Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ARaxG0Gaz2QjLnFAJqnR8_qaDTc.roa
File: ARaxG0Gaz2QjLnFAJqnR8_qaDTc.roa (raw, json)
Hash identifier: LDT7YP53Agrwh7WP+CqWj6CKPKQXm7lk5LQ+5XzP+iE=
Subject key identifier: 01:16:B1:1B:41:9A:CF:64:23:2E:71:40:26:A9:D1:F3:FA:9A:0D:37
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018992EC4DC5228AD4257CE624A19D831DB5
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ARaxG0Gaz2QjLnFAJqnR8_qaDTc.roa
Signing time: Wed 26 Jul 2023 15:58:27 +0000
ROA not before: Wed 26 Jul 2023 15:58:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207724
IP address blocks: 185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
185.239.3.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Sep 2023 11:53:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:92:ec:4d:c5:22:8a:d4:25:7c:e6:24:a1:9d:83:1d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jul 26 15:58:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0116b11b419acf64232e714026a9d1f3fa9a0d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:16:4d:03:ca:44:22:f3:76:df:e8:e4:f3:e8:
4c:42:3d:46:bb:b3:9b:35:dc:76:6f:e4:a2:45:08:
c2:7f:6f:62:7e:86:c7:8c:c1:a8:09:c8:44:9a:09:
95:fb:8e:60:9b:ef:cc:0d:ee:94:cf:ac:85:72:19:
5b:07:e1:79:3b:5e:a9:cb:7e:8c:8b:c8:e9:83:e2:
59:18:6c:a7:d0:01:aa:4d:4e:c2:65:f0:9f:69:0f:
bd:e0:f7:0a:67:63:aa:ec:8f:8d:78:2d:22:3b:39:
73:2b:95:a3:5f:2d:19:df:5b:cd:f5:e5:aa:50:fe:
ab:10:b7:2d:9a:cd:5c:35:c6:e6:82:05:34:8a:59:
68:94:95:8d:15:60:81:5d:54:fd:e9:5b:92:7a:00:
3d:5f:be:be:41:ef:82:68:5d:b5:8d:48:3a:03:ea:
0a:f7:ef:02:5f:92:88:f8:37:d1:9f:1e:3f:8e:fa:
6f:d9:36:91:82:ab:c8:02:b6:11:f8:a8:c3:8d:4f:
24:2b:52:98:97:11:fb:b3:b2:ad:36:bc:f7:f3:b4:
f7:15:36:f4:8f:88:f0:bb:36:10:6b:ac:31:a8:ba:
3b:28:63:0a:47:ed:e0:03:ea:a8:94:ee:6c:39:9a:
bd:4d:9d:4e:25:1e:70:36:c0:2b:df:04:9f:20:84:
ac:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:16:B1:1B:41:9A:CF:64:23:2E:71:40:26:A9:D1:F3:FA:9A:0D:37
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ARaxG0Gaz2QjLnFAJqnR8_qaDTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
45.94.213.0/24
89.46.217.0/24
185.3.200.0/24
185.239.0.0/24
185.239.2.0/23
Signature Algorithm: sha256WithRSAEncryption
34:2a:e5:f8:a3:9c:dc:f4:5f:2a:fb:90:f4:e7:7c:19:d2:60:
d3:cf:63:2d:ac:d6:81:4a:16:59:b5:64:cc:4f:18:79:59:98:
c5:6f:88:a0:3e:5f:3a:47:7c:9b:43:42:70:e4:47:de:c5:a2:
7b:b3:c8:6d:78:f8:51:03:8b:76:4c:f9:f9:5a:01:07:c4:c1:
6b:f2:0a:13:9e:99:73:17:90:9f:9b:af:b9:4d:67:d9:58:11:
42:4d:49:44:0f:ac:e9:54:c2:19:92:5c:e8:fd:06:24:5a:23:
d3:3e:23:bb:c0:8c:81:e1:91:b4:98:d5:f9:0f:1c:5e:e3:2a:
ca:46:ca:4e:a5:ce:b2:91:ca:94:98:38:b0:97:bd:c8:c0:ce:
a8:5e:3f:04:51:58:17:87:ce:4f:98:90:6c:35:6c:8b:46:c2:
6f:11:b8:a6:bb:ec:c5:8a:3a:37:15:d3:47:2e:a3:98:15:83:
5b:e2:58:27:89:00:6d:53:94:41:76:be:c6:9c:74:6d:24:fd:
1e:73:e8:83:62:5f:45:94:0f:65:3a:4e:3f:9d:2d:8f:95:1c:
78:b1:e5:bd:c4:45:2e:56:d8:ff:d6:b9:f8:75:65:91:8d:50:
f1:26:03:ec:be:a5:67:40:a6:10:8f:69:de:b7:40:8d:af:cf:
48:08:c9:2a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYmS7E3FIorUJXzmJKGdgx21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjMwNzI2MTU1ODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTE2YjExYjQxOWFjZjY0MjMyZTcxNDAyNmE5ZDFmM2ZhOWEwZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhZNA8pEIvN23+jk8+hMQj1Gu7Ob
Ndx2b+SiRQjCf29ifobHjMGoCchEmgmV+45gm+/MDe6Uz6yFchlbB+F5O16py36M
i8jpg+JZGGyn0AGqTU7CZfCfaQ+94PcKZ2Oq7I+NeC0iOzlzK5WjXy0Z31vN9eWq
UP6rELctms1cNcbmggU0illolJWNFWCBXVT96VuSegA9X76+Qe+CaF21jUg6A+oK
9+8CX5KI+DfRnx4/jvpv2TaRgqvIArYR+KjDjU8kK1KYlxH7s7KtNrz387T3FTb0
j4jwuzYQa6wxqLo7KGMKR+3gA+qolO5sOZq9TZ1OJR5wNsAr3wSfIISsywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAEWsRtBms9kIy5xQCap0fP6mg03MB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvQVJheEcwR2F6MlFqTG5GQUpxblI4X3FhRFRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABZ8xAwQA
BZ82AwQALV7VAwQAWS7ZAwQAuQPIAwQAue8AAwQBue8CMA0GCSqGSIb3DQEBCwUA
A4IBAQA0KuX4o5zc9F8q+5D053wZ0mDTz2MtrNaBShZZtWTMTxh5WZjFb4igPl86
R3ybQ0Jw5EfexaJ7s8htePhRA4t2TPn5WgEHxMFr8goTnplzF5Cfm6+5TWfZWBFC
TUlED6zpVMIZklzo/QYkWiPTPiO7wIyB4ZG0mNX5Dxxe4yrKRspOpc6ykcqUmDiw
l73IwM6oXj8EUVgXh85PmJBsNWyLRsJvEbimu+zFijo3FdNHLqOYFYNb4lgniQBt
U5RBdr7GnHRtJP0ec+iDYl9FlA9lOk4/nS2PlRx4seW9xEUuVtj/1rn4dWWRjVDx
JgPsvqVnQKYQj2net0CNr89ICMkq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:51 2024 by rpki-client on console-fra.rpki-client.org