Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/l2unkTyEezSUrOzmn3wIZOVQ1_M.roa
File: l2unkTyEezSUrOzmn3wIZOVQ1_M.roa (raw, json)
Hash identifier: AbzGB4adyqsO2znSyep+EFlJeBzf0Mj328bEO2RuYpg=
Subject key identifier: 97:6B:A7:91:3C:84:7B:34:94:AC:EC:E6:9F:7C:08:64:E5:50:D7:F3
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 01860C3C1F8C8EDD9222708D3DF4A5B008F7
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/l2unkTyEezSUrOzmn3wIZOVQ1_M.roa
Signing time: Wed 01 Feb 2023 09:08:32 +0000
ROA not before: Wed 01 Feb 2023 09:08:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3316
IP address blocks: 194.190.138.0/24 maxlen: 24
194.190.141.0/24 maxlen: 24
194.190.142.0/24 maxlen: 24
194.190.145.0/24 maxlen: 24
194.190.148.0/24 maxlen: 24
194.85.105.0/24 maxlen: 24
194.85.106.0/24 maxlen: 24
194.85.117.0/24 maxlen: 24
194.85.118.0/24 maxlen: 24
194.85.31.0/24 maxlen: 24
195.208.22.0/23 maxlen: 23
195.209.4.0/24 maxlen: 24
195.209.8.0/24 maxlen: 24
193.232.85.0/24 maxlen: 24
194.85.119.0/24 maxlen: 24
194.226.29.0/24 maxlen: 24
194.226.44.0/24 maxlen: 24
195.19.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Feb 2023 09:34:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0c:3c:1f:8c:8e:dd:92:22:70:8d:3d:f4:a5:b0:08:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Feb 1 09:08:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=976ba7913c847b3494acece69f7c0864e550d7f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:22:5e:0f:d3:28:d2:ea:27:9c:83:d6:38:e9:
a7:71:a5:de:74:12:5c:99:d7:c0:95:2c:02:ff:8f:
0b:62:1c:3a:74:fb:27:a8:91:ba:0e:b3:97:5c:be:
c8:34:30:bb:63:68:83:1e:bb:db:e0:60:4b:d1:4e:
57:6d:8c:c5:34:63:fb:a4:21:32:e6:0d:1c:f9:2b:
db:0c:9b:04:6d:31:84:8f:69:d0:7a:60:65:7d:fa:
71:4e:28:16:58:ed:5a:c0:fc:c5:93:8b:64:6a:c1:
13:17:63:4a:c8:1f:26:86:ad:98:b2:39:4e:fb:d2:
1e:77:16:4d:d6:d2:b2:80:a1:00:17:41:87:a1:bb:
98:33:06:5e:3d:57:e9:97:58:16:ff:d6:f2:5d:12:
1d:11:14:27:72:3b:82:00:d2:e1:98:59:f0:bb:7e:
02:0d:66:bf:b8:2f:c5:50:97:a6:51:51:ee:a4:1e:
4e:a2:09:a2:35:74:e1:83:8e:5a:76:83:25:af:4d:
fa:17:b3:60:92:1d:7e:ae:a1:03:c9:63:b6:02:57:
b4:95:f1:0d:89:d4:6e:95:21:0b:ca:9a:42:20:ae:
c6:9c:5e:ed:33:1e:aa:f1:d4:51:c1:cc:61:78:a7:
55:e6:d2:0f:df:c0:dd:74:27:32:1e:14:82:60:1f:
18:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6B:A7:91:3C:84:7B:34:94:AC:EC:E6:9F:7C:08:64:E5:50:D7:F3
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/l2unkTyEezSUrOzmn3wIZOVQ1_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.85.0/24
194.85.31.0/24
194.85.105.0-194.85.106.255
