Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/kL2AOiO5rT2mRELNbuEWKRm6ySo.roa
File: kL2AOiO5rT2mRELNbuEWKRm6ySo.roa (raw, json)
Hash identifier: 60qm40C9mcJOAvxQasrUxnmriyKJJX6KxYu0QfXbVVM=
Subject key identifier: 90:BD:80:3A:23:B9:AD:3D:A6:44:42:CD:6E:E1:16:29:19:BA:C9:2A
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 01856EB906957A7ABF1A2EFBBED16676F101
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/kL2AOiO5rT2mRELNbuEWKRm6ySo.roa
Signing time: Sun 01 Jan 2023 19:04:57 +0000
ROA not before: Sun 01 Jan 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206120
IP address blocks: 194.147.172.0/24 maxlen: 24
194.147.227.0/24 maxlen: 24
194.147.228.0/24 maxlen: 24
185.195.248.0/22 maxlen: 22
185.195.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:06:95:7a:7a:bf:1a:2e:fb:be:d1:66:76:f1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jan 1 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90bd803a23b9ad3da64442cd6ee1162919bac92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:82:7a:c7:b3:59:c9:14:38:a5:51:50:12:17:
65:5e:ad:dc:18:7c:24:9a:35:5a:0f:7b:76:e8:e8:
e9:06:31:7a:1b:03:17:ac:80:91:37:2a:9f:61:ff:
eb:2d:1f:b1:61:7d:db:27:84:38:6a:b1:a9:7a:b2:
af:ae:ad:b4:0c:2e:e2:92:e5:41:de:8d:54:a0:84:
91:10:7d:b7:13:41:aa:8e:40:11:72:aa:13:40:bc:
83:66:54:23:72:db:13:83:ee:de:8c:7e:c7:11:fe:
dd:ee:7d:81:50:50:aa:00:9e:45:34:f6:a1:61:cc:
4c:bd:d0:43:0a:ea:92:c3:30:8d:96:74:02:fc:42:
ff:ea:c7:89:9a:64:46:80:ac:1f:6a:a9:f0:e6:96:
7b:2a:a2:e6:c6:b6:98:41:cc:5f:06:2f:44:79:59:
eb:dd:aa:7c:55:96:c6:6f:2d:36:44:d5:d3:e4:2f:
c6:cd:b8:80:3f:69:f2:25:b8:a8:97:82:12:bb:59:
8c:a1:b0:b9:2b:fb:71:f2:96:0d:40:c4:08:a2:ca:
b8:bd:7e:cb:38:e5:01:0b:48:88:be:1d:1c:95:a4:
2d:69:eb:63:7a:d4:57:24:73:a1:3f:ef:18:94:3a:
db:b8:db:69:a3:d3:d0:1e:aa:b1:f7:d4:da:48:54:
b3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BD:80:3A:23:B9:AD:3D:A6:44:42:CD:6E:E1:16:29:19:BA:C9:2A
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/kL2AOiO5rT2mRELNbuEWKRm6ySo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.248.0/22
194.147.172.0/24
194.147.227.0-194.147.228.255
Signature Algorithm: sha256WithRSAEncryption
5b:6a:c1:04:32:4e:aa:75:ea:8e:d9:78:9e:50:b5:27:81:94:
08:e7:58:c0:8d:cd:cc:05:e8:2a:ea:43:81:ce:08:e6:37:53:
5c:fe:8a:85:bb:72:f4:3b:cf:16:e1:c5:a8:7a:bd:ae:03:0a:
bc:94:d2:3b:68:94:52:3b:75:44:f3:fc:24:fb:f5:e9:4d:6b:
f2:f8:16:bc:9d:83:8d:27:ac:55:80:d3:6f:8f:42:2c:92:c6:
7d:38:56:b2:b9:04:a1:db:12:d1:90:2f:76:10:8a:e4:30:19:
dc:ac:bc:5c:dc:5e:f7:4b:0f:6a:9c:1b:1e:d8:f2:0b:38:05:
26:37:ef:fd:85:f9:8c:7a:0c:df:c0:f6:98:8f:4b:cf:a6:61:
42:9b:b6:65:16:e9:a6:18:f1:02:e3:c1:ab:8e:27:5c:44:45:
9f:76:04:10:f3:b6:19:14:85:6c:31:b9:33:3a:ca:3d:7e:36:
dc:46:9e:e6:7b:78:b1:ed:e9:8d:aa:14:4e:69:df:ba:f2:d5:
69:8a:79:ed:23:69:fa:77:a4:0e:4f:ce:b0:9f:77:ce:14:5c:
c7:8f:a8:1b:c3:49:b9:25:09:01:84:96:6a:40:d1:a7:8d:e2:
8f:65:29:79:87:91:24:00:c7:59:3c:f7:dc:f5:44:5e:c2:e0:
f8:7e:f1:73
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVuuQaVenq/Gi77vtFmdvEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDVlYzE1MTZlZTZkYzE5ZDFlNWMzOTk4Y2I3ZTdhNjQ2
ZjcxNWEwHhcNMjMwMTAxMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJkODAzYTIzYjlhZDNkYTY0NDQyY2Q2ZWUxMTYyOTE5YmFjOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIJ6x7NZyRQ4pVFQEhdlXq3cGHwk
mjVaD3t26OjpBjF6GwMXrICRNyqfYf/rLR+xYX3bJ4Q4arGperKvrq20DC7ikuVB
3o1UoISREH23E0GqjkARcqoTQLyDZlQjctsTg+7ejH7HEf7d7n2BUFCqAJ5FNPah
YcxMvdBDCuqSwzCNlnQC/EL/6seJmmRGgKwfaqnw5pZ7KqLmxraYQcxfBi9EeVnr
3ap8VZbGby02RNXT5C/GzbiAP2nyJbiol4ISu1mMobC5K/tx8pYNQMQIosq4vX7L
OOUBC0iIvh0claQtaetjetRXJHOhP+8YlDrbuNtpo9PQHqqx99TaSFSzSQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJC9gDojua09pkRCzW7hFikZuskqMB8GA1UdIwQY
MBaAFLPV7BUW7m3BnR5cOZjLfnpkb3FaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEt
NmMzMDVhNmRiYWI5LzEva0wyQU9pTzVyVDJtUkVMTmJ1RVdLUm02eVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zYWQ3Y2MtM2MwOC00YjcyLTg3MGEtNmMzMDVhNmRiYWI5
LzEvczlYc0ZSYnViY0dkSGx3NW1NdC1lbVJ2Y1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCucP4AwQA
wpOsMAwDBADCk+MDBADCk+QwDQYJKoZIhvcNAQELBQADggEBAFtqwQQyTqp16o7Z
eJ5QtSeBlAjnWMCNzcwF6CrqQ4HOCOY3U1z+ioW7cvQ7zxbhxah6va4DCryU0jto
lFI7dUTz/CT79elNa/L4Frydg40nrFWA02+PQiySxn04VrK5BKHbEtGQL3YQiuQw
GdysvFzcXvdLD2qcGx7Y8gs4BSY37/2F+Yx6DN/A9piPS8+mYUKbtmUW6aYY8QLj
wauOJ1xERZ92BBDzthkUhWwxuTM6yj1+NtxGnuZ7eLHt6Y2qFE5p37ry1WmKee0j
afp3pA5PzrCfd84UXMePqBvDSbklCQGElmpA0aeN4o9lKXmHkSQAx1k899z1RF7C
4Ph+8XM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:45 2024 by rpki-client on console-fra.rpki-client.org