Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/A67eJPfJQzIrNtJBaAyQ712gPng.roa
File: A67eJPfJQzIrNtJBaAyQ712gPng.roa (raw, json)
Hash identifier: WrtKxbD2CVvx4nEuiT71Czeos+qQ/S3H+vro2D8FMtc=
Subject key identifier: 03:AE:DE:24:F7:C9:43:32:2B:36:D2:41:68:0C:90:EF:5D:A0:3E:78
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 0189F48A8EE08C48513836F7C857B9421744
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/A67eJPfJQzIrNtJBaAyQ712gPng.roa
Signing time: Mon 14 Aug 2023 14:54:28 +0000
ROA not before: Mon 14 Aug 2023 14:54:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8985
IP address blocks: 193.232.64.0/24 maxlen: 24
194.190.146.0/24 maxlen: 24
193.232.76.0/24 maxlen: 24
195.209.147.0/24 maxlen: 24
195.209.148.0/24 maxlen: 24
194.85.16.0/24 maxlen: 24
195.208.222.0/24 maxlen: 24
193.232.226.0/23 maxlen: 23
194.226.41.0/24 maxlen: 24
195.19.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 10:44:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f4:8a:8e:e0:8c:48:51:38:36:f7:c8:57:b9:42:17:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Aug 14 14:54:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03aede24f7c943322b36d241680c90ef5da03e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:76:70:46:a8:69:a6:0a:e1:da:65:2f:02:24:
83:e0:cb:ce:22:3d:0b:3f:ac:28:13:a2:01:e7:f6:
b7:0d:a0:5b:db:b5:c6:fc:26:8a:07:4b:61:41:96:
ee:d4:f0:58:2b:71:f3:c7:c8:15:34:6d:5f:40:c4:
cd:cf:ba:70:e9:94:f6:82:66:c5:ce:a5:e0:3e:65:
b5:a8:1a:54:61:63:43:3a:e5:f3:3e:84:be:d6:74:
2a:25:6e:5f:92:89:99:c5:f1:dc:32:73:f4:11:7f:
a2:2c:f3:8a:af:a5:63:5e:3a:d8:ac:ed:a8:09:df:
af:67:24:4b:a3:61:c2:db:c5:ac:9d:6b:91:d0:26:
85:81:ce:74:df:b1:68:16:4b:9c:2f:c0:40:6b:57:
77:eb:1c:55:5f:db:2f:74:44:99:ac:11:62:a5:25:
a1:a9:5a:0d:00:6f:44:71:2a:a1:19:81:6f:f8:cc:
c8:7b:f9:68:c1:c5:d3:f4:36:e4:39:a9:22:a1:70:
20:d6:4e:af:c6:0e:7f:41:c9:08:75:9d:a6:f6:70:
3d:9d:94:b8:be:f4:9f:0a:bb:2a:b4:9a:9d:d6:c7:
82:b8:97:a1:e7:1c:35:43:46:83:33:51:ec:c2:c3:
7c:25:b5:87:ea:9a:e5:e6:8c:52:d2:92:61:d1:38:
8c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:AE:DE:24:F7:C9:43:32:2B:36:D2:41:68:0C:90:EF:5D:A0:3E:78
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/A67eJPfJQzIrNtJBaAyQ712gPng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.64.0/24
193.232.76.0/24
193.232.226.0/23
194.85.16.0/24
194.190.146.0/24
194.226.41.0/24
195.19.8.0/24
195.208.222.0/24
195.209.147.0-195.209.148.255
Signature Algorithm: sha256WithRSAEncryption
6c:ac:59:1c:eb:ae:50:39:21:b1:1a:c4:aa:af:1b:d6:cc:c0:
0a:0f:a8:50:cb:c1:37:5e:cc:1e:9c:2b:20:58:43:e6:5e:93:
aa:c7:f5:a3:74:32:35:12:58:cb:c3:4c:a1:98:91:47:0e:15:
11:7c:de:69:e6:e0:13:d0:ac:da:f2:28:f2:2b:72:85:94:8d:
e5:75:3a:60:b9:47:de:6f:e0:bd:79:83:c6:91:fa:5c:93:87:
62:69:b5:69:a1:8c:49:ea:9f:18:42:d7:fa:47:b4:ec:f0:25:
fc:a2:49:9d:df:28:eb:30:90:4a:67:4f:32:47:b0:f9:ec:8c:
42:2e:d9:2e:4e:44:b1:63:01:be:e5:3e:6c:30:9e:60:84:64:
82:6a:5b:36:b2:7d:df:ba:42:ad:7e:43:ae:06:c2:51:dc:1b:
f5:e7:92:95:80:83:45:ac:04:78:96:63:05:18:f1:52:74:70:
63:f8:3b:bb:1e:02:5d:d1:5d:c1:94:f8:7e:14:73:19:4c:8a:
e8:7c:9c:eb:ab:85:36:39:a6:e9:1e:68:40:f8:84:92:29:f5:
58:0f:ea:11:30:88:c9:93:ac:a8:9e:26:20:54:1f:50:0c:b6:
c7:a3:c1:71:64:24:a6:59:8c:b1:4f:ab:4b:21:23:50:65:8f:
f3:d2:98:0a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYn0io7gjEhRODb3yFe5QhdEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMwODE0MTQ1NDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2FlZGUyNGY3Yzk0MzMyMmIzNmQyNDE2ODBjOTBlZjVkYTAzZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXZwRqhppgrh2mUvAiSD4MvOIj0L
P6woE6IB5/a3DaBb27XG/CaKB0thQZbu1PBYK3Hzx8gVNG1fQMTNz7pw6ZT2gmbF
zqXgPmW1qBpUYWNDOuXzPoS+1nQqJW5fkomZxfHcMnP0EX+iLPOKr6VjXjrYrO2o
Cd+vZyRLo2HC28WsnWuR0CaFgc5037FoFkucL8BAa1d36xxVX9svdESZrBFipSWh
qVoNAG9EcSqhGYFv+MzIe/lowcXT9DbkOakioXAg1k6vxg5/QckIdZ2m9nA9nZS4
vvSfCrsqtJqd1seCuJeh5xw1Q0aDM1HswsN8JbWH6prl5oxS0pJh0TiMCQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAOu3iT3yUMyKzbSQWgMkO9doD54MB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvQTY3ZUpQZkpReklyTnRKQmFBeVE3MTJnUG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAwehAAwQA
wehMAwQBwejiAwQAwlUQAwQAwr6SAwQAwuIpAwQAwxMIAwQAw9DeMAwDBADD0ZMD
BADD0ZQwDQYJKoZIhvcNAQELBQADggEBAGysWRzrrlA5IbEaxKqvG9bMwAoPqFDL
wTdezB6cKyBYQ+Zek6rH9aN0MjUSWMvDTKGYkUcOFRF83mnm4BPQrNryKPIrcoWU
jeV1OmC5R95v4L15g8aR+lyTh2JptWmhjEnqnxhC1/pHtOzwJfyiSZ3fKOswkEpn
TzJHsPnsjEIu2S5ORLFjAb7lPmwwnmCEZIJqWzayfd+6Qq1+Q64GwlHcG/XnkpWA
g0WsBHiWYwUY8VJ0cGP4O7seAl3RXcGU+H4UcxlMiuh8nOurhTY5pukeaED4hJIp
9VgP6hEwiMmTrKieJiBUH1AMtsejwXFkJKZZjLFPq0shI1Blj/PSmAo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:51 2024 by rpki-client on console-ams.rpki-client.org