Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/AsI6t0Iqpza5WHX4W7_4__b1z64.roa
File: AsI6t0Iqpza5WHX4W7_4__b1z64.roa (raw, json)
Hash identifier: 3qxvheuDSttWXrDDIlFbEf3rWmvofk7Ua7ZRhqrjn/E=
Subject key identifier: 02:C2:3A:B7:42:2A:A7:36:B9:58:75:F8:5B:BF:F8:FF:F6:F5:CF:AE
Certificate issuer: /CN=9da140e8028e6d537600e0888a9af5a971c5db46
Certificate serial: 01856D93EBBDB52222AEF92436376987C136
Authority key identifier: 9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/AsI6t0Iqpza5WHX4W7_4__b1z64.roa
Signing time: Sun 01 Jan 2023 13:44:48 +0000
ROA not before: Sun 01 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29601
IP address blocks: 194.252.225.0/24 maxlen: 24
192.194.132.0/22 maxlen: 22
192.194.136.0/21 maxlen: 21
192.130.31.0/24 maxlen: 24
192.194.144.0/20 maxlen: 24
192.130.157.0/24 maxlen: 24
192.194.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:93:eb:bd:b5:22:22:ae:f9:24:36:37:69:87:c1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9da140e8028e6d537600e0888a9af5a971c5db46
Validity
Not Before: Jan 1 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02c23ab7422aa736b95875f85bbff8fff6f5cfae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c3:0f:b1:de:2f:f3:0c:64:35:93:15:f2:92:
08:d1:51:8c:23:50:33:1d:25:f5:93:c0:79:38:03:
53:94:2a:26:3a:17:ae:b5:3f:a7:15:95:c4:0b:f9:
c0:5b:87:12:8b:39:d2:21:b2:99:d9:c8:12:dc:8d:
ec:5d:fe:d7:3a:ee:63:2e:77:a0:f8:39:d4:a1:e1:
ab:b8:74:e8:d0:20:19:ed:60:e9:d1:fc:d1:88:6f:
e1:75:3c:73:b0:f0:cc:5e:fa:1f:b3:ee:c5:90:93:
5a:c3:06:ec:49:47:9c:92:d4:cd:2e:63:c3:c2:d5:
18:88:ca:cd:4e:e8:d1:05:fd:b7:b2:93:e6:a0:19:
eb:14:3c:e1:23:de:5a:49:78:02:d3:9c:0f:b3:06:
d4:20:e8:40:46:e1:fc:cd:27:9f:eb:7b:4b:4c:95:
a8:36:58:08:2c:d2:67:50:37:a3:52:68:8f:4f:8c:
bc:29:5b:f5:f2:1c:c7:ab:0b:86:24:c3:d2:e7:7d:
6b:f0:45:f9:1b:64:a5:d6:e8:e6:c4:c0:ae:76:d4:
73:29:09:5c:18:b1:c1:9c:02:c7:cf:06:ae:d2:44:
19:1b:4c:17:6f:a5:77:81:8b:4f:f8:03:2c:a8:5b:
f6:c1:fd:cc:7f:2f:30:9c:96:ca:40:0f:ec:7c:61:
15:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C2:3A:B7:42:2A:A7:36:B9:58:75:F8:5B:BF:F8:FF:F6:F5:CF:AE
X509v3 Authority Key Identifier:
keyid:9D:A1:40:E8:02:8E:6D:53:76:00:E0:88:8A:9A:F5:A9:71:C5:DB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naFA6AKObVN2AOCIipr1qXHF20Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/AsI6t0Iqpza5WHX4W7_4__b1z64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/126755-eedd-40b1-95e8-a4ca8b9c205b/1/naFA6AKObVN2AOCIipr1qXHF20Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.130.31.0/24
