Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/gHzZOvmON-31tEXHZPtg0OIE2R8.roa
File: gHzZOvmON-31tEXHZPtg0OIE2R8.roa (raw, json)
Hash identifier: z+2NsEmGL+xdp1uH3UKUwqorBdoN34dKc4tkXUgUPgE=
Subject key identifier: 80:7C:D9:3A:F9:8E:37:ED:F5:B4:45:C7:64:FB:60:D0:E2:04:D9:1F
Certificate issuer: /CN=a95f638862529b6dafd440e172a22f0120b09aea
Certificate serial: 01856D38754348777589542BD36F191EE517
Authority key identifier: A9:5F:63:88:62:52:9B:6D:AF:D4:40:E1:72:A2:2F:01:20:B0:9A:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/gHzZOvmON-31tEXHZPtg0OIE2R8.roa
Signing time: Sun 01 Jan 2023 12:04:54 +0000
ROA not before: Sun 01 Jan 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24954
IP address blocks: 194.5.76.0/24 maxlen: 24
194.5.77.0/24 maxlen: 24
194.5.74.0/24 maxlen: 24
194.5.75.0/24 maxlen: 24
193.57.12.0/24 maxlen: 24
193.57.13.0/24 maxlen: 24
193.57.34.0/24 maxlen: 24
193.57.176.0/24 maxlen: 24
193.57.179.0/24 maxlen: 24
193.57.177.0/24 maxlen: 24
193.57.178.0/24 maxlen: 24
193.57.180.0/24 maxlen: 24
194.5.150.0/24 maxlen: 24
194.5.151.0/24 maxlen: 24
194.5.166.0/24 maxlen: 24
194.5.167.0/24 maxlen: 24
2001:67c:8a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:75:43:48:77:75:89:54:2b:d3:6f:19:1e:e5:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a95f638862529b6dafd440e172a22f0120b09aea
Validity
Not Before: Jan 1 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=807cd93af98e37edf5b445c764fb60d0e204d91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:48:e9:64:ed:c1:b1:26:8e:cb:0d:d6:51:5c:
3c:a4:ca:5d:b6:dd:7b:45:5a:fb:51:b9:05:85:ff:
f4:55:56:3a:9a:4c:fc:68:4a:3b:10:4b:9d:15:db:
ef:6a:be:b6:b3:fc:f3:08:69:be:ee:fd:f9:b4:3f:
fa:b0:48:d8:60:a8:3c:96:e8:6d:a6:73:95:61:b9:
69:e5:79:61:fa:ee:19:b9:6d:af:c2:27:4b:fe:5a:
e9:47:c3:9b:04:2e:aa:20:50:5a:f8:31:ae:35:7f:
98:5a:68:7d:f0:85:38:4c:05:91:f5:32:4b:d2:d4:
cb:1b:8e:31:df:96:cb:de:a8:36:d1:ea:82:ed:03:
cb:f8:33:14:76:29:90:c4:1c:5f:75:f3:a6:91:66:
81:2d:3f:83:6c:58:be:db:55:21:78:e8:f3:e9:5e:
7c:d7:99:6d:11:d8:f5:b5:ff:c0:21:1c:63:0e:a4:
e8:84:e0:3c:9c:5d:b7:52:f9:a9:c3:44:0d:ca:af:
ba:ed:6f:b2:f9:04:9f:e8:b0:24:74:2e:f4:e1:a3:
db:61:6c:6c:23:08:6f:9f:02:16:1a:79:75:c8:02:
00:d5:7c:14:6b:49:45:bf:70:89:b3:39:86:c7:2c:
38:e5:8e:05:b2:58:7c:81:69:f4:64:6d:17:7e:28:
e0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7C:D9:3A:F9:8E:37:ED:F5:B4:45:C7:64:FB:60:D0:E2:04:D9:1F
X509v3 Authority Key Identifier:
keyid:A9:5F:63:88:62:52:9B:6D:AF:D4:40:E1:72:A2:2F:01:20:B0:9A:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qV9jiGJSm22v1EDhcqIvASCwmuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/gHzZOvmON-31tEXHZPtg0OIE2R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/af493f-41fe-406d-b3ff-ebb53c25307b/1/qV9jiGJSm22v1EDhcqIvASCwmuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.12.0/23
