Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/taGxaXVkJRBxnKNzDTd2Hr7fdIA.roa
File: taGxaXVkJRBxnKNzDTd2Hr7fdIA.roa (raw, json)
Hash identifier: R2ZG3Y+8DOkc37k3rjAxB9kX6eCIzVjc9j8MzzhakBM=
Subject key identifier: B5:A1:B1:69:75:64:25:10:71:9C:A3:73:0D:37:76:1E:BE:DF:74:80
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F1F6BC511D6A32BB4F923F718DAA
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/taGxaXVkJRBxnKNzDTd2Hr7fdIA.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199552
IP address blocks: 146.66.219.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
188.119.162.0/24 maxlen: 24
37.35.55.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
5.157.240.0/21 maxlen: 21
188.74.155.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 16:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f1:f6:bc:51:1d:6a:32:bb:4f:92:3f:71:8d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5a1b16975642510719ca3730d37761ebedf7480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:57:72:d1:21:91:59:71:58:23:5a:41:bc:c1:
d3:04:7e:94:8e:1b:73:ae:f7:b5:23:10:b0:29:df:
0b:86:82:b5:df:fe:c6:ca:8f:07:33:c2:d5:19:10:
3d:39:1c:c1:0a:d6:52:45:91:bc:8d:b8:e3:4d:c0:
c3:74:6e:09:ba:6d:81:09:1a:f6:77:50:42:e0:b7:
e0:5c:0a:93:03:b6:83:bc:49:39:fc:bc:9a:48:75:
30:03:56:30:e0:0e:6b:5f:86:f8:d2:d8:61:79:6a:
d3:80:93:1d:43:71:4d:a5:32:d1:3a:58:57:64:57:
2f:c3:71:5d:26:fa:58:47:cb:bf:6d:15:af:e0:53:
c4:23:31:2b:68:76:27:18:f4:1c:5f:8a:f8:65:02:
43:45:bb:f6:16:aa:fd:c4:65:70:dd:96:3d:a8:31:
2b:fb:29:9c:ed:7b:ad:02:f8:58:af:eb:85:14:70:
a0:d8:38:3a:25:bf:c0:30:ce:6d:61:71:06:d5:cc:
af:55:2d:94:53:3e:f3:a4:b7:82:ca:89:5d:d8:ff:
bb:f1:19:f4:20:ef:75:94:7e:20:7f:45:c5:dd:d1:
a9:28:fe:08:ba:0a:16:5e:b6:96:15:43:be:9c:4b:
88:93:0b:d8:f5:2a:38:96:55:1d:c6:64:d5:f8:a0:
5f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A1:B1:69:75:64:25:10:71:9C:A3:73:0D:37:76:1E:BE:DF:74:80
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/taGxaXVkJRBxnKNzDTd2Hr7fdIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.240.0/21
37.35.55.0/24
146.66.218.0/23
178.157.92.0/24
178.157.110.0/23
178.157.125.0/24
188.74.128.0/24
188.74.155.0/24
188.74.171.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:19:01:9d:df:5f:22:23:90:2c:0f:8a:cf:31:d2:09:53:b6:
a0:41:b8:df:98:b3:6e:5f:eb:23:45:a8:2f:c6:32:e9:91:33:
96:f7:8b:b3:94:27:d9:8c:37:9e:97:b2:b2:cb:40:7b:17:c4:
c6:ec:01:54:4d:70:c0:82:58:ae:d0:a2:f9:37:fc:08:05:fd:
4e:f2:8a:8e:8a:5a:a5:f9:10:57:98:52:74:a9:5e:7b:7a:2c:
47:c9:11:d5:80:87:51:40:46:c3:df:aa:a3:aa:38:d5:d4:af:
39:00:bf:f4:45:52:ea:1f:40:65:9d:9e:6c:a2:7c:cc:91:05:
d2:13:2f:83:0e:ac:36:36:ce:91:47:98:89:bd:b4:ff:bd:5e:
9d:ce:0e:fa:1a:73:6e:07:92:6c:c0:42:71:52:3f:9e:0f:7c:
86:76:b7:bc:ef:09:3f:16:07:dd:84:2f:98:4a:00:a0:ea:28:
0a:f6:88:5b:ac:a8:30:9f:b6:3c:d5:87:11:3d:9c:31:83:54:
d6:d7:32:ac:7c:2f:0f:55:28:c0:83:28:c4:67:e8:81:8d:f9:
c0:5a:aa:61:06:f2:3c:90:8b:6b:1d:23:e9:64:24:1e:fb:d5:
e0:f9:f7:3a:3e:7e:4f:36:17:81:05:eb:71:28:03:2f:71:de:
87:54:0b:4c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVtU/H2vFEdajK7T5I/cY2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWExYjE2OTc1NjQyNTEwNzE5Y2EzNzMwZDM3NzYxZWJlZGY3NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVdy0SGRWXFYI1pBvMHTBH6Ujhtz
rve1IxCwKd8LhoK13/7Gyo8HM8LVGRA9ORzBCtZSRZG8jbjjTcDDdG4Jum2BCRr2
d1BC4LfgXAqTA7aDvEk5/LyaSHUwA1Yw4A5rX4b40thheWrTgJMdQ3FNpTLROlhX
ZFcvw3FdJvpYR8u/bRWv4FPEIzEraHYnGPQcX4r4ZQJDRbv2Fqr9xGVw3ZY9qDEr
+ymc7XutAvhYr+uFFHCg2Dg6Jb/AMM5tYXEG1cyvVS2UUz7zpLeCyold2P+78Rn0
IO91lH4gf0XF3dGpKP4IugoWXraWFUO+nEuIkwvY9So4llUdxmTV+KBf8QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLWhsWl1ZCUQcZyjcw03dh6+33SAMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvdGFHeGFYVmtKUkJ4bktOekRUZDJIcjdmZElBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDBZ3wAwQA
JSM3AwQBkkLaAwQAsp1cAwQBsp1uAwQAsp19AwQAvEqAAwQAvEqbAwQAvEqrAwQC
vHeQAwQAvHeiMA0GCSqGSIb3DQEBCwUAA4IBAQAsGQGd318iI5AsD4rPMdIJU7ag
QbjfmLNuX+sjRagvxjLpkTOW94uzlCfZjDeel7Kyy0B7F8TG7AFUTXDAgliu0KL5
N/wIBf1O8oqOilql+RBXmFJ0qV57eixHyRHVgIdRQEbD36qjqjjV1K85AL/0RVLq
H0BlnZ5sonzMkQXSEy+DDqw2Ns6RR5iJvbT/vV6dzg76GnNuB5JswEJxUj+eD3yG
dre87wk/FgfdhC+YSgCg6igK9ohbrKgwn7Y81YcRPZwxg1TW1zKsfC8PVSjAgyjE
Z+iBjfnAWqphBvI8kItrHSPpZCQe+9Xg+fc6Pn5PNheBBetxKAMvcd6HVAtM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org