Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/r97uYNF4rQ-ZINLmPAiC9V4-8PY.roa
File: r97uYNF4rQ-ZINLmPAiC9V4-8PY.roa (raw, json)
Hash identifier: Yop0UnM3lHvIRSLbt1HSkzMPfrKiXsFZYyl73JwIFyA=
Subject key identifier: AF:DE:EE:60:D1:78:AD:0F:99:20:D2:E6:3C:08:82:F5:5E:3E:F0:F6
Certificate issuer: /CN=d50962035c5e951013ca0670ca569e79f8d63c15
Certificate serial: 01856D5D236968C403F7BBC0EDCDD0C3D90D
Authority key identifier: D5:09:62:03:5C:5E:95:10:13:CA:06:70:CA:56:9E:79:F8:D6:3C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/r97uYNF4rQ-ZINLmPAiC9V4-8PY.roa
Signing time: Sun 01 Jan 2023 12:44:58 +0000
ROA not before: Sun 01 Jan 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35393
IP address blocks: 185.100.4.0/22 maxlen: 24
194.110.192.0/24 maxlen: 24
91.207.254.0/23 maxlen: 23
91.207.254.0/24 maxlen: 24
91.207.255.0/24 maxlen: 24
195.144.11.0/24 maxlen: 24
46.255.160.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:23:69:68:c4:03:f7:bb:c0:ed:cd:d0:c3:d9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50962035c5e951013ca0670ca569e79f8d63c15
Validity
Not Before: Jan 1 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afdeee60d178ad0f9920d2e63c0882f55e3ef0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:88:8a:c4:a9:ff:6c:37:84:69:f5:95:75:83:
45:4f:bc:a0:bc:cf:31:65:1e:f8:5a:b2:a9:25:0c:
79:c6:83:e6:e8:f7:85:60:ce:80:6e:8b:0a:cb:fd:
7b:f6:55:e7:57:cb:b0:38:43:e6:6a:60:5a:2b:41:
35:9c:54:06:8d:f8:16:3f:dc:ff:97:3d:75:0b:91:
56:91:9a:74:09:99:f3:39:9d:5e:51:d5:3b:75:c8:
fa:dc:53:42:5c:f9:92:36:22:87:e0:f3:41:03:f7:
84:45:e6:38:0f:74:10:c7:e8:02:80:83:22:32:e4:
08:67:92:64:7c:12:34:fb:56:f5:45:ed:1a:30:48:
cc:29:c3:a3:4c:2a:98:ec:c4:cf:c2:b4:10:ed:c3:
e4:8e:15:c1:b3:d7:e2:04:af:ec:0b:ee:67:d9:74:
28:3d:44:29:a6:a5:34:cb:56:30:df:1e:7e:49:f5:
53:c6:86:db:d7:62:72:c2:4b:df:88:d5:8e:20:99:
21:ec:d5:f2:a1:ba:ff:31:49:52:ae:c4:96:b3:93:
35:b9:03:72:0a:23:cc:1c:a5:1e:1c:db:01:13:dd:
10:28:95:65:a3:21:51:8e:e2:b4:0d:31:6c:ab:18:
61:5c:d5:b9:7d:cc:62:d4:3c:da:03:5d:19:44:c9:
2a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:DE:EE:60:D1:78:AD:0F:99:20:D2:E6:3C:08:82:F5:5E:3E:F0:F6
X509v3 Authority Key Identifier:
keyid:D5:09:62:03:5C:5E:95:10:13:CA:06:70:CA:56:9E:79:F8:D6:3C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QliA1xelRATygZwylaeefjWPBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/r97uYNF4rQ-ZINLmPAiC9V4-8PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/d4e8e9-0d47-419b-b3e2-054a363115f5/1/1QliA1xelRATygZwylaeefjWPBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.160.0/21
91.207.254.0/23
185.100.4.0/22
194.110.192.0/24
195.144.11.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a5:c4:78:05:45:c2:ac:9a:30:25:76:f6:68:6b:11:e8:a6:
28:da:12:36:ca:1f:a0:45:bb:c1:1d:55:bb:77:73:43:15:18:
07:f7:26:f7:e0:52:39:15:09:15:b2:f6:76:36:83:f2:98:72:
2d:9a:4a:e0:6a:d9:03:6b:28:05:f0:8d:09:85:fd:31:64:9a:
46:28:3e:86:74:24:fc:cf:f2:bf:04:12:08:c4:01:cf:a5:91:
a9:9c:2c:d6:66:11:17:23:e8:b1:05:40:df:2e:bb:e9:01:ef:
47:49:13:4f:c5:9a:18:b0:11:27:48:17:5d:29:ad:c1:59:8a:
e6:f9:a9:7d:c5:4f:a1:43:1e:08:eb:a4:72:8d:fe:0d:80:c6:
b6:e4:5c:98:81:7b:7a:60:f5:81:a5:a5:d1:fc:8a:e3:bd:95:
8a:95:07:0b:a8:66:16:51:3b:ff:1d:44:76:85:5b:45:95:96:
7f:38:16:cf:8d:ed:96:03:c4:b4:c3:e5:47:96:8e:1c:70:13:
c0:fb:5e:e5:b4:21:32:c0:67:08:fc:c5:c7:2e:d4:e5:64:c7:
3a:c3:8a:47:20:22:a8:d9:27:b2:d7:c6:76:41:a0:96:45:ab:
00:29:ec:2a:0d:a4:bb:cb:9a:70:65:2b:ae:e4:c1:6a:8e:15:
24:37:96:c0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVtXSNpaMQD97vA7c3Qw9kNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDk2MjAzNWM1ZTk1MTAxM2NhMDY3MGNhNTY5ZTc5Zjhk
NjNjMTUwHhcNMjMwMTAxMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmRlZWU2MGQxNzhhZDBmOTkyMGQyZTYzYzA4ODJmNTVlM2VmMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIiKxKn/bDeEafWVdYNFT7ygvM8x
ZR74WrKpJQx5xoPm6PeFYM6AbosKy/179lXnV8uwOEPmamBaK0E1nFQGjfgWP9z/
lz11C5FWkZp0CZnzOZ1eUdU7dcj63FNCXPmSNiKH4PNBA/eEReY4D3QQx+gCgIMi
MuQIZ5JkfBI0+1b1Re0aMEjMKcOjTCqