Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/ca5JJ4vm4BQJICVMfZJo9jbO6QA.roa
File: ca5JJ4vm4BQJICVMfZJo9jbO6QA.roa (raw, json)
Hash identifier: KXidyLOyVmePyVyS05CpJoIVAj1myybZD1jLgTuAdPY=
Subject key identifier: 71:AE:49:27:8B:E6:E0:14:09:20:25:4C:7D:92:68:F6:36:CE:E9:00
Certificate issuer: /CN=628a08e28b31bbe5c1812fda90e7e8c8a48335e8
Certificate serial: 018CC9BC7E55D731D9850C54BAC7583B7D27
Authority key identifier: 62:8A:08:E2:8B:31:BB:E5:C1:81:2F:DA:90:E7:E8:C8:A4:83:35:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YooI4osxu-XBgS_akOfoyKSDNeg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/ca5JJ4vm4BQJICVMfZJo9jbO6QA.roa
Signing time: Tue 02 Jan 2024 10:33:42 +0000
ROA not before: Tue 02 Jan 2024 10:33:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199494
IP address blocks: 193.0.192.0/22 maxlen: 22
193.0.197.0/24 maxlen: 24
193.0.196.0/24 maxlen: 24
176.115.80.0/21 maxlen: 21
91.201.88.0/22 maxlen: 22
83.142.216.0/22 maxlen: 22
83.142.220.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:7e:55:d7:31:d9:85:0c:54:ba:c7:58:3b:7d:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=628a08e28b31bbe5c1812fda90e7e8c8a48335e8
Validity
Not Before: Jan 2 10:33:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71ae49278be6e0140920254c7d9268f636cee900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6b:0d:0a:66:f8:ba:92:c5:8d:74:29:f2:4e:
e5:e5:87:66:cf:a6:1c:e0:08:5f:ef:f9:85:48:75:
38:00:5a:c3:61:e7:e6:5a:47:07:f7:f8:d4:bf:95:
a6:84:a6:11:51:b6:2b:c0:14:dc:19:ca:d3:c0:c7:
ef:3e:76:72:7d:cd:fa:30:97:f4:c6:72:ff:73:2a:
00:8a:67:eb:1f:24:11:a2:37:29:a3:c0:7a:4c:63:
16:57:1d:9c:47:ae:03:aa:d8:ab:52:70:71:1e:c0:
4e:6d:db:73:8a:77:82:46:f9:3a:0b:39:40:99:e4:
fa:23:0d:ea:8c:1c:e4:8e:13:6f:97:0a:99:c4:e7:
65:e3:1e:ae:e1:09:90:5c:07:00:46:83:d5:69:7c:
29:01:67:6c:ec:76:db:bc:51:fd:74:95:3f:56:34:
63:0c:d5:48:52:98:3c:00:1e:06:ac:d7:3e:ac:2f:
93:03:e5:a4:d9:d4:e0:c1:fc:c6:b7:6e:11:f8:80:
16:c6:7e:31:12:bd:b6:c6:ba:ac:47:86:07:8c:ef:
a7:17:27:61:d7:e0:2c:4f:0c:28:50:d3:6b:e4:03:
28:43:b4:44:7f:d8:24:97:bd:ac:3b:f0:29:57:d3:
b9:92:88:39:9c:c8:fc:a2:40:20:54:01:4f:4c:d8:
29:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AE:49:27:8B:E6:E0:14:09:20:25:4C:7D:92:68:F6:36:CE:E9:00
X509v3 Authority Key Identifier:
keyid:62:8A:08:E2:8B:31:BB:E5:C1:81:2F:DA:90:E7:E8:C8:A4:83:35:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YooI4osxu-XBgS_akOfoyKSDNeg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/ca5JJ4vm4BQJICVMfZJo9jbO6QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/869325-12c2-4fc0-b19b-0a1d4c022e51/1/YooI4osxu-XBgS_akOfoyKSDNeg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.216.0/21
