmJcxgu8KNJgS5ZUHbRc1TE3T7rNPmNjjTtqU4KY8HaQh
4m7R7J665F8h7fRrQ2x09jHs9Ns1PZ+k9QHCjjBEBOHd9CO8AWaPY558F5hWJlvw
MYH97j+u7wdGHObvYSRAi8RXnJqSebIkKUbqIaKse6xPMfk3qgXepsCceQXVOyUE
/Mqj3oCjpI/K2HfJu2PuilwfiwgIP/fqVgqCI0KJpyrGj15cqJZeqCzffQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFMktbStuDQ4XrK+zptragSuYpqyvMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEveVMxdEsyNE5EaGVzcjdPbTJ0cUJLNWltcks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTBoBAIAATBiAwQDHxmw
AwQDLhygAwQCWShUAwQCW/KUAwQDbesQAwQFsDhAAwQCuQQgAwQCuQVUAwQCuQr4
AwQCuUaYAwQCuVOEAwQCubBoAwQCueR8AwQCue+gMAwDBAHB9poDBAHB9pwwRQQC
AAIwPwMFACoCXcADBQAqAl/AAwUAKgMEQAMFAyoFmwADBQMqBagAAwUDKgY8AAMF
AyoJ6sADBQMqChKAAwUDKgsMQDANBgkqhkiG9w0BAQsFAAOCAQEALsjUA14o3Wlh
B2GvfRNf7FXK9TyPw0IMfcN9hVSLGUbxmpItSJL1inDJL6gvakyYHze7PRLNU7Ye
fOtQRkWL2nj9J3+7oOA0pC5FnTwAOEW8Tfx11fOJP+OEfVkppnd+5p7Dci7L05Gz
7pjmbVCu6oMr2g8VEcQKm0pA/c6x9t83jVMeB7mV6OoUpwR0dVv12wQmONQp+U/z
B4A7keEqisjh3B4TIXgD8+8ZADHHQr7YthC9qvlHsfbB9agNIVEU8VggeqwJlius
pqn6D2Fg/NSp1LU7vD3G6UI4P2Wvq588+0osR4lLNhl1Qb3FikhmxArNNAXL3q2Z
TRSghcHYBg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org