Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/7UAVXBr2HMSL9Pekbh6gQTgzbAc.roa
File: 7UAVXBr2HMSL9Pekbh6gQTgzbAc.roa (raw, json)
Hash identifier: wZHyTVMRaSMS82xaoAzO5wZrfPPL0z1bp1Yk5eOOTxU=
Subject key identifier: ED:40:15:5C:1A:F6:1C:C4:8B:F4:F7:A4:6E:1E:A0:41:38:33:6C:07
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018A009BBBF3D3BFC83028408DB75C7BB838
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/7UAVXBr2HMSL9Pekbh6gQTgzbAc.roa
Signing time: Wed 16 Aug 2023 23:08:40 +0000
ROA not before: Wed 16 Aug 2023 23:08:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58321
IP address blocks: 185.204.216.0/22 maxlen: 24
195.114.0.0/23 maxlen: 24
91.199.22.0/24 maxlen: 24
178.250.40.0/21 maxlen: 24
91.239.66.0/23 maxlen: 24
194.169.227.0/24 maxlen: 24
185.208.164.0/24 maxlen: 24
185.243.52.0/22 maxlen: 24
185.123.160.0/22 maxlen: 24
185.123.160.0/24 maxlen: 24
195.242.116.0/23 maxlen: 24
195.78.66.0/23 maxlen: 24
195.2.254.0/23 maxlen: 24
193.218.152.0/22 maxlen: 24
91.234.146.0/24 maxlen: 24
94.152.254.0/24 maxlen: 24
91.237.52.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 23:10:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:9b:bb:f3:d3:bf:c8:30:28:40:8d:b7:5c:7b:b8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Aug 16 23:08:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed40155c1af61cc48bf4f7a46e1ea04138336c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:43:94:8d:dc:82:6e:0d:8b:ce:e6:5f:ac:
fb:44:c1:5d:6e:49:26:ff:0d:42:18:9b:c5:e8:5e:
b9:1c:a9:01:48:50:e8:85:d4:7c:65:df:4b:1c:71:
3a:a3:f8:5a:33:1e:79:8d:22:9f:15:81:87:08:6d:
bb:55:77:8b:0b:11:8d:53:2f:64:43:2e:8d:a5:b3:
05:9a:b0:e4:b3:9b:aa:19:46:73:fc:67:a4:0d:4c:
65:7d:9f:5d:1c:da:29:2e:9e:89:03:76:0b:42:3a:
e6:a5:1a:40:e3:3b:6e:e1:f3:bc:f4:f8:f2:1d:64:
07:ca:1e:9f:ec:e3:3c:58:05:55:8d:78:31:3a:35:
65:77:fe:7e:72:e5:b2:cd:04:48:64:c0:a9:4f:8c:
f1:94:fe:03:29:5e:44:ad:57:c7:3b:15:ec:6f:8d:
73:1c:8e:ea:0e:83:55:2d:7a:75:f6:66:1a:89:02:
d1:c4:68:e9:7b:5b:05:5f:81:a8:38:9b:f0:01:b9:
7d:df:df:71:ab:4d:a9:9b:7b:59:84:98:16:93:cb:
de:27:41:76:55:a8:58:37:82:88:50:31:5d:fd:3c:
c7:5a:1b:62:03:e7:16:55:41:4b:1b:3e:b5:74:c5:
de:f8:29:7d:9f:24:ed:fe:ad:2f:46:78:15:2b:80:
c4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:40:15:5C:1A:F6:1C:C4:8B:F4:F7:A4:6E:1E:A0:41:38:33:6C:07
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/7UAVXBr2HMSL9Pekbh6gQTgzbAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