91.201.88.0/22
176.115.80.0/21
193.0.192.0-193.0.197.255
Signature Algorithm: sha256WithRSAEncryption
3c:59:ad:9b:65:77:ba:4e:7f:56:f0:02:ab:f7:9f:7c:ae:06:
27:40:4f:ba:61:36:67:10:81:7d:73:e9:c1:eb:88:0f:8d:b1:
b2:35:1f:16:f7:22:67:a3:c3:c7:98:7f:b3:84:25:29:7e:c8:
84:1c:b7:12:7a:fe:1f:6e:7a:34:17:44:74:49:5a:fa:a2:c5:
b2:2c:b8:e7:c3:aa:af:02:cd:cd:99:14:cd:c2:e7:f6:18:ec:
5a:e5:02:f8:f0:d6:0e:87:4e:4c:35:29:45:a1:55:be:d6:aa:
52:d6:3b:ab:ec:9b:d7:ec:a9:08:5a:c8:bf:4d:f3:3a:72:be:
65:ca:7c:a0:d5:b8:37:9a:35:ab:c8:af:0d:71:de:6f:1d:3d:
08:75:88:80:46:41:e6:61:9a:09:33:24:5a:03:03:49:db:0d:
c9:3b:85:6a:5e:06:cb:55:90:ff:24:f6:47:b6:83:36:b9:8c:
10:af:c6:b6:a2:96:ad:15:41:13:b0:9c:3e:f5:93:63:2a:5f:
a7:66:20:a8:cc:1c:f3:a8:68:17:08:b5:86:6c:67:d4:79:d8:
b5:a4:62:c6:9c:c4:a2:d6:b7:6f:58:ee:f2:50:54:c0:c7:15:
ba:76:28:87:8a:dc:89:4d:50:8c:e5:69:35:f6:dc:03:eb:06:
1d:df:82:a4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzJvH5V1zHZhQxUusdYO30nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOGEwOGUyOGIzMWJiZTVjMTgxMmZkYTkwZTdlOGM4YTQ4
MzM1ZTgwHhcNMjQwMTAyMTAzMzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWFlNDkyNzhiZTZlMDE0MDkyMDI1NGM3ZDkyNjhmNjM2Y2VlOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGsNCmb4upLFjXQp8k7l5Ydmz6Yc
4Ahf7/mFSHU4AFrDYefmWkcH9/jUv5WmhKYRUbYrwBTcGcrTwMfvPnZyfc36MJf0
xnL/cyoAimfrHyQRojcpo8B6TGMWVx2cR64DqtirUnBxHsBObdtzineCRvk6CzlA
meT6Iw3qjBzkjhNvlwqZxOdl4x6u4QmQXAcARoPVaXwpAWds7HbbvFH9dJU/VjRj
DNVIUpg8AB4GrNc+rC+TA+Wk2dTgwfzGt24R+IAWxn4xEr22xrqsR4YHjO+nFydh
1+AsTwwoUNNr5AMoQ7REf9gkl72sO/ApV9O5kog5nMj8okAgVAFPTNgp1QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHGuSSeL5uAUCSAlTH2SaPY2zukAMB8GA1UdIwQY
MBaAFGKKCOKLMbvlwYEv2pDn6MikgzXoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW9vSTRvc3h1LVhCZ1NfYWtPZm95S1NETmVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NjkzMjUtMTJjMi00ZmMwLWIxOWIt
MGExZDRjMDIyZTUxLzEvY2E1Sko0dm00QlFKSUNWTWZaSm85amJPNlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NjkzMjUtMTJjMi00ZmMwLWIxOWItMGExZDRjMDIyZTUx
LzEvWW9vSTRvc3h1LVhCZ1NfYWtPZm95S1NETmVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDU47YAwQC
W8lYAwQDsHNQMAwDBAbBAMADBAHBAMQwDQYJKoZIhvcNAQELBQADggEBADxZrZtl
d7pOf1bwAqv3n3yuBidAT7phNmcQgX1z6cHriA+NsbI1Hxb3Imejw8eYf7OEJSl+
yIQctxJ6/h9uejQXRHRJWvqixbIsuOfDqq8Czc2ZFM3C5/YY7FrlAvjw1g6HTkw1
KUWhVb7WqlLWO6vsm9fsqQhayL9N8zpyvmXKfKDVuDeaNavIrw1x3m8dPQh1iIBG
QeZhmgkzJFoDA0nbDck7hWpeBstVkP8k9ke2gza5jBCvxrailq0VQROwnD71k2Mq
X6dmIKjMHPOoaBcItYZsZ9R52LWkYsacxKLWt29Y7vJQVMDHFbp2KIeK3IlNUIzl
aTX23APrBh3fgqQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:31 2025 by rpki-client