Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/0rFQlii5OvN-MgrUG7WBE39CQ6I.roa
File: 0rFQlii5OvN-MgrUG7WBE39CQ6I.roa (raw, json)
Hash identifier: whsOb1nS9pz09cLaCQR32UjxtJo+OlAsfLkwDmavX40=
Subject key identifier: D2:B1:50:96:28:B9:3A:F3:7E:32:0A:D4:1B:B5:81:13:7F:42:43:A2
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018977282400820E72F4D7E75C574FBFDA14
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/0rFQlii5OvN-MgrUG7WBE39CQ6I.roa
Signing time: Fri 21 Jul 2023 06:34:26 +0000
ROA not before: Fri 21 Jul 2023 06:34:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 212.192.56.0/22 maxlen: 24
212.192.63.0/24 maxlen: 24
212.192.60.0/24 maxlen: 24
212.192.61.0/24 maxlen: 24
195.19.172.0/22 maxlen: 24
195.19.168.0/22 maxlen: 24
195.208.80.0/22 maxlen: 24
195.208.88.0/22 maxlen: 24
195.208.86.0/23 maxlen: 24
195.208.92.0/22 maxlen: 24
193.232.204.0/23 maxlen: 24
62.76.164.0/24 maxlen: 24
212.193.184.0/22 maxlen: 24
212.193.188.0/22 maxlen: 24
195.208.178.0/24 maxlen: 24
195.208.180.0/24 maxlen: 24
212.192.195.0/24 maxlen: 24
212.192.196.0/22 maxlen: 24
193.232.88.0/22 maxlen: 24
193.232.220.0/23 maxlen: 24
193.232.222.0/24 maxlen: 24
194.190.210.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jul 2023 06:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:28:24:00:82:0e:72:f4:d7:e7:5c:57:4f:bf:da:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jul 21 06:34:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2b1509628b93af37e320ad41bb581137f4243a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d6:40:23:52:0f:db:cc:d9:98:97:11:3e:51:
29:98:cd:be:c4:26:c6:cd:65:5b:67:f8:8d:73:5c:
0c:cc:4d:fc:ed:05:e0:52:36:87:b0:fb:59:a0:8a:
66:9c:68:44:63:83:c7:21:1b:e4:f1:b0:29:c2:7c:
d8:57:69:9a:de:13:84:ce:0f:69:e8:98:54:2c:1e:
20:a4:24:1a:49:32:af:ff:af:be:49:70:86:82:d5:
c3:70:29:2b:61:04:61:25:ed:3f:6d:70:98:38:f0:
27:22:85:35:7e:c6:df:c5:dd:89:2e:49:e6:b2:c1:
81:14:11:77:6d:c4:74:43:1a:f7:97:c6:7b:f2:ef:
c3:f8:96:5f:51:f5:d3:75:19:96:5d:c3:61:89:b9:
5d:d3:ce:c9:2b:50:c5:ef:1e:9f:0d:3e:68:bd:92:
ec:98:97:82:19:e0:7f:35:6a:02:bb:18:58:7b:a9:
37:2d:3e:b7:e1:05:bd:a8:fd:7b:b8:cc:bf:ba:5c:
dd:c1:11:b4:70:61:fd:fb:e0:76:c3:56:52:66:5d:
6e:51:ad:52:5d:8e:b7:a2:8f:01:92:1f:5a:da:b9:
41:df:07:b8:59:72:01:b6:48:95:f3:c4:4c:fd:df:
90:a9:c8:8f:0d:53:80:15:b3:18:c1:26:e9:fe:3b:
0c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B1:50:96:28:B9:3A:F3:7E:32:0A:D4:1B:B5:81:13:7F:42:43:A2
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/0rFQlii5OvN-MgrUG7WBE39CQ6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.164.0/24
