Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/CyWWxTj9VYHoORlq4Q8T5hydXwE.roa
File: CyWWxTj9VYHoORlq4Q8T5hydXwE.roa (raw, json)
Hash identifier: uJpH2j1I8FweEwBHQp4Uh6TMuEm0VSw7xOLCVWQlbn4=
Subject key identifier: 0B:25:96:C5:38:FD:55:81:E8:39:19:6A:E1:0F:13:E6:1C:9D:5F:01
Certificate issuer: /CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Certificate serial: 018570152A3BF06D2BB32CEDCF7BD36804B4
Authority key identifier: A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/CyWWxTj9VYHoORlq4Q8T5hydXwE.roa
Signing time: Mon 02 Jan 2023 01:25:13 +0000
ROA not before: Mon 02 Jan 2023 01:25:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39704
IP address blocks: 5.22.248.0/21 maxlen: 21
185.103.16.0/22 maxlen: 22
185.94.168.0/24 maxlen: 24
194.50.163.0/24 maxlen: 24
46.182.216.0/21 maxlen: 21
91.192.36.0/22 maxlen: 22
213.132.192.0/22 maxlen: 22
213.132.192.0/19 maxlen: 19
213.132.197.0/24 maxlen: 24
213.132.196.0/22 maxlen: 22
213.132.196.0/24 maxlen: 24
94.124.88.0/21 maxlen: 21
213.132.195.0/24 maxlen: 24
213.132.200.0/22 maxlen: 22
213.132.210.0/23 maxlen: 23
2a00:1bd0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 18 Mar 2023 13:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2a:3b:f0:6d:2b:b3:2c:ed:cf:7b:d3:68:04:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a24b48edc7a325d7f1ae0f257c0e2835171bc9ae
Validity
Not Before: Jan 2 01:25:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b2596c538fd5581e839196ae10f13e61c9d5f01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:04:49:91:13:24:30:d1:b9:19:11:c8:f7:b2:
4e:94:01:f0:e6:7f:e4:0a:fb:6c:3e:b7:dd:e8:e1:
09:d2:83:bb:34:9b:f6:fb:1c:7d:b1:88:3b:0d:c7:
0a:5e:30:4c:2e:5b:08:4d:e0:72:d2:d2:cc:a0:f9:
13:cf:e5:94:3c:00:32:04:97:9c:0d:56:8c:88:9d:
b3:f4:2d:b3:7d:d0:41:b0:d1:fc:22:13:13:c6:35:
fc:54:7c:3c:ae:8f:e9:fd:bf:3a:6d:d4:45:0c:2d:
df:6d:37:1c:bc:7a:a6:98:9d:4a:95:92:6f:0d:74:
e5:72:35:0e:04:a0:9a:64:94:a2:d9:28:3a:d0:2e:
6c:9b:4d:0f:f8:2a:42:21:30:64:21:b8:08:60:8d:
df:57:39:84:8d:b1:19:1e:41:63:55:ba:ce:ab:ce:
32:bc:77:67:67:7a:94:71:9b:5a:35:ae:23:ae:c1:
e8:88:cf:be:c3:6c:c1:74:15:a8:77:39:1b:d0:1e:
c7:dc:40:66:31:eb:de:ec:a4:46:be:6d:b3:25:e9:
86:dd:a0:9f:9c:bf:14:44:e8:7e:5c:a9:8c:55:e1:
43:c7:33:19:1f:e7:7d:4e:e7:a6:35:26:df:6b:c6:
c2:a7:dd:e1:4e:f4:7c:c2:fb:ff:34:16:3f:6a:9f:
2a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:25:96:C5:38:FD:55:81:E8:39:19:6A:E1:0F:13:E6:1C:9D:5F:01
X509v3 Authority Key Identifier:
keyid:A2:4B:48:ED:C7:A3:25:D7:F1:AE:0F:25:7C:0E:28:35:17:1B:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oktI7cejJdfxrg8lfA4oNRcbya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/CyWWxTj9VYHoORlq4Q8T5hydXwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/62afef-70d1-4fe2-9edf-7f1e57487c1a/1/oktI7cejJdfxrg8lfA4oNRcbya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.248.0/21
