Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/axE3qJh7oDBgU4W8rMMMOE1qxns.roa
File: axE3qJh7oDBgU4W8rMMMOE1qxns.roa (raw, json)
Hash identifier: 6lRFVaTod51Gc5nZsHPsngA8h9xCTGkdGgj5KEsB/2s=
Subject key identifier: 6B:11:37:A8:98:7B:A0:30:60:53:85:BC:AC:C3:0C:38:4D:6A:C6:7B
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018CC49386F9D14F75D7CCE101680D124A1B
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/axE3qJh7oDBgU4W8rMMMOE1qxns.roa
Signing time: Mon 01 Jan 2024 10:30:51 +0000
ROA not before: Mon 01 Jan 2024 10:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199552
IP address blocks: 37.35.55.0/24 maxlen: 24
146.66.219.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
178.157.125.0/24 maxlen: 24
5.157.240.0/21 maxlen: 21
188.119.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 17:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:86:f9:d1:4f:75:d7:cc:e1:01:68:0d:12:4a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 10:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b1137a8987ba030605385bcacc30c384d6ac67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:91:b2:61:28:4f:67:a2:6e:83:8a:96:16:d8:
69:33:b3:24:3e:59:aa:01:6f:b5:0b:30:6e:5b:49:
ac:1f:d6:a5:0b:a0:8b:12:be:82:26:df:aa:8a:f5:
88:60:2c:64:a1:24:0a:da:0b:34:11:4f:b7:a4:c3:
b4:7d:1f:76:3e:54:b0:4a:26:3f:4f:e9:30:68:a7:
17:3b:8f:c6:2b:90:b9:8b:36:17:ea:53:b4:4a:ab:
39:71:e9:bc:eb:59:ec:98:f0:22:68:3c:3a:6e:31:
f9:90:3a:96:34:04:02:69:79:1e:a5:71:69:d8:9f:
7f:0c:e4:c6:7a:01:b0:91:26:92:e8:66:ae:43:3b:
fa:9a:48:d9:33:5f:a4:95:3f:f8:51:75:6a:e1:06:
6b:bc:58:99:42:1c:76:f0:95:9c:4f:3f:f9:c9:93:
ed:68:41:fb:1a:02:e7:9a:b1:c2:2e:5a:65:a0:e9:
22:50:e9:c8:ec:91:03:26:f2:82:b4:7d:74:98:2d:
f9:a4:1a:20:64:e7:23:e8:67:bd:fd:b4:bd:b3:56:
0a:ee:bf:89:e9:70:5e:9d:2e:37:5a:e4:eb:97:8c:
9b:f3:28:64:e5:51:e7:43:84:f1:2c:58:96:36:88:
8a:d8:d9:dd:eb:15:05:af:f0:60:08:fa:0e:54:60:
31:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:11:37:A8:98:7B:A0:30:60:53:85:BC:AC:C3:0C:38:4D:6A:C6:7B
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/axE3qJh7oDBgU4W8rMMMOE1qxns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.55.0/24
146.66.218.0/23
178.157.92.0/24
178.157.110.0/23
178.157.125.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a8:ed:51:62:80:33:37:55:62:9a:5a:c6:bf:72:52:94:25:
dd:1f:3f:ab:2b:c9:33:be:8b:3a:f9:31:92:86:0c:c2:fe:c2:
ab:53:1b:8e:32:d8:73:c4:97:0b:81:75:a2:80:bd:4c:ed:d4:
ea:17:b1:b1:c1:10:e1:a3:4e:b5:25:b6:c6:fe:e0:d6:20:71:
6b:0a:9e:05:81:c1:26:d9:43:5b:a6:97:c0:fe:bf:95:17:58:
f0:bb:a7:24:10:c5:6f:25:9d:75:e4:42:5e:2a:87:c5:e3:05:
f4:31:36:35:1a:4a:95:df:9d:f4:4e:af:3e:51:b1:3d:e6:00:
9f:d6:7e:7a:c2:a3:64:1f:c7:9d:d9:cf:b4:89:18:86:87:7e:
fa:97:dc:16:5f:2c:38:bf:08:d7:ec:91:61:3d:1b:78:ce:cf:
9d:33:08:b0:94:18:d2:c2:c6:23:95:ae:df:c4:a0:e6:2b:60:
48:07:43:32:89:b4:1c:ad:17:ef:6a:13:1e:27:ba:98:70:af:
cf:4c:5e:b5:b6:50:14:60:e3:15:65:02:44:7a:a7:97:79:f4:
b2:ec:d6:1e:90:c0:66:09:9d:9e:7c:9c:bf:ea:af:26:ef:0a:
ca:ef:36:f4:a4:db:bf:b3:03:e7:2e:53:11:00:ce:e8:f9:e4:
3f:7f:c1:80
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzEk4b50U9118zhAWgNEkobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTAxMTAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjExMzdhODk4N2JhMDMwNjA1Mzg1YmNhY2MzMGMzODRkNmFjNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpGyYShPZ6Jug4qWFthpM7MkPlmq
AW+1CzBuW0msH9alC6CLEr6CJt+qivWIYCxkoSQK2gs0EU+3pMO0fR92PlSwSiY/
T+kwaKcXO4/GK5C5izYX6lO0Sqs5cem861nsmPAiaDw6bjH5kDqWNAQCaXkepXFp
2J9/DOTGegGwkSaS6GauQzv6mkjZM1+klT/4UXVq4QZrvFiZQhx28JWcTz/5yZPt
aEH7GgLnmrHCLlploOkiUOnI7JEDJvKCtH10mC35pBogZOcj6Ge9/bS9s1YK7r+J
6XBenS43WuTrl4yb8yhk5VHnQ4TxLFiWNoiK2Nnd6xUFr/BgCPoOVGAxmwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGsRN6iYe6AwYFOFvKzDDDhNasZ7MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvYXhFM3FKaDdvREJnVTRXOHJNTU1PRTFxeG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDBZ3wAwQA
JSM3AwQBkkLaAwQAsp1cAwQBsp1uAwQAsp19AwQCvHeQAwQAvHeiMA0GCSqGSIb3
DQEBCwUAA4IBAQCFqO1RYoAzN1VimlrGv3JSlCXdHz+rK8kzvos6+TGShgzC/sKr
UxuOMthzxJcLgXWigL1M7dTqF7GxwRDho061JbbG/uDWIHFrCp4FgcEm2UNbppfA
/r+VF1jwu6ckEMVvJZ115EJeKofF4wX0MTY1GkqV3530Tq8+UbE95gCf1n56wqNk
H8ed2c+0iRiGh376l9wWXyw4vwjX7JFhPRt4zs+dMwiwlBjSwsYjla7fxKDmK2BI
B0MyibQcrRfvahMeJ7qYcK/PTF61tlAUYOMVZQJEeqeXefSy7NYekMBmCZ2efJy/
6q8m7wrK7zb0pNu/swPnLlMRAM7o+eQ/f8GA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org