Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/_AVzcSXQyWa6ioIDLV_Dmn2Qgss.roa
File: _AVzcSXQyWa6ioIDLV_Dmn2Qgss.roa (raw, json)
Hash identifier: BUy3HfvcteP5eEFkSUDkyn5QQrGHAnNdTncG6NhSKWE=
Subject key identifier: FC:05:73:71:25:D0:C9:66:BA:8A:82:03:2D:5F:C3:9A:7D:90:82:CB
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 018A00933F3B6573923D0E9E5E790CC4081E
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/_AVzcSXQyWa6ioIDLV_Dmn2Qgss.roa
Signing time: Wed 16 Aug 2023 22:59:24 +0000
ROA not before: Wed 16 Aug 2023 22:59:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41079
IP address blocks: 185.204.216.0/22 maxlen: 22
195.114.0.0/23 maxlen: 24
91.199.22.0/24 maxlen: 24
178.250.40.0/21 maxlen: 24
185.208.164.0/24 maxlen: 24
194.169.227.0/24 maxlen: 24
185.123.160.0/22 maxlen: 22
185.243.52.0/22 maxlen: 22
195.242.116.0/23 maxlen: 24
195.78.66.0/23 maxlen: 24
193.218.152.0/22 maxlen: 24
195.2.254.0/23 maxlen: 24
2a02:1778::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 16 Aug 2023 23:03:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:93:3f:3b:65:73:92:3d:0e:9e:5e:79:0c:c4:08:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Aug 16 22:59:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc05737125d0c966ba8a82032d5fc39a7d9082cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:86:de:ef:02:50:a7:8d:bc:4b:56:39:d1:a5:
d3:02:4e:87:b5:12:52:39:f3:a4:7d:bf:38:69:0b:
71:f0:60:83:95:6b:76:1e:b8:7c:5b:41:89:7d:f4:
80:ef:bd:a2:18:5e:3c:38:25:dd:bb:1e:93:e1:46:
ce:e3:31:87:a5:9c:73:63:5a:bf:2a:3f:fa:3b:6d:
f7:d1:46:9d:16:ea:61:ff:ad:87:80:5b:56:1d:82:
c4:78:ab:d5:fb:4c:47:77:2c:4b:35:fc:9d:33:ac:
00:3b:15:eb:64:45:d8:74:aa:c2:5f:b8:96:5d:07:
ae:e6:d3:95:e1:1d:d6:85:8e:5c:d9:66:6c:a6:be:
f6:91:62:e4:b9:48:73:bb:60:39:65:a8:6d:8f:dc:
2e:ad:aa:04:d2:2b:d4:3c:dc:c8:ef:ae:64:47:b2:
df:f0:ea:0b:42:ce:10:59:81:20:51:c7:63:1c:60:
eb:73:01:3f:61:26:35:9d:70:c0:09:12:45:22:69:
dc:e3:0f:20:ba:e5:04:21:7a:ce:f0:25:b6:22:a7:
7f:de:48:f9:87:3e:47:70:f5:9a:5c:09:2b:ec:c9:
48:dc:d0:06:bd:b9:08:bd:5e:28:b4:7e:38:ba:eb:
21:83:ab:70:6d:90:9e:4d:a5:65:a3:0a:e9:d8:bf:
4b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:05:73:71:25:D0:C9:66:BA:8A:82:03:2D:5F:C3:9A:7D:90:82:CB
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/_AVzcSXQyWa6ioIDLV_Dmn2Qgss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
178.250.40.0/21
185.123.160.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
IPv6:
2a02:1778::/32
Signature Algorithm: sha256WithRSAEncryption
6c:b9:7d:fa:fd:89:b8:64:49:71:f7:c8:55:57:54:8e:ee:25:
1e:f0:ac:d6:6b:bd:a7:0d:08:5b:24:56:d4:7e:4b:c1:cf:7b:
a6:be:42:08:61:42:c7:8b:ad:8e:a0:0f:3b:53:62:7e:53:3e:
42:8d:39:6e:03:58:06:ec:54:52:0e:9a:40:2f:f7:7a:1f:57:
e5:92:57:99:05:e5:4a:6b:0e:e8:52:7f:b5:bb:26:6c:0c:de:
1a:7e:e0:d7:48:c8:bf:ee:fa:81:41:0a:78:f7:74:e6:7f:9a:
89:37:13:04:72:80:58:41:56:2c:ed:c3:09:60:89:5c:13:c3:
28:ce:5f:03:2a:e8:7b:70:bb:be:c1:58:b7:e6:31:39:9f:6a:
2e:75:25:fe:95:89:13:20:25:21:23:bd:7e:ca:a7:99:fe:af:
5f:d2:5a:35:30:59:d0:75:9c:02:2a:a7:ef:36:a8:ce:c3:00:
bc:89:cd:09:46:48:b9:25:6b:39:76:60:1a:8c:b5:e9:f3:77:
8b:56:15:2d:b0:fa:79:77:3a:23:d6:03:99:1f:6f:29:6f:44:
8e:a1:08:99:76:78:fe:ad:2b:b4:3c:b6:75:5f:15:09:19:0c:
08:57:1a:cd:da:dc:8a:54:f4:7d:67:6b:2f:13:20:07:9c:9e:
63:49:c3:c1
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYoAkz87ZXOSPQ6eXnkMxAgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjMwODE2MjI1OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzA1NzM3MTI1ZDBjOTY2YmE4YTgyMDMyZDVmYzM5YTdkOTA4MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgobe7wJQp428S1Y50aXTAk6HtRJS
OfOkfb84aQtx8GCDlWt2Hrh8W0GJffSA772iGF48OCXdux6T4UbO4zGHpZxzY1q/
Kj/6O2330UadFuph/62HgFtWHYLEeKvV+0xHdyxLNfydM6wAOxXrZEXYdKrCX7iW
XQeu5tOV4R3WhY5c2WZspr72kWLkuUhzu2A5Zahtj9wuraoE0ivUPNzI765kR7Lf
8OoLQs4QWYEgUcdjHGDrcwE/YSY1nXDACRJFImnc4w8guuUEIXrO8CW2Iqd/3kj5
hz5HcPWaXAkr7MlI3NAGvbkIvV4otH44uushg6twbZCeTaVlowrp2L9LdQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFPwFc3El0MlmuoqCAy1fw5p9kILLMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvX0FWemNTWFF5V2E2aW9JRExWX0RtbjJRZ3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQAW8cWAwQD
svooAwQCuXugAwQCuczYAwQAudCkAwQCufM0AwQCwdqYAwQAwqnjAwQBwwL+AwQB
w05CAwQBw3IAAwQBw/J0MA0EAgACMAcDBQAqAhd4MA0GCSqGSIb3DQEBCwUAA4IB
AQBsuX36/Ym4ZElx98hVV1SO7iUe8KzWa72nDQhbJFbUfkvBz3umvkIIYULHi62O
oA87U2J+Uz5CjTluA1gG7FRSDppAL/d6H1flkleZBeVKaw7oUn+1uyZsDN4afuDX
SMi/7vqBQQp493Tmf5qJNxMEcoBYQVYs7cMJYIlcE8Mozl8DKuh7cLu+wVi35jE5
n2oudSX+lYkTICUhI71+yqeZ/q9f0lo1MFnQdZwCKqfvNqjOwwC8ic0JRki5JWs5
dmAajLXp83eLVhUtsPp5dzoj1gOZH28pb0SOoQiZdnj+rSu0PLZ1XxUJGQwIVxrN
2tyKVPR9Z2svEyAHnJ5jScPB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:21 2024 by rpki-client on console-fra.rpki-client.org