193.57.34.0/24
193.57.176.0-193.57.180.255
194.5.74.0-194.5.77.255
194.5.150.0/23
194.5.166.0/23
IPv6:
2001:67c:8a0::/48
Signature Algorithm: sha256WithRSAEncryption
4d:2c:3c:fa:06:02:84:e3:4e:a7:c0:f0:97:b5:ce:ec:21:05:
2f:1a:ae:af:78:94:c9:e3:a3:b6:9c:c1:8f:07:0d:29:5d:aa:
aa:4b:2f:56:65:ea:67:50:64:57:a2:a6:33:fe:2b:c5:78:bc:
b0:de:1e:f8:be:8c:08:7e:b6:3a:e0:f6:00:21:64:8e:be:f0:
b2:33:1e:5f:a4:dc:bd:d9:b1:62:e4:1f:75:4d:7b:1f:b0:fb:
44:54:ea:19:02:2f:c0:c0:e1:3a:cb:6f:2a:ac:51:42:c7:f8:
9a:eb:e2:95:55:54:c5:a9:07:b9:11:59:77:ea:eb:fa:3c:67:
ee:fd:26:94:3c:5d:92:fb:ca:d6:6c:c6:75:d6:0b:f5:81:7f:
7c:db:ac:7d:28:50:4d:72:48:62:98:f4:0c:ef:49:b6:bb:6f:
b6:d7:bd:34:f9:f1:98:65:2c:b1:81:09:d2:10:08:2f:f5:ae:
74:71:9a:6f:b9:74:cb:d7:ec:ae:26:26:8b:71:d1:50:7f:d5:
ed:8d:06:6e:f0:82:16:9d:8a:6b:ce:8d:7c:e1:85:e6:06:f1:
12:5c:a3:c0:87:c8:f4:98:0a:73:42:0e:b4:fc:be:52:fd:b4:
ab:b5:4f:a3:1c:91:85:06:ec:06:5f:f8:0a:39:c7:a5:a9:3f:
66:a9:53:33
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVtOHVDSHd1iVQr028ZHuUXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NWY2Mzg4NjI1MjliNmRhZmQ0NDBlMTcyYTIyZjAxMjBi
MDlhZWEwHhcNMjMwMTAxMTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdjZDkzYWY5OGUzN2VkZjViNDQ1Yzc2NGZiNjBkMGUyMDRkOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUjpZO3BsSaOyw3WUVw8pMpdtt17
RVr7UbkFhf/0VVY6mkz8aEo7EEudFdvvar62s/zzCGm+7v35tD/6sEjYYKg8luht
pnOVYblp5Xlh+u4ZuW2vwidL/lrpR8ObBC6qIFBa+DGuNX+YWmh98IU4TAWR9TJL
0tTLG44x35bL3qg20eqC7QPL+DMUdimQxBxfdfOmkWaBLT+DbFi+21UheOjz6V58
15ltEdj1tf/AIRxjDqTohOA8nF23Uvmpw0QNyq+67W+y+QSf6LAkdC704aPbYWxs
IwhvnwIWGnl1yAIA1XwUa0lFv3CJszmGxyw45Y4Fslh8gWn0ZG0XfijgJwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFIB82Tr5jjft9bRFx2T7YNDiBNkfMB8GA1UdIwQY
MBaAFKlfY4hiUpttr9RA4XKiLwEgsJrqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVY5amlHSlNtMjJ2MUVEaGNxSXZBU0N3bXVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9hZjQ5M2YtNDFmZS00MDZkLWIzZmYt
ZWJiNTNjMjUzMDdiLzEvZ0h6Wk92bU9OLTMxdEVYSFpQdGcwT0lFMlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9hZjQ5M2YtNDFmZS00MDZkLWIzZmYtZWJiNTNjMjUzMDdi
LzEvcVY5amlHSlNtMjJ2MUVEaGNxSXZBU0N3bXVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA6BAIAATA0AwQBwTkMAwQA
wTkiMAwDBATBObADBADBObQwDAMEAcIFSgMEAcIFTAMEAcIFlgMEAcIFpjAPBAIA
AjAJAwcAIAEGfAigMA0GCSqGSIb3DQEBCwUAA4IBAQBNLDz6BgKE406nwPCXtc7s
IQUvGq6veJTJ46O2nMGPBw0pXaqqSy9WZepnUGRXoqYz/ivFeLyw3h74vowIfrY6
4PYAIWSOvvCyMx5fpNy92bFi5B91TXsfsPtEVOoZAi/AwOE6y28qrFFCx/ia6+KV
VVTFqQe5EVl36uv6PGfu/SaUPF2S+8rWbMZ11gv1gX9826x9KFBNckhimPQM70m2
u2+21700+fGYZSyxgQnSEAgv9a50cZpvuXTL1+yuJiaLcdFQf9XtjQZu8IIWnYpr
zo184YXmBvESXKPAh8j0mApzQg60/L5S/bSrtU+jHJGFBuwGX/gKOcelqT9mqVMz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:42 2024 by rpki-client on console-fra.rpki-client.org