192.130.157.0/24
192.194.132.0-192.194.160.255
194.252.225.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:11:fc:79:15:12:9a:2c:6a:62:a4:29:54:bb:72:87:39:15:
07:04:dd:a1:b9:5c:db:8f:34:e1:a2:fc:83:b9:a8:43:25:9c:
0f:28:f9:84:c8:e5:0a:89:18:88:15:eb:d4:8e:51:b3:23:b3:
82:76:93:b2:97:c5:b3:ee:be:87:09:d2:e0:95:b9:38:17:12:
2a:af:01:40:48:e6:cb:10:24:71:57:bd:42:64:61:c2:8b:7f:
22:d3:5a:33:54:1d:57:0d:ce:6d:f7:62:d8:ec:11:fb:f4:d9:
94:8b:e6:64:20:63:e3:1f:d0:ec:07:cd:a2:0b:f2:3b:4a:a0:
02:7a:56:89:5d:ca:2a:50:7b:8f:06:4b:97:69:08:bf:6a:df:
79:41:ce:41:f8:07:b9:c1:79:89:7c:6e:b9:e4:1d:95:4d:58:
31:2d:60:c8:7e:88:fe:d4:98:bb:62:a9:94:cf:73:c0:83:96:
5a:90:c9:31:e3:46:cc:6c:b7:87:03:51:71:24:43:00:5e:a2:
5f:eb:6d:1a:a5:31:92:2d:74:fc:23:f2:b6:76:b3:45:8c:a3:
58:9d:1e:39:19:41:78:5c:51:a7:93:8c:13:ae:ad:58:b1:ce:
f0:58:d5:a1:71:4f:9d:a8:d8:9d:23:9a:1f:41:03:84:8f:33:
76:d0:7b:39
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtk+u9tSIirvkkNjdph8E2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYTE0MGU4MDI4ZTZkNTM3NjAwZTA4ODhhOWFmNWE5NzFj
NWRiNDYwHhcNMjMwMTAxMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmMyM2FiNzQyMmFhNzM2Yjk1ODc1Zjg1YmJmZjhmZmY2ZjVjZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMMPsd4v8wxkNZMV8pII0VGMI1Az
HSX1k8B5OANTlComOheutT+nFZXEC/nAW4cSiznSIbKZ2cgS3I3sXf7XOu5jLneg
+DnUoeGruHTo0CAZ7WDp0fzRiG/hdTxzsPDMXvofs+7FkJNawwbsSUecktTNLmPD
wtUYiMrNTujRBf23spPmoBnrFDzhI95aSXgC05wPswbUIOhARuH8zSef63tLTJWo
NlgILNJnUDejUmiPT4y8KVv18hzHqwuGJMPS531r8EX5G2Sl1ujmxMCudtRzKQlc
GLHBnALHzwau0kQZG0wXb6V3gYtP+AMsqFv2wf3Mfy8wnJbKQA/sfGEV0wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFALCOrdCKqc2uVh1+Fu/+P/29c+uMB8GA1UdIwQY
MBaAFJ2hQOgCjm1TdgDgiIqa9alxxdtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgt
YTRjYThiOWMyMDViLzEvQXNJNnQwSXFwemE1V0hYNFc3XzRfX2IxejY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8xMjY3NTUtZWVkZC00MGIxLTk1ZTgtYTRjYThiOWMyMDVi
LzEvbmFGQTZBS09iVk4yQU9DSWlwcjFxWEhGMjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwIIfAwQA
wIKdMAwDBALAwoQDBADAwqADBADC/OEwDQYJKoZIhvcNAQELBQADggEBAKgR/HkV
EposamKkKVS7coc5FQcE3aG5XNuPNOGi/IO5qEMlnA8o+YTI5QqJGIgV69SOUbMj
s4J2k7KXxbPuvocJ0uCVuTgXEiqvAUBI5ssQJHFXvUJkYcKLfyLTWjNUHVcNzm33
YtjsEfv02ZSL5mQgY+Mf0OwHzaIL8jtKoAJ6VoldyipQe48GS5dpCL9q33lBzkH4
B7nBeYl8brnkHZVNWDEtYMh+iP7UmLtiqZTPc8CDllqQyTHjRsxst4cDUXEkQwBe
ol/rbRqlMZItdPwj8rZ2s0WMo1idHjkZQXhcUaeTjBOurVixzvBY1aFxT52o2J0j
mh9BA4SPM3bQezk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:12 2024 by rpki-client on console-fra.rpki-client.org