Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/_rOTH2Fxp32eIg2VZ8m3OnD0xTg.roa
File: _rOTH2Fxp32eIg2VZ8m3OnD0xTg.roa (raw, json)
Hash identifier: Wcubnd8tWmDxY8yk5F+h7V942D3Gb48oPxLwKWXo+pU=
Subject key identifier: FE:B3:93:1F:61:71:A7:7D:9E:22:0D:95:67:C9:B7:3A:70:F4:C5:38
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0186E00852523784FFDDFEBE20555B083B59
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/_rOTH2Fxp32eIg2VZ8m3OnD0xTg.roa
Signing time: Tue 14 Mar 2023 12:11:27 +0000
ROA not before: Tue 14 Mar 2023 12:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49199
IP address blocks: 195.19.74.0/23 maxlen: 24
194.226.137.0/24 maxlen: 24
195.208.220.0/23 maxlen: 24
194.226.34.0/23 maxlen: 24
195.19.10.0/23 maxlen: 24
62.76.74.0/23 maxlen: 24
194.190.6.0/24 maxlen: 24
62.76.96.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 May 2023 05:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e0:08:52:52:37:84:ff:dd:fe:be:20:55:5b:08:3b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Mar 14 12:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=feb3931f6171a77d9e220d9567c9b73a70f4c538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b3:e0:2a:ba:eb:62:47:c8:2d:d7:ce:75:af:
5d:1b:f0:ad:e7:7e:1b:ba:3e:d8:c1:ee:c8:08:63:
3b:16:fd:31:a2:f2:10:3b:75:1c:88:11:b5:ff:a0:
35:30:1b:0e:ba:e0:e6:9b:f9:8a:be:ed:e6:1c:1f:
c0:65:49:b0:be:e6:e4:69:85:fb:66:4e:bc:22:5d:
03:0b:b2:ef:53:92:de:d7:4f:65:65:4c:4a:c4:01:
e7:dd:c4:be:39:b2:b5:b5:5e:89:f7:74:bc:5b:c9:
7d:11:33:01:f7:52:83:b2:12:80:30:67:73:22:89:
28:2e:ec:00:22:f6:d6:be:65:b3:6e:17:43:6f:aa:
35:4d:c1:4f:7a:00:5f:f2:ab:4b:30:6a:bc:11:8f:
49:d7:14:92:40:9e:41:0f:fa:45:f4:9a:03:10:d8:
38:9e:ca:b3:57:42:4a:56:86:3a:be:bb:bc:a4:ca:
81:98:cf:14:11:00:e8:1a:f1:2b:90:82:03:25:e1:
d6:7f:ef:04:c1:3a:46:2d:b4:57:c2:44:fc:13:a5:
f0:23:30:7d:63:93:55:4e:a7:e3:fe:38:e2:59:38:
57:0f:6e:15:ea:e6:cf:30:b4:c2:d4:0d:bb:b4:72:
be:bd:37:5a:e4:7a:64:b3:9f:98:2c:19:83:b8:33:
60:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B3:93:1F:61:71:A7:7D:9E:22:0D:95:67:C9:B7:3A:70:F4:C5:38
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/_rOTH2Fxp32eIg2VZ8m3OnD0xTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.74.0/23
62.76.96.0/23
194.190.6.0/24
194.226.34.0/23
194.226.137.0/24
195.19.10.0/23
195.19.74.0/23
195.208.220.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:cc:70:7f:4f:7f:6c:f3:44:b5:f7:a0:25:72:f5:15:45:8c:
61:c1:27:c5:91:be:1e:e1:da:6d:fa:08:d1:3f:91:c3:c9:c1:
71:f0:06:a5:34:0a:52:c8:8c:30:2c:6e:c4:28:13:78:62:85:
53:09:4d:11:fc:a7:d5:f7:c0:c1:bd:de:7b:53:31:a1:27:1c:
d1:d3:4e:f8:e3:17:18:62:25:d7:74:8b:75:10:84:bf:93:1c:
3b:2a:37:d5:e6:f8:b2:19:c3:aa:e7:1e:f1:b9:49:e3:25:9e:
0c:9b:ad:6c:57:c7:1e:d7:ee:69:9a:5a:dd:c6:18:17:82:49:
1a:44:70:7e:c2:1d:81:cd:c5:7b:6f:08:00:61:0e:d6:11:d2:
20:b2:01:ea:4e:ef:82:08:19:1b:b7:65:a2:6e:14:56:91:e1:
8c:fb:d7:db:49:66:42:85:a6:4b:a2:32:a8:5c:f4:2c:44:27:
fe:1a:ef:27:06:9a:d7:55:2c:03:70:66:f5:fd:ab:de:a8:0e:
75:64:a6:e4:0a:13:70:db:92:eb:97:ff:9c:56:fa:f7:0d:8c:
ab:de:b2:e5:cd:30:80:28:39:23:33:1c:13:1c:e0:04:84:fa:
9b:29:24:35:9d:91:61:53:d3:23:da:64:df:21:bf:8a:4d:62:
4b:e3:ab:cc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYbgCFJSN4T/3f6+IFVbCDtZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMzE0MTIxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIzOTMxZjYxNzFhNzdkOWUyMjBkOTU2N2M5YjczYTcwZjRjNTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrPgKrrrYkfILdfOda9dG/Ct534b
uj7Ywe7ICGM7Fv0xovIQO3UciBG1/6A1MBsOuuDmm/mKvu3mHB/AZUmwvubkaYX7
Zk68Il0DC7LvU5Le109lZUxKxAHn3cS+ObK1tV6J93S8W8l9ETMB91KDshKAMGdz
IokoLuwAIvbWvmWzbhdDb6o1TcFPegBf8qtLMGq8EY9J1xSSQJ5BD/pF9JoDENg4
nsqzV0JKVoY6vru8pMqBmM8UEQDoGvErkIIDJeHWf+8EwTpGLbRXwkT8E6XwIzB9
Y5NVTqfj/jjiWThXD24V6ubPMLTC1A27tHK+vTda5Hpks5+YLBmDuDNgmQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFP6zkx9hcad9niINlWfJtzpw9MU4MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvX3JPVEgyRnhwMzJlSWcyVlo4bTNPbkQweFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPkxKAwQB
PkxgAwQAwr4GAwQBwuIiAwQAwuKJAwQBwxMKAwQBwxNKAwQBw9DcMA0GCSqGSIb3
DQEBCwUAA4IBAQClzHB/T39s80S196AlcvUVRYxhwSfFkb4e4dpt+gjRP5HDycFx
8AalNApSyIwwLG7EKBN4YoVTCU0R/KfV98DBvd57UzGhJxzR00744xcYYiXXdIt1
EIS/kxw7KjfV5viyGcOq5x7xuUnjJZ4Mm61sV8ce1+5pmlrdxhgXgkkaRHB+wh2B
zcV7bwgAYQ7WEdIgsgHqTu+CCBkbt2WibhRWkeGM+9fbSWZChaZLojKoXPQsRCf+
Gu8nBprXVSwDcGb1/aveqA51ZKbkChNw25Lrl/+cVvr3DYyr3rLlzTCAKDkjMxwT
HOAEhPqbKSQ1nZFhU9Mj2mTfIb+KTWJL46vM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org