Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/urLHkg5wkjp-MPkP-Gpp9Rv2zaI.roa
File: urLHkg5wkjp-MPkP-Gpp9Rv2zaI.roa (raw, json)
Hash identifier: i9CBydSU4h6dogJwn2ssc/7HYaOjtYKlfODj6zUFqrg=
Subject key identifier: BA:B2:C7:92:0E:70:92:3A:7E:30:F9:0F:F8:6A:69:F5:1B:F6:CD:A2
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018572D5CEE2A11A0F9579DBB0E86C204E6B
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/urLHkg5wkjp-MPkP-Gpp9Rv2zaI.roa
Signing time: Mon 02 Jan 2023 14:14:52 +0000
ROA not before: Mon 02 Jan 2023 14:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207710
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.101.0/24 maxlen: 24
185.96.80.0/24 maxlen: 24
185.81.172.0/23 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.96.38.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Feb 2023 06:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:ce:e2:a1:1a:0f:95:79:db:b0:e8:6c:20:4e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 14:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bab2c7920e70923a7e30f90ff86a69f51bf6cda2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:2f:1f:ae:ab:3a:cb:f0:3c:9f:e3:0c:33:
3c:ab:d0:4a:27:37:42:ad:d1:58:b6:a0:bf:20:86:
b4:34:1f:cb:e4:0f:cb:83:c0:47:3a:9b:d0:cc:78:
97:18:f5:97:29:fb:8c:f2:8a:80:fa:79:8a:6e:ce:
28:1e:af:4a:a5:16:7e:36:20:47:ac:11:57:4d:d9:
bc:93:64:20:44:4e:51:2d:50:70:f0:34:41:23:2e:
62:70:7c:ba:96:d3:59:1e:8f:b7:05:a2:fa:86:f2:
93:c9:17:47:db:ba:b6:f1:6b:1d:4c:ae:25:06:a3:
cb:70:aa:20:81:6a:a7:11:b0:55:8e:45:4f:41:85:
72:f0:94:45:5c:f1:3f:cc:60:b0:23:dd:d7:67:72:
e2:1c:1a:fc:36:39:68:de:b0:ed:92:b6:67:d1:fc:
36:6c:4a:da:9f:41:41:81:ae:bc:17:ba:d7:f8:f0:
28:11:56:71:70:32:27:09:15:b7:6a:ed:af:ca:f7:
92:41:46:41:58:7d:79:91:be:c0:fa:ac:d3:2e:14:
e8:13:09:bb:27:b8:af:3f:00:63:4e:88:9e:6e:69:
dd:db:62:35:f7:53:31:5d:d1:1f:9e:2c:17:51:cd:
ee:c2:38:68:cb:f5:8a:de:d3:64:32:e4:7f:4d:91:
9d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B2:C7:92:0E:70:92:3A:7E:30:F9:0F:F8:6A:69:F5:1B:F6:CD:A2
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/urLHkg5wkjp-MPkP-Gpp9Rv2zaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.172.0-185.81.174.255
185.81.184.0/24
185.81.187.0/24
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.96.80.0/24
185.97.1.0/24
185.97.3.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:aa:22:59:40:e4:0d:62:cd:0f:71:a9:ba:1e:4f:43:2a:ab:
8d:0a:24:87:61:1b:48:86:9d:e6:82:cb:ff:2c:16:f1:e9:40:
0b:e3:ae:c4:19:4e:8f:f8:5f:f5:a2:af:82:5f:f6:5e:94:c7:
34:36:59:31:bf:6e:b7:e3:14:5c:58:30:2d:b7:d5:63:dd:a9:
1d:e8:63:c8:40:b3:35:3f:d4:a7:b2:d4:6d:54:9f:75:90:ea:
fd:1e:64:96:cc:12:a7:26:15:82:7c:eb:4f:b0:03:66:ed:bb:
bf:8f:f8:9f:5b:cd:10:72:67:46:ec:d9:7a:af:a0:06:dc:ed:
27:70:91:68:6a:89:5f:33:cf:c7:90:b5:99:e7:4a:9c:db:e7:
47:3a:f1:ce:7b:c3:2e:72:58:9e:3f:4e:ed:08:6b:9c:8c:8d:
fe:06:9f:91:cc:1e:68:d1:d7:a1:e5:c4:3e:b0:b1:07:4c:c5:
69:16:79:40:42:1d:63:26:b0:b3:97:b4:b1:a3:95:66:38:e8:
98:be:a5:73:77:36:e1:9b:11:4f:1c:fa:3a:f9:39:40:83:e7:
e8:0d:8c:7e:de:f7:a7:a5:e8:37:80:19:03:83:2d:53:05:3b:
4c:6b:9c:35:1e:f8:05:86:d4:47:49:1e:41:a0:c8:af:7e:2f:
53:4f:b3:96
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYVy1c7ioRoPlXnbsOhsIE5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMTAyMTQxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWIyYzc5MjBlNzA5MjNhN2UzMGY5MGZmODZhNjlmNTFiZjZjZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbAvH66rOsvwPJ/jDDM8q9BKJzdC
rdFYtqC/IIa0NB/L5A/Lg8BHOpvQzHiXGPWXKfuM8oqA+nmKbs4oHq9KpRZ+NiBH
rBFXTdm8k2QgRE5RLVBw8DRBIy5icHy6ltNZHo+3BaL6hvKTyRdH27q28WsdTK4l
BqPLcKoggWqnEbBVjkVPQYVy8JRFXPE/zGCwI93XZ3LiHBr8Njlo3rDtkrZn0fw2
bEran0FBga68F7rX+PAoEVZxcDInCRW3au2vyveSQUZBWH15kb7A+qzTLhToEwm7
J7ivPwBjToiebmnd22I191MxXdEfniwXUc3uwjhoy/WK3tNkMuR/TZGdMwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFLqyx5IOcJI6fjD5D/hqafUb9s2iMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdXJMSGtnNXdranAtTVBrUC1HcHA5UnYyemFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAK5UawD
BAC5Ua4DBAC5UbgDBAC5UbsDBAG5WWgDBAK5WWwwDAMEALlfZQMEA7lfYAMEALlg
JgMEALlgUAMEALlhAQMEALlhAzANBgkqhkiG9w0BAQsFAAOCAQEAXqoiWUDkDWLN
D3Gpuh5PQyqrjQokh2EbSIad5oLL/ywW8elAC+OuxBlOj/hf9aKvgl/2XpTHNDZZ
Mb9ut+MUXFgwLbfVY92pHehjyECzNT/Up7LUbVSfdZDq/R5klswSpyYVgnzrT7AD
Zu27v4/4n1vNEHJnRuzZeq+gBtztJ3CRaGqJXzPPx5C1medKnNvnRzrxznvDLnJY
nj9O7QhrnIyN/gafkcweaNHXoeXEPrCxB0zFaRZ5QEIdYyaws5e0saOVZjjomL6l
c3c24ZsRTxz6Ovk5QIPn6A2Mft73p6XoN4AZA4MtUwU7TGucNR74BYbUR0keQaDI
r34vU0+zlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:17 2024 by rpki-client on console-ams.rpki-client.org