46.182.216.0/21
91.192.36.0/22
94.124.88.0/21
185.94.168.0/24
185.103.16.0/22
194.50.163.0/24
213.132.192.0/19
IPv6:
2a00:1bd0::/32
Signature Algorithm: sha256WithRSAEncryption
51:64:e8:11:05:d5:e7:82:a4:5d:ab:17:ed:61:10:60:52:ec:
b7:60:17:37:9b:9d:72:00:55:5e:9a:ff:f4:b2:3a:9b:8b:e9:
36:8b:40:6c:ee:f0:0f:ba:77:aa:42:6f:c9:2e:89:0b:97:5c:
96:68:11:09:1e:22:d6:09:95:e6:e0:97:c1:4b:5d:6a:3d:6d:
2b:8d:02:a7:1f:0b:8c:27:98:b8:b1:a2:1d:5d:d8:a0:e9:8d:
03:42:0f:50:20:78:8a:50:c9:8d:6c:8b:f4:95:5e:5d:08:7c:
f2:23:2a:78:21:02:2c:a7:a6:f4:5a:fa:4d:84:59:09:90:12:
ce:1d:ab:3d:87:01:aa:64:b3:ab:59:c6:e1:69:82:71:5b:84:
e6:39:11:0e:19:50:0c:2e:d0:64:af:35:2a:e6:6b:de:5b:4d:
bb:6a:b3:bd:e6:0e:45:20:e9:42:6d:73:8c:3d:45:94:03:bf:
34:b6:b3:a9:ea:87:34:62:fa:c1:70:0c:57:a6:83:d2:6c:b9:
18:1a:10:1e:e2:24:6b:4d:df:83:59:b8:4c:8c:b5:61:50:cf:
cf:a1:e9:0a:88:de:df:0d:63:84:ac:17:bb:b6:07:66:ee:9b:
a2:b8:bb:62:3a:bd:d4:44:75:0f:46:46:ee:e7:f2:a1:80:e8:
e2:cd:24:93
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVwFSo78G0rsyztz3vTaAS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNGI0OGVkYzdhMzI1ZDdmMWFlMGYyNTdjMGUyODM1MTcx
YmM5YWUwHhcNMjMwMTAyMDEyNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjI1OTZjNTM4ZmQ1NTgxZTgzOTE5NmFlMTBmMTNlNjFjOWQ1ZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQRJkRMkMNG5GRHI97JOlAHw5n/k
CvtsPrfd6OEJ0oO7NJv2+xx9sYg7DccKXjBMLlsITeBy0tLMoPkTz+WUPAAyBJec
DVaMiJ2z9C2zfdBBsNH8IhMTxjX8VHw8ro/p/b86bdRFDC3fbTccvHqmmJ1KlZJv
DXTlcjUOBKCaZJSi2Sg60C5sm00P+CpCITBkIbgIYI3fVzmEjbEZHkFjVbrOq84y
vHdnZ3qUcZtaNa4jrsHoiM++w2zBdBWodzkb0B7H3EBmMeve7KRGvm2zJemG3aCf
nL8UROh+XKmMVeFDxzMZH+d9TuemNSbfa8bCp93hTvR8wvv/NBY/ap8qyQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAsllsU4/VWB6DkZauEPE+YcnV8BMB8GA1UdIwQY
MBaAFKJLSO3HoyXX8a4PJXwOKDUXG8muMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYt
N2YxZTU3NDg3YzFhLzEvQ3lXV3hUajlWWUhvT1JscTRROFQ1aHlkWHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MmFmZWYtNzBkMS00ZmUyLTllZGYtN2YxZTU3NDg3YzFh
LzEvb2t0STdjZWpKZGZ4cmc4bGZBNG9OUmNieWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBRb4AwQD
LrbYAwQCW8AkAwQDXnxYAwQAuV6oAwQCuWcQAwQAwjKjAwQF1YTAMA0EAgACMAcD
BQAqABvQMA0GCSqGSIb3DQEBCwUAA4IBAQBRZOgRBdXngqRdqxftYRBgUuy3YBc3
m51yAFVemv/0sjqbi+k2i0Bs7vAPuneqQm/JLokLl1yWaBEJHiLWCZXm4JfBS11q
PW0rjQKnHwuMJ5i4saIdXdig6Y0DQg9QIHiKUMmNbIv0lV5dCHzyIyp4IQIsp6b0
WvpNhFkJkBLOHas9hwGqZLOrWcbhaYJxW4TmOREOGVAMLtBkrzUq5mveW027arO9
5g5FIOlCbXOMPUWUA780trOp6oc0YvrBcAxXpoPSbLkYGhAe4iRrTd+DWbhMjLVh
UM/PoekKiN7fDWOErBe7tgdm7puiuLtiOr3URHUPRkbu5/KhgOjizSST
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:20 2024 by rpki-client on console-fra.rpki-client.org