194.85.117.0-194.85.119.255
194.190.138.0/24
194.190.141.0-194.190.142.255
194.190.145.0/24
194.190.148.0/24
194.226.29.0/24
194.226.44.0/24
195.19.26.0/24
195.208.22.0/23
195.209.4.0/24
195.209.8.0/24
Signature Algorithm: sha256WithRSAEncryption
90:16:45:d4:0a:33:80:b5:6f:3a:fb:3f:d4:48:60:ec:d9:52:
15:3f:3b:22:1f:fc:2b:01:07:b4:00:85:c9:81:a6:fa:77:cb:
96:14:f2:9c:1f:24:56:6e:da:84:42:96:77:9a:f7:89:60:72:
31:ab:cc:fd:fe:5e:29:31:05:7e:6b:39:dd:b5:1e:93:f6:3d:
42:b8:6f:d7:f2:26:f4:e6:cb:c9:5a:a4:6a:da:06:f4:04:b7:
04:53:4a:b3:eb:88:6b:6c:da:cb:48:9e:5c:37:a4:32:d9:6b:
e6:fe:cc:68:60:69:d2:61:17:ff:3b:a1:f5:7d:53:90:fd:b4:
df:4a:88:9e:a6:a4:e9:f8:a7:8b:e5:f0:20:c4:ff:a1:16:99:
95:24:d7:52:39:0b:e2:e4:2d:7b:7c:27:09:68:78:1e:64:0e:
e9:06:b0:e5:c5:96:ac:78:8e:54:89:82:c9:89:b9:7f:cd:54:
f5:fb:f2:ba:6c:80:10:53:9a:2c:4e:28:8b:44:a4:cf:09:46:
62:c9:a1:7b:71:12:3e:0a:76:6d:5a:42:b0:8e:88:97:5c:ba:
7d:8b:f9:a3:8d:e5:74:46:2c:0b:69:a8:36:d7:b0:f3:79:e5:
27:fc:f8:00:de:d1:39:4c:3d:0c:98:ce:95:20:35:69:09:9b:
b9:3d:36:73
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYYMPB+Mjt2SInCNPfSlsAj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMwMjAxMDkwODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzZiYTc5MTNjODQ3YjM0OTRhY2VjZTY5ZjdjMDg2NGU1NTBkN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiJeD9Mo0uonnIPWOOmncaXedBJc
mdfAlSwC/48LYhw6dPsnqJG6DrOXXL7INDC7Y2iDHrvb4GBL0U5XbYzFNGP7pCEy
5g0c+SvbDJsEbTGEj2nQemBlffpxTigWWO1awPzFk4tkasETF2NKyB8mhq2YsjlO
+9IedxZN1tKygKEAF0GHobuYMwZePVfpl1gW/9byXRIdERQncjuCANLhmFnwu34C
DWa/uC/FUJemUVHupB5OogmiNXThg45adoMlr036F7Ngkh1+rqEDyWO2Ale0lfEN
idRulSELyppCIK7GnF7tMx6q8dRRwcxheKdV5tIP38DddCcyHhSCYB8Y3wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJdrp5E8hHs0lKzs5p98CGTlUNfzMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvbDJ1bmtUeUVlelNVck96bW4zd0laT1ZRMV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMHoVQME
AMJVHzAMAwQAwlVpAwQAwlVqMAwDBADCVXUDBAPCVXADBADCvoowDAMEAMK+jQME
AMK+jgMEAMK+kQMEAMK+lAMEAMLiHQMEAMLiLAMEAMMTGgMEAcPQFgMEAMPRBAME
AMPRCDANBgkqhkiG9w0BAQsFAAOCAQEAkBZF1AozgLVvOvs/1Ehg7NlSFT87Ih/8
KwEHtACFyYGm+nfLlhTynB8kVm7ahEKWd5r3iWByMavM/f5eKTEFfms53bUek/Y9
Qrhv1/Im9ObLyVqkatoG9AS3BFNKs+uIa2zay0ieXDekMtlr5v7MaGBp0mEX/zuh
9X1TkP2030qInqak6fini+XwIMT/oRaZlSTXUjkL4uQte3wnCWh4HmQO6Qaw5cWW
rHiOVImCyYm5f81U9fvyumyAEFOaLE4oi0SkzwlGYsmhe3ESPgp2bVpCsI6Il1y6
fYv5o43ldEYsC2moNtew83nlJ/z4AN7ROUw9DJjOlSA1aQmbuT02cw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:51 2024 by rpki-client on console-ams.rpki-client.org