91.234.146.0/24
91.237.52.0/24
91.239.66.0/23
94.152.254.0/23
178.250.40.0/21
185.123.160.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:fb:55:6c:b7:1c:dc:14:e5:81:6a:7a:65:5d:b2:cd:8c:80:
c9:58:47:14:30:3d:d6:1f:41:a3:e1:91:be:12:2b:71:9e:a0:
a7:0d:bf:4f:0b:c8:cf:e2:5b:e6:eb:2f:64:16:d9:16:fd:31:
cc:a5:06:ee:81:7d:34:a9:b0:0d:bf:6a:a0:2a:4d:a0:0b:e1:
3f:7d:2a:a4:6a:ed:42:bc:e8:c2:11:16:0b:4a:ec:2e:ba:db:
9b:5a:bf:8f:ab:a5:3b:fb:28:06:d9:5c:2d:73:a5:0a:df:17:
fc:7b:c1:90:c6:1e:c2:67:82:d2:ed:b0:76:ca:30:e4:c1:39:
79:52:02:9b:63:b4:80:0b:b0:94:0d:8e:32:db:22:eb:dd:a1:
6e:71:74:87:7d:83:eb:df:3a:59:ea:5e:08:b1:79:70:f1:7b:
d2:11:fb:20:45:39:e3:26:68:b6:21:bb:47:d5:3f:8e:2e:6f:
80:cf:30:10:db:6f:0b:52:be:4b:90:0c:9a:f5:5b:8c:ea:8f:
8e:a5:53:cb:5c:87:ca:bf:92:cd:09:93:68:98:75:f3:65:e9:
2f:d9:a1:89:84:e2:aa:75:ce:05:b1:ea:63:b5:ba:ff:73:25:
7c:d2:fe:63:33:62:ac:4a:e9:d3:0f:cc:c9:24:11:8e:81:de:
91:1d:2d:95
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYoAm7vz07/IMChAjbdce7g4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwODE2MjMwODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQwMTU1YzFhZjYxY2M0OGJmNGY3YTQ2ZTFlYTA0MTM4MzM2YzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG1DlI3cgm4Ni87mX6z7RMFdbkkm
/w1CGJvF6F65HKkBSFDohdR8Zd9LHHE6o/haMx55jSKfFYGHCG27VXeLCxGNUy9k
Qy6NpbMFmrDks5uqGUZz/GekDUxlfZ9dHNopLp6JA3YLQjrmpRpA4ztu4fO89Pjy
HWQHyh6f7OM8WAVVjXgxOjVld/5+cuWyzQRIZMCpT4zxlP4DKV5ErVfHOxXsb41z
HI7qDoNVLXp19mYaiQLRxGjpe1sFX4GoOJvwAbl9399xq02pm3tZhJgWk8veJ0F2
VahYN4KIUDFd/TzHWhtiA+cWVUFLGz61dMXe+Cl9nyTt/q0vRngVK4DEtwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFO1AFVwa9hzEi/T3pG4eoEE4M2wHMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvN1VBVlhCcjJITVNMOVBla2JoNmdRVGd6YkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAW8cWAwQA
W+qSAwQAW+00AwQBW+9CAwQBXpj+AwQDsvooAwQCuXugAwQCuczYAwQAudCkAwQC
ufM0AwQCwdqYAwQAwqnjAwQBwwL+AwQBw05CAwQBw3IAAwQBw/J0MA0GCSqGSIb3
DQEBCwUAA4IBAQAq+1VstxzcFOWBanplXbLNjIDJWEcUMD3WH0Gj4ZG+EitxnqCn
Db9PC8jP4lvm6y9kFtkW/THMpQbugX00qbANv2qgKk2gC+E/fSqkau1CvOjCERYL
SuwuutubWr+Pq6U7+ygG2Vwtc6UK3xf8e8GQxh7CZ4LS7bB2yjDkwTl5UgKbY7SA
C7CUDY4y2yLr3aFucXSHfYPr3zpZ6l4IsXlw8XvSEfsgRTnjJmi2IbtH1T+OLm+A
zzAQ228LUr5LkAya9VuM6o+OpVPLXIfKv5LNCZNomHXzZekv2aGJhOKqdc4Fsepj
tbr/cyV80v5jM2KsSunTD8zJJBGOgd6RHS2V
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:10 2024 by rpki-client on console-ams.rpki-client.org