Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AGbJ_V6BENgKwQpu524l4oOt_-g.roa
File: AGbJ_V6BENgKwQpu524l4oOt_-g.roa (raw, json)
Hash identifier: v4rvKRkpzO06IA+Mz/nMbwuqv53JNI5O0bTefedgt04=
Subject key identifier: 00:66:C9:FD:5E:81:10:D8:0A:C1:0A:6E:E7:6E:25:E2:83:AD:FF:E8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0185709522C9E06767D4D3A200BFCAB93CCF
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AGbJ_V6BENgKwQpu524l4oOt_-g.roa
Signing time: Mon 02 Jan 2023 03:45:00 +0000
ROA not before: Mon 02 Jan 2023 03:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42772
IP address blocks: 151.249.128.0/17 maxlen: 24
95.46.46.0/24 maxlen: 24
92.38.64.0/20 maxlen: 24
95.46.200.0/21 maxlen: 24
95.46.208.0/24 maxlen: 24
146.120.128.0/20 maxlen: 24
93.171.112.0/20 maxlen: 24
146.120.144.0/21 maxlen: 24
146.120.32.0/21 maxlen: 24
95.46.16.0/20 maxlen: 24
93.170.184.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:95:22:c9:e0:67:67:d4:d3:a2:00:bf:ca:b9:3c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 03:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0066c9fd5e8110d80ac10a6ee76e25e283adffe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:44:da:49:a9:31:e0:7e:02:47:68:d4:b8:58:
b5:ad:24:d7:02:2e:b8:26:10:54:e1:72:e8:fd:1d:
a2:ae:e5:2a:16:5d:09:c7:c0:fe:d2:36:31:44:4f:
02:e5:b7:c8:45:61:fe:01:c6:15:89:f8:3d:48:21:
18:45:34:52:32:7b:80:23:0f:85:c6:30:7c:55:2b:
41:25:da:96:52:46:66:30:f9:2e:59:73:5b:2f:7d:
ea:16:3e:24:aa:98:d0:bc:99:37:43:e0:a0:86:5b:
b3:bc:4b:f1:7d:2b:bb:cb:69:48:9d:99:3a:79:ba:
6a:e2:d6:fe:a3:b8:66:2e:da:23:66:30:04:92:71:
45:cc:52:45:08:a2:3c:72:80:50:8e:2e:9b:cf:97:
26:9c:05:1d:43:70:10:43:f4:68:58:e3:87:1c:1f:
b0:79:15:1d:78:05:eb:08:26:3d:0e:38:43:e0:65:
70:38:1d:27:ab:f8:41:a9:48:93:66:de:8a:63:0d:
01:08:8d:35:66:28:2e:83:3d:32:01:f2:f5:b2:fc:
4e:b5:71:d8:03:e1:b4:46:64:8c:18:9e:50:01:99:
87:e0:80:26:84:3f:fc:f0:34:3d:d4:32:0b:81:0b:
9f:32:3a:5a:df:8a:bc:a3:e9:6b:d2:e2:20:91:08:
17:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:66:C9:FD:5E:81:10:D8:0A:C1:0A:6E:E7:6E:25:E2:83:AD:FF:E8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/AGbJ_V6BENgKwQpu524l4oOt_-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.64.0/20
93.170.184.0/24
93.171.112.0/20
95.46.16.0/20
95.46.46.0/24
95.46.200.0-95.46.208.255
146.120.32.0/21
146.120.128.0-146.120.151.255
151.249.128.0/17
Signature Algorithm: sha256WithRSAEncryption
94:22:56:09:40:48:e2:f1:b3:8f:d0:90:5a:89:38:ee:7e:97:
2d:28:32:32:c4:0c:9a:42:0c:cb:0f:fd:aa:29:06:e6:71:d3:
08:11:04:6d:82:c4:56:d4:60:b5:36:05:69:2b:5d:57:32:a3:
a6:95:72:4d:3c:34:38:40:6d:f1:38:c8:8f:e7:df:7d:03:95:
2b:9d:ae:60:57:f7:f0:14:7d:58:53:61:32:86:52:68:63:f8:
c8:0d:d2:84:6d:47:49:92:0e:4f:cf:59:89:7d:b2:d4:35:99:
9d:be:f2:21:81:78:3e:8e:19:8c:78:eb:ff:4b:40:61:e2:a0:
ce:a4:81:4c:9c:bb:7c:b9:df:6a:dd:dd:ed:b1:d5:ab:5a:ae:
f9:de:15:74:c2:56:bc:66:cd:c5:09:6f:f5:d9:4d:37:6c:44:
35:69:06:e6:8c:8b:49:69:97:06:f2:18:5d:4f:6b:1a:f2:35:
6b:38:0f:08:7a:91:03:79:5d:fd:4e:b1:fb:e8:91:91:73:8c:
01:8d:93:c6:95:81:46:5d:49:04:d1:57:b3:38:9d:c5:ee:0c:
ba:7c:57:fd:ca:1f:64:54:04:35:eb:80:f1:e5:f8:ab:a8:48:
6c:ee:4d:eb:eb:56:bf:f1:77:b8:5b:d0:07:2e:af:bb:6a:67:
4d:12:12:4b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYVwlSLJ4Gdn1NOiAL/KuTzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwMTAyMDM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY2YzlmZDVlODExMGQ4MGFjMTBhNmVlNzZlMjVlMjgzYWRmZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kTaSakx4H4CR2jUuFi1rSTXAi64
JhBU4XLo/R2iruUqFl0Jx8D+0jYxRE8C5bfIRWH+AcYVifg9SCEYRTRSMnuAIw+F
xjB8VStBJdqWUkZmMPkuWXNbL33qFj4kqpjQvJk3Q+CghluzvEvxfSu7y2lInZk6
ebpq4tb+o7hmLtojZjAEknFFzFJFCKI8coBQji6bz5cmnAUdQ3AQQ/RoWOOHHB+w
eRUdeAXrCCY9DjhD4GVwOB0nq/hBqUiTZt6KYw0BCI01Zigugz0yAfL1svxOtXHY
A+G0RmSMGJ5QAZmH4IAmhD/88DQ91DILgQufMjpa34q8o+lr0uIgkQgXVwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFABmyf1egRDYCsEKbuduJeKDrf/oMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQUdiSl9WNkJFTmdLd1FwdTUyNGw0b090Xy1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQEXCZAAwQA
Xaq4AwQEXatwAwQEXy4QAwQAXy4uMAwDBANfLsgDBABfLtADBAOSeCAwDAMEB5J4
gAMEA5J4kAMEB5f5gDANBgkqhkiG9w0BAQsFAAOCAQEAlCJWCUBI4vGzj9CQWok4
7n6XLSgyMsQMmkIMyw/9qikG5nHTCBEEbYLEVtRgtTYFaStdVzKjppVyTTw0OEBt
8TjIj+fffQOVK52uYFf38BR9WFNhMoZSaGP4yA3ShG1HSZIOT89ZiX2y1DWZnb7y
IYF4Po4ZjHjr/0tAYeKgzqSBTJy7fLnfat3d7bHVq1qu+d4VdMJWvGbNxQlv9dlN
N2xENWkG5oyLSWmXBvIYXU9rGvI1azgPCHqRA3ld/U6x++iRkXOMAY2TxpWBRl1J
BNFXszidxe4MunxX/cofZFQENeuA8eX4q6hIbO5N6+tWv/F3uFvQBy6vu2pnTRIS
Sw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:36 2024 by rpki-client on console-fra.rpki-client.org