Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/_aBAlnnOUWJpe2cKZHA69-KItpk.roa
File: _aBAlnnOUWJpe2cKZHA69-KItpk.roa (raw, json)
Hash identifier: BLjJZke2cZZASLdmKSJnu0kwXnbcSg9NwfEKz6kR5RI=
Subject key identifier: FD:A0:40:96:79:CE:51:62:69:7B:67:0A:64:70:3A:F7:E2:88:B6:99
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F4A9B225E3FA7DB6919CBEDAD6C0
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/_aBAlnnOUWJpe2cKZHA69-KItpk.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212192
IP address blocks: 178.157.77.0/24 maxlen: 24
146.66.211.0/24 maxlen: 24
188.74.244.0/24 maxlen: 24
188.119.164.0/24 maxlen: 24
188.119.167.0/24 maxlen: 24
188.74.156.0/22 maxlen: 22
91.235.122.0/24 maxlen: 24
5.157.164.0/22 maxlen: 24
37.35.38.0/24 maxlen: 24
37.35.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 15 Nov 2023 16:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f4:a9:b2:25:e3:fa:7d:b6:91:9c:be:da:d6:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fda0409679ce5162697b670a64703af7e288b699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:08:06:ea:0b:77:e6:ad:d8:ca:c1:ae:7c:8b:
db:db:0d:2b:53:81:a8:31:92:13:80:08:01:65:fe:
7f:04:27:84:2f:33:00:d8:87:8c:bb:52:a6:82:8f:
cc:fd:f4:35:83:fa:89:3a:40:bc:41:83:ef:ba:58:
dd:e5:85:f4:87:c8:ee:37:d9:e4:74:0a:5d:7d:82:
83:02:c0:d9:90:38:3a:74:05:7c:e2:1e:00:e1:20:
5a:95:39:29:2a:9c:4e:0b:4e:24:2a:d7:78:f3:74:
b4:f4:05:97:9c:38:f2:8d:82:be:1c:da:c3:a7:14:
75:b3:b8:bf:65:d1:f3:f0:98:0e:0b:d0:a1:79:3c:
9e:25:53:46:4d:82:72:b7:3c:b1:82:9e:de:e6:48:
b5:31:03:1f:3a:e5:d9:c2:d5:b1:f7:5c:f9:ce:4c:
7f:69:e8:2a:1d:eb:f8:f8:27:74:eb:57:d4:68:4c:
a9:26:3a:d6:e1:12:97:98:2a:a8:79:4a:a3:49:e2:
bc:fc:6a:ea:99:79:5d:2c:a7:bb:85:0c:5a:28:6d:
5b:dc:cc:2f:78:68:22:e6:ae:ff:10:b7:23:0d:47:
52:fe:53:99:24:bf:a0:ef:cc:1b:81:5d:86:18:03:
78:bd:5a:21:24:b7:65:fe:c7:ab:82:41:93:22:d7:
24:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A0:40:96:79:CE:51:62:69:7B:67:0A:64:70:3A:F7:E2:88:B6:99
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/_aBAlnnOUWJpe2cKZHA69-KItpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.164.0/22
37.35.32.0/22
37.35.38.0/24
91.235.122.0/24
146.66.211.0/24
178.157.77.0/24
188.74.156.0/22
188.74.244.0/24
188.119.164.0/24
188.119.167.0/24
Signature Algorithm: sha256WithRSAEncryption
70:3a:63:36:2d:b0:98:64:d6:f4:e0:a6:22:90:e6:50:37:a5:
ed:e3:bb:0b:4a:e0:fa:b3:aa:95:77:6f:77:e8:46:dd:f2:5e:
6c:77:0a:4c:95:c9:f1:3d:34:dc:f9:31:d6:08:a8:07:52:4d:
12:4f:eb:b6:25:a0:47:8e:2c:bc:04:ab:d7:42:1f:e0:28:38:
87:4b:07:e4:1c:29:4c:74:6b:b9:a0:11:f5:7d:dd:20:38:c5:
d0:46:4a:e4:13:bc:25:2a:8d:66:26:36:a7:6d:14:fd:10:9d:
46:72:f6:8c:a9:f1:ec:e5:71:78:2c:c6:d2:07:5e:bc:a8:d8:
85:52:34:28:2d:86:53:8f:a6:93:9a:10:34:8a:60:b7:f8:9b:
27:92:93:38:5b:3e:70:7f:68:90:3e:b5:f1:92:6c:96:16:34:
19:e4:73:db:2d:53:47:34:9f:83:fa:e7:18:d6:95:92:24:6d:
7e:cc:5d:44:a3:77:3a:52:90:3b:cd:c1:56:52:88:02:72:c0:
c5:f9:21:8e:c3:7a:14:7b:1b:fc:e4:ba:6f:dd:96:f4:f2:de:
d0:b4:20:70:2d:45:0b:50:37:b8:77:d7:5f:63:8a:89:b6:d3:
46:db:18:04:30:88:3e:dc:af:37:ea:5d:28:3f:12:aa:ed:96:
a7:dd:20:ab
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYVtU/SpsiXj+n22kZy+2tbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGEwNDA5Njc5Y2U1MTYyNjk3YjY3MGE2NDcwM2FmN2UyODhiNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAgG6gt35q3YysGufIvb2w0rU4Go
MZITgAgBZf5/BCeELzMA2IeMu1Kmgo/M/fQ1g/qJOkC8QYPvuljd5YX0h8juN9nk
dApdfYKDAsDZkDg6dAV84h4A4SBalTkpKpxOC04kKtd483S09AWXnDjyjYK+HNrD
pxR1s7i/ZdHz8JgOC9CheTyeJVNGTYJytzyxgp7e5ki1MQMfOuXZwtWx91z5zkx/
aegqHev4+Cd061fUaEypJjrW4RKXmCqoeUqjSeK8/GrqmXldLKe7hQxaKG1b3Mwv
eGgi5q7/ELcjDUdS/lOZJL+g78wbgV2GGAN4vVohJLdl/sergkGTItck4wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP2gQJZ5zlFiaXtnCmRwOvfiiLaZMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvX2FCQWxubk9VV0pwZTJjS1pIQTY5LUtJdHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBZ2kAwQC
JSMgAwQAJSMmAwQAW+t6AwQAkkLTAwQAsp1NAwQCvEqcAwQAvEr0AwQAvHekAwQA
vHenMA0GCSqGSIb3DQEBCwUAA4IBAQBwOmM2LbCYZNb04KYikOZQN6Xt47sLSuD6
s6qVd2936Ebd8l5sdwpMlcnxPTTc+THWCKgHUk0ST+u2JaBHjiy8BKvXQh/gKDiH
SwfkHClMdGu5oBH1fd0gOMXQRkrkE7wlKo1mJjanbRT9EJ1GcvaMqfHs5XF4LMbS
B168qNiFUjQoLYZTj6aTmhA0imC3+JsnkpM4Wz5wf2iQPrXxkmyWFjQZ5HPbLVNH
NJ+D+ucY1pWSJG1+zF1Eo3c6UpA7zcFWUogCcsDF+SGOw3oUexv85Lpv3Zb08t7Q
tCBwLUULUDe4d9dfY4qJttNG2xgEMIg+3K836l0oPxKq7Zan3SCr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org