193.232.88.0/22
193.232.204.0/23
193.232.220.0-193.232.222.255
194.190.210.0/23
195.19.168.0/21
195.208.80.0/22
195.208.86.0-195.208.95.255
195.208.178.0/24
195.208.180.0/24
212.192.56.0-212.192.61.255
212.192.63.0/24
212.192.195.0-212.192.199.255
212.193.184.0/21
Signature Algorithm: sha256WithRSAEncryption
75:cb:d9:bd:c2:4f:77:4c:37:ce:8e:f9:4c:2b:5d:e1:44:7a:
80:e8:9d:c5:06:41:78:f9:7e:a3:6e:02:3e:31:78:c9:1e:9b:
ab:a9:b7:0d:b1:af:ca:e7:94:13:bf:0b:69:44:b0:91:fb:ce:
88:dd:2a:60:ac:ca:d9:ff:52:98:cd:5a:48:61:41:e9:aa:57:
d6:e7:6a:d7:04:1a:ee:36:b2:ef:46:b0:48:3d:65:dd:1e:c9:
21:e8:ae:9f:60:91:64:0e:6e:b4:f5:3c:c1:ac:39:bd:f4:19:
55:62:73:be:05:3b:75:f1:91:09:b7:f8:be:36:cd:49:26:ba:
34:21:28:da:55:d9:fa:c0:f6:58:0d:19:7b:c5:42:6a:21:48:
17:e1:a3:4b:62:ba:a6:8a:ff:b0:1f:3e:b0:ca:67:9b:96:5f:
01:49:c3:e3:b5:46:08:f3:9b:ae:8e:e5:6c:a2:96:b6:c3:ce:
85:a1:f6:d4:51:d6:34:cf:13:4f:59:a1:96:6b:10:c4:4a:40:
7c:6e:b3:39:e6:9e:19:f5:3d:84:0d:87:40:87:e4:bd:df:28:
6a:9b:b3:66:b6:be:d8:01:4e:c7:5a:8a:12:90:63:98:7b:96:
24:21:8f:37:f6:22:5e:0a:6d:c1:e3:2b:43:7f:e1:91:93:f0:
26:6f:fb:f1
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYl3KCQAgg5y9NfnXFdPv9oUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwNzIxMDYzNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmIxNTA5NjI4YjkzYWYzN2UzMjBhZDQxYmI1ODExMzdmNDI0M2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9ZAI1IP28zZmJcRPlEpmM2+xCbG
zWVbZ/iNc1wMzE387QXgUjaHsPtZoIpmnGhEY4PHIRvk8bApwnzYV2ma3hOEzg9p
6JhULB4gpCQaSTKv/6++SXCGgtXDcCkrYQRhJe0/bXCYOPAnIoU1fsbfxd2JLknm
ssGBFBF3bcR0Qxr3l8Z78u/D+JZfUfXTdRmWXcNhibld087JK1DF7x6fDT5ovZLs
mJeCGeB/NWoCuxhYe6k3LT634QW9qP17uMy/ulzdwRG0cGH9++B2w1ZSZl1uUa1S
XY63oo8Bkh9a2rlB3we4WXIBtkiV88RM/d+QqciPDVOAFbMYwSbp/jsMkwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFNKxUJYouTrzfjIK1Bu1gRN/QkOiMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMHJGUWxpaTVPdk4tTWdyVUc3V0JFMzlDUTZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAD5MpAME
AsHoWAMEAcHozDAMAwQCwejcAwQAwejeAwQBwr7SAwQDwxOoAwQCw9BQMAwDBAHD
0FYDBAXD0EADBADD0LIDBADD0LQwDAMEA9TAOAMEAdTAPAMEANTAPzAMAwQA1MDD
AwQD1MDAAwQD1MG4MA0GCSqGSIb3DQEBCwUAA4IBAQB1y9m9wk93TDfOjvlMK13h
RHqA6J3FBkF4+X6jbgI+MXjJHpurqbcNsa/K55QTvwtpRLCR+86I3SpgrMrZ/1KY
zVpIYUHpqlfW52rXBBruNrLvRrBIPWXdHskh6K6fYJFkDm609TzBrDm99BlVYnO+
BTt18ZEJt/i+Ns1JJro0ISjaVdn6wPZYDRl7xUJqIUgX4aNLYrqmiv+wHz6wymeb
ll8BScPjtUYI85uujuVsopa2w86FofbUUdY0zxNPWaGWaxDESkB8brM55p4Z9T2E
DYdAh+S93yhqm7Nmtr7YAU7HWooSkGOYe5YkIY839iJeCm3B4ytDf+GRk/Amb/vx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org