Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/ydGAj_l45ojMNNCosuRWUOUbtKE.roa
File: ydGAj_l45ojMNNCosuRWUOUbtKE.roa (raw, json)
Hash identifier: 6Q65cwum/cDKAHiCaIekm3cIhZRUztWtQv5OcQcABzE=
Subject key identifier: C9:D1:80:8F:F9:78:E6:88:CC:34:D0:A8:B2:E4:56:50:E5:1B:B4:A1
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 0189F9212B652D488A34F9B71F982E90860B
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/ydGAj_l45ojMNNCosuRWUOUbtKE.roa
Signing time: Tue 15 Aug 2023 12:17:27 +0000
ROA not before: Tue 15 Aug 2023 12:17:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8985
IP address blocks: 194.190.146.0/24 maxlen: 24
194.226.16.0/24 maxlen: 24
194.85.16.0/24 maxlen: 24
195.208.222.0/24 maxlen: 24
195.208.24.0/21 maxlen: 21
195.208.29.0/24 maxlen: 24
193.232.64.0/24 maxlen: 24
193.232.76.0/24 maxlen: 24
195.209.147.0/24 maxlen: 24
195.209.148.0/24 maxlen: 24
193.232.226.0/23 maxlen: 23
194.226.41.0/24 maxlen: 24
195.19.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 13:23:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:21:2b:65:2d:48:8a:34:f9:b7:1f:98:2e:90:86:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Aug 15 12:17:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c9d1808ff978e688cc34d0a8b2e45650e51bb4a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:46:07:b6:f9:48:08:b2:a2:6a:9c:74:a3:25:
d5:1e:0a:b6:98:00:3a:85:f9:ed:67:6d:c8:ef:82:
c4:4a:d5:ed:3a:ff:f3:95:95:5b:15:3c:0b:0b:15:
95:a9:d0:c4:28:94:9c:41:a4:9a:73:92:14:fe:d2:
fb:34:18:f8:3b:b6:ca:09:8e:1d:13:50:25:47:24:
c5:c7:5f:87:ee:03:d9:09:ff:33:85:24:c8:88:e4:
b9:5a:b3:f0:c4:ae:1c:af:54:cb:fe:d4:52:c4:8b:
eb:51:f7:75:ce:42:74:70:e5:4f:b4:6b:f9:df:a8:
f4:76:86:97:a0:4b:9e:40:fb:b9:4d:e9:b7:f3:12:
f4:75:44:1a:22:83:2d:e5:48:c1:d6:92:bc:73:16:
5b:71:bb:99:20:d6:12:ac:b9:16:af:03:b9:2f:15:
3b:4a:8d:3d:68:5b:7d:70:c5:b1:bc:ad:37:f2:2d:
17:37:e3:71:6a:d8:cd:6e:97:c8:b3:ce:d3:c0:4a:
35:42:23:97:1d:df:2d:a8:a9:fc:13:57:9d:ce:57:
55:34:f1:2b:d9:62:b9:db:71:8d:f4:13:f0:6e:03:
e7:1d:82:63:31:36:4c:d1:4b:69:48:34:e7:e8:56:
88:05:03:09:4d:ed:f2:3f:7b:ff:c7:a8:c8:13:f0:
a8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D1:80:8F:F9:78:E6:88:CC:34:D0:A8:B2:E4:56:50:E5:1B:B4:A1
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/ydGAj_l45ojMNNCosuRWUOUbtKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.64.0/24
193.232.76.0/24
193.232.226.0/23
194.85.16.0/24
