Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/nGk6oO6_xIz4M2WLzM0Pc8fEozc.roa
File: nGk6oO6_xIz4M2WLzM0Pc8fEozc.roa (raw, json)
Hash identifier: F98qclh8pMmvfKMKlZsqqHLPJDIFzUo6Ed0m8T2FrT4=
Subject key identifier: 9C:69:3A:A0:EE:BF:C4:8C:F8:33:65:8B:CC:CD:0F:73:C7:C4:A3:37
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 01864525756A1EACDCBF9F01BE1AA4D55423
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/nGk6oO6_xIz4M2WLzM0Pc8fEozc.roa
Signing time: Sun 12 Feb 2023 10:22:08 +0000
ROA not before: Sun 12 Feb 2023 10:22:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57568
IP address blocks: 185.235.40.0/22 maxlen: 24
130.185.120.0/22 maxlen: 24
194.5.192.0/23 maxlen: 24
194.5.206.0/23 maxlen: 24
185.204.168.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:25:75:6a:1e:ac:dc:bf:9f:01:be:1a:a4:d5:54:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Feb 12 10:22:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c693aa0eebfc48cf833658bcccd0f73c7c4a337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:26:95:dc:c1:5e:79:d4:84:45:83:67:f4:9f:
60:64:c9:0d:90:de:84:e1:61:00:d4:59:02:8d:e9:
9d:b3:84:bb:bc:d1:28:5d:13:ba:a3:ed:f8:36:56:
05:fb:e0:4b:0a:cb:d3:d2:b8:25:a7:68:2b:8c:0b:
ef:78:eb:d5:ae:48:79:4c:e0:5b:88:21:1d:09:08:
47:13:01:53:af:3d:a3:1e:09:ec:32:45:49:67:6b:
cb:06:f2:e3:3a:25:ce:f2:92:e5:b8:b8:9d:9c:15:
f1:2b:9e:8b:6d:bc:53:e4:82:0c:60:ff:d5:80:67:
f9:1c:72:85:3b:07:74:4e:d5:b3:c8:91:29:16:3a:
a8:47:89:0f:b3:c4:c2:e1:b9:1e:13:bd:ec:72:67:
2e:91:01:c7:53:fc:f2:8c:97:05:92:63:c4:b2:77:
27:9e:49:6c:65:ff:3a:ed:8d:30:e1:74:85:e7:d8:
c4:f9:9b:9a:c7:95:e6:2f:1a:02:0b:24:74:50:02:
2d:e6:3a:ef:06:e0:94:f5:8c:1a:d0:71:7e:2d:60:
4f:22:b4:00:6c:0f:85:95:4f:4b:8c:b9:e0:fe:2f:
c0:b9:08:10:79:f4:b8:f1:f4:3b:4e:28:eb:64:3d:
24:89:0b:36:44:ff:a9:d2:03:04:ab:ea:11:c7:23:
9f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:69:3A:A0:EE:BF:C4:8C:F8:33:65:8B:CC:CD:0F:73:C7:C4:A3:37
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/nGk6oO6_xIz4M2WLzM0Pc8fEozc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.120.0/22
185.204.168.0/22
185.235.40.0/22
194.5.192.0/23
194.5.206.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:8d:1f:60:7d:68:c7:88:30:02:96:76:bf:69:be:6a:89:d3:
8a:3f:7c:8c:3e:1e:1b:fe:4a:fa:3d:15:2f:df:4a:4d:34:b4:
26:b7:56:37:ce:07:cd:83:3b:2a:48:fa:e6:77:f2:3b:73:57:
fa:e6:91:dc:08:7a:c3:c6:66:4b:54:4b:55:21:22:b7:46:d4:
af:cc:ea:46:e3:d3:17:2c:9f:f9:fb:c4:03:34:6a:25:a8:81:
2e:c6:55:b0:0e:7d:a6:68:b5:63:53:52:cf:42:3e:9c:5b:43:
92:fa:49:12:ed:56:ce:d3:33:b3:fc:6f:8f:6c:4e:7c:cc:a7:
4c:f6:b6:63:e6:f2:2d:38:84:2e:11:82:08:bd:4c:b5:20:fa:
86:aa:a0:9e:33:b4:52:9f:13:38:26:2e:a4:ca:ba:ca:a6:b6:
81:0d:e5:15:67:fb:9a:32:bc:b8:1f:c1:b4:69:01:9b:67:8f:
05:e2:31:b1:88:a0:e8:1a:fc:17:a9:d5:6e:68:8b:03:ed:5f:
64:7d:a5:fb:21:aa:f0:13:ef:8d:c1:c3:c0:68:c5:94:fc:4d:
4a:14:67:f2:ca:98:a3:58:52:56:0d:40:5d:0a:34:2d:91:9a:
66:b0:9f:20:54:17:12:d9:a8:e8:e6:b1:3e:f9:ca:25:65:89:
4d:1a:ff:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZFJXVqHqzcv58Bvhqk1VQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjMwMjEyMTAyMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzY5M2FhMGVlYmZjNDhjZjgzMzY1OGJjY2NkMGY3M2M3YzRhMzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyaV3MFeedSERYNn9J9gZMkNkN6E
4WEA1FkCjemds4S7vNEoXRO6o+34NlYF++BLCsvT0rglp2grjAvveOvVrkh5TOBb
iCEdCQhHEwFTrz2jHgnsMkVJZ2vLBvLjOiXO8pLluLidnBXxK56LbbxT5IIMYP/V
gGf5HHKFOwd0TtWzyJEpFjqoR4kPs8TC4bkeE73scmcukQHHU/zyjJcFkmPEsncn
nklsZf867Y0w4XSF59jE+Zuax5XmLxoCCyR0UAIt5jrvBuCU9Ywa0HF+LWBPIrQA
bA+FlU9LjLng/i/AuQgQefS48fQ7TijrZD0kiQs2RP+p0gMEq+oRxyOf+wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJxpOqDuv8SM+DNli8zND3PHxKM3MB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvbkdrNm9PNl94SXo0TTJXTHpNMFBjOGZFb3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCgrl4AwQC
ucyoAwQCuesoAwQBwgXAAwQBwgXOMA0GCSqGSIb3DQEBCwUAA4IBAQBtjR9gfWjH
iDAClna/ab5qidOKP3yMPh4b/kr6PRUv30pNNLQmt1Y3zgfNgzsqSPrmd/I7c1f6
5pHcCHrDxmZLVEtVISK3RtSvzOpG49MXLJ/5+8QDNGolqIEuxlWwDn2maLVjU1LP
Qj6cW0OS+kkS7VbO0zOz/G+PbE58zKdM9rZj5vItOIQuEYIIvUy1IPqGqqCeM7RS
nxM4Ji6kyrrKpraBDeUVZ/uaMry4H8G0aQGbZ48F4jGxiKDoGvwXqdVuaIsD7V9k
faX7IarwE++NwcPAaMWU/E1KFGfyypijWFJWDUBdCjQtkZpmsJ8gVBcS2ajo5rE+
+colZYlNGv/M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:11 2024 by rpki-client on console-ams.rpki-client.org