Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/AgAJ0531w8NIc0i-0EhI8KZ7y9U.roa
File: AgAJ0531w8NIc0i-0EhI8KZ7y9U.roa (raw, json)
Hash identifier: 0OD/H7iKewzC0yEZocGhr21uTNemsYnl2CaTFBYf2tU=
Subject key identifier: 02:00:09:D3:9D:F5:C3:C3:48:73:48:BE:D0:48:48:F0:A6:7B:CB:D5
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 0185710BEE8F79B77E8D8B9D862CA01583DD
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/AgAJ0531w8NIc0i-0EhI8KZ7y9U.roa
Signing time: Mon 02 Jan 2023 05:54:45 +0000
ROA not before: Mon 02 Jan 2023 05:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41343
IP address blocks: 213.181.70.0/24 maxlen: 24
213.181.71.0/24 maxlen: 24
89.29.192.0/24 maxlen: 24
89.29.192.0/21 maxlen: 21
89.29.195.0/24 maxlen: 24
89.29.194.0/24 maxlen: 24
89.29.193.0/24 maxlen: 24
89.29.199.0/24 maxlen: 24
89.29.198.0/24 maxlen: 24
89.29.197.0/24 maxlen: 24
89.29.196.0/24 maxlen: 24
89.29.202.0/24 maxlen: 24
89.29.200.0/23 maxlen: 23
89.29.205.0/24 maxlen: 24
89.29.204.0/24 maxlen: 24
89.29.226.0/24 maxlen: 24
89.29.228.0/24 maxlen: 24
89.29.227.0/24 maxlen: 24
185.40.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0b:ee:8f:79:b7:7e:8d:8b:9d:86:2c:a0:15:83:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 05:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=020009d39df5c3c3487348bed04848f0a67bcbd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4c:e4:8c:75:3d:e6:4e:ba:05:d9:81:3f:e0:
ac:93:ea:6f:8b:27:2c:bb:08:0a:f4:09:75:d2:58:
72:33:8a:f1:f0:2c:55:74:fe:23:25:8d:65:90:57:
1a:c5:47:b9:0c:89:f8:e6:46:13:d4:43:78:f2:76:
da:e9:14:ba:38:c4:02:52:dd:f9:c2:f5:bf:22:a4:
7e:d3:27:8d:34:1b:c6:df:25:ca:2b:31:93:51:ce:
c8:76:62:ab:01:9e:79:01:78:44:dd:57:f8:ea:7e:
46:29:54:4b:45:ac:22:21:1c:55:30:16:a1:05:bf:
69:5e:a6:37:d0:bb:5e:5e:14:69:5c:4b:0a:10:7d:
e3:91:6e:f6:39:29:fa:22:1d:da:06:b6:fe:1c:b8:
bc:ad:9b:7e:80:b8:60:35:fb:10:e6:26:d3:36:f5:
e4:66:9f:91:dc:96:93:c8:5f:e8:d3:6f:28:25:9d:
7d:45:1c:6d:e9:30:c9:34:ea:e9:1d:43:b8:25:0a:
2a:8f:73:a6:5b:9d:ee:1c:c5:79:ab:43:ea:14:17:
6e:75:d0:bf:bd:9a:14:e6:63:1c:55:1e:57:5a:7d:
b8:b2:0d:44:85:68:71:18:85:bd:1d:8f:25:fc:8a:
43:ba:4d:19:ee:8b:5d:ea:13:f3:9d:69:d1:e3:7a:
90:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:00:09:D3:9D:F5:C3:C3:48:73:48:BE:D0:48:48:F0:A6:7B:CB:D5
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/AgAJ0531w8NIc0i-0EhI8KZ7y9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.192.0-89.29.202.255
89.29.204.0/23
89.29.226.0-89.29.228.255
185.40.36.0/24
213.181.70.0/23
Signature Algorithm: sha256WithRSAEncryption
08:5d:61:54:a5:0c:29:54:01:ca:3c:53:5e:b1:22:15:d7:f8:
c8:7e:90:aa:31:d6:97:b6:44:7f:cf:be:fb:54:ce:40:d4:4d:
09:e4:23:6a:0f:76:0f:ca:8d:03:fb:8a:00:16:50:d7:f4:be:
26:de:f6:f4:1c:e6:55:26:43:6b:6e:e9:f4:25:b5:e5:d4:a4:
78:a4:57:c0:2c:ff:3b:d5:93:80:de:cc:3d:93:ac:e8:01:27:
c8:c0:28:41:3d:10:b3:65:fa:85:c4:9f:a5:b9:1b:11:25:72:
45:e9:7c:5a:ec:b2:d0:a1:ec:b0:42:60:11:2b:fc:a7:16:9a:
ec:74:d8:47:25:46:08:37:f5:1f:18:53:00:8a:1b:24:e6:ae:
7a:e7:aa:f6:a1:ff:14:94:21:c7:9b:8d:29:3c:0a:52:fb:05:
9b:8f:aa:4d:55:28:ab:2a:fe:e4:2e:01:6b:36:a0:5f:e5:13:
8b:a8:af:4d:cf:f6:07:d5:18:21:ef:b6:2d:64:72:61:69:e0:
53:2e:6e:00:85:45:27:d8:0c:54:f1:2f:be:65:00:ec:35:a7:
78:1c:d5:6d:e8:74:28:52:ef:43:00:13:70:54:25:1f:20:1c:
b1:c2:4a:7a:62:e6:44:46:ec:fe:ae:77:70:35:a9:a8:cb:73:
0b:86:f4:b6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVxC+6Pebd+jYudhiygFYPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjMwMTAyMDU1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAwMDlkMzlkZjVjM2MzNDg3MzQ4YmVkMDQ4NDhmMGE2N2JjYmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskzkjHU95k66BdmBP+Csk+pviycs
uwgK9Al10lhyM4rx8CxVdP4jJY1lkFcaxUe5DIn45kYT1EN48nba6RS6OMQCUt35
wvW/IqR+0yeNNBvG3yXKKzGTUc7IdmKrAZ55AXhE3Vf46n5GKVRLRawiIRxVMBah
Bb9pXqY30LteXhRpXEsKEH3jkW72OSn6Ih3aBrb+HLi8rZt+gLhgNfsQ5ibTNvXk
Zp+R3JaTyF/o028oJZ19RRxt6TDJNOrpHUO4JQoqj3OmW53uHMV5q0PqFBduddC/
vZoU5mMcVR5XWn24sg1EhWhxGIW9HY8l/IpDuk0Z7otd6hPznWnR43qQCQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAIACdOd9cPDSHNIvtBISPCme8vVMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvQWdBSjA1MzF3OE5JYzBpLTBFaEk4S1o3eTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZZHcAD
BABZHcoDBAFZHcwwDAMEAVkd4gMEAFkd5AMEALkoJAMEAdW1RjANBgkqhkiG9w0B
AQsFAAOCAQEACF1hVKUMKVQByjxTXrEiFdf4yH6QqjHWl7ZEf8+++1TOQNRNCeQj
ag92D8qNA/uKABZQ1/S+Jt729BzmVSZDa27p9CW15dSkeKRXwCz/O9WTgN7MPZOs
6AEnyMAoQT0Qs2X6hcSfpbkbESVyRel8Wuyy0KHssEJgESv8pxaa7HTYRyVGCDf1
HxhTAIobJOaueueq9qH/FJQhx5uNKTwKUvsFm4+qTVUoqyr+5C4BazagX+UTi6iv
Tc/2B9UYIe+2LWRyYWngUy5uAIVFJ9gMVPEvvmUA7DWneBzVbeh0KFLvQwATcFQl
HyAcscJKemLmREbs/q53cDWpqMtzC4b0tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:48 2024 by rpki-client on console-ams.rpki-client.org