194.190.146.0/24
194.226.16.0/24
194.226.41.0/24
195.19.8.0/24
195.208.24.0/21
195.208.222.0/24
195.209.147.0-195.209.148.255
Signature Algorithm: sha256WithRSAEncryption
5b:97:09:f7:0a:78:ec:10:01:40:5b:c2:8f:77:2d:db:32:fd:
c3:23:f5:cd:f2:86:66:50:07:a0:60:e0:52:33:8c:04:47:f1:
d9:ab:f7:ae:ec:42:7c:3d:e4:4b:c2:3c:ae:f9:70:69:04:fb:
8a:1b:ae:74:2d:98:9b:42:43:10:70:19:43:73:06:d8:9d:1d:
76:4e:73:73:17:6f:1c:e2:94:36:79:6d:0a:fe:89:7e:74:a2:
59:4f:75:da:fd:26:36:24:ec:7a:af:e0:ae:a6:e6:67:f3:cd:
e4:54:a8:32:c4:7c:1a:f2:f6:8f:7a:9f:5a:38:c0:8c:44:34:
50:4e:9a:73:88:99:2e:05:df:3a:30:39:ae:37:cb:72:57:4c:
b1:6e:79:fd:86:fa:0a:4f:00:0e:15:46:92:a2:d0:75:b9:f3:
24:e8:12:02:a2:67:47:78:9c:55:92:b5:38:61:46:9c:a2:69:
66:72:ad:09:2e:28:37:60:53:68:ee:03:39:33:28:58:af:a4:
6b:14:bf:44:8f:a6:cb:6c:87:0c:af:ea:34:4e:97:2a:1e:ee:
ca:a5:44:a9:58:79:6a:5c:80:cf:57:37:6a:0d:67:1b:42:07:
d2:a5:54:84:fd:36:1e:e9:ef:ee:5d:1a:19:41:23:b6:a0:88:
65:6b:24:ba
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYn5IStlLUiKNPm3H5gukIYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjMwODE1MTIxNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQxODA4ZmY5NzhlNjg4Y2MzNGQwYThiMmU0NTY1MGU1MWJiNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0YHtvlICLKiapx0oyXVHgq2mAA6
hfntZ23I74LEStXtOv/zlZVbFTwLCxWVqdDEKJScQaSac5IU/tL7NBj4O7bKCY4d
E1AlRyTFx1+H7gPZCf8zhSTIiOS5WrPwxK4cr1TL/tRSxIvrUfd1zkJ0cOVPtGv5
36j0doaXoEueQPu5Tem38xL0dUQaIoMt5UjB1pK8cxZbcbuZINYSrLkWrwO5LxU7
So09aFt9cMWxvK038i0XN+NxatjNbpfIs87TwEo1QiOXHd8tqKn8E1edzldVNPEr
2WK523GN9BPwbgPnHYJjMTZM0UtpSDTn6FaIBQMJTe3yP3v/x6jIE/CoFwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFMnRgI/5eOaIzDTQqLLkVlDlG7ShMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEveWRHQWpfbDQ1b2pNTk5Db3N1UldVT1VidEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAwehAAwQA
wehMAwQBwejiAwQAwlUQAwQAwr6SAwQAwuIQAwQAwuIpAwQAwxMIAwQDw9AYAwQA
w9DeMAwDBADD0ZMDBADD0ZQwDQYJKoZIhvcNAQELBQADggEBAFuXCfcKeOwQAUBb
wo93Ldsy/cMj9c3yhmZQB6Bg4FIzjARH8dmr967sQnw95EvCPK75cGkE+4obrnQt
mJtCQxBwGUNzBtidHXZOc3MXbxzilDZ5bQr+iX50ollPddr9JjYk7Hqv4K6m5mfz
zeRUqDLEfBry9o96n1o4wIxENFBOmnOImS4F3zowOa43y3JXTLFuef2G+gpPAA4V
RpKi0HW58yToEgKiZ0d4nFWStThhRpyiaWZyrQkuKDdgU2juAzkzKFivpGsUv0SP
pstshwyv6jROlyoe7sqlRKlYeWpcgM9XN2oNZxtCB9KlVIT9Nh7p7+5dGhlBI7ag
iGVrJLo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:51 2024 by rpki-client on console-fra.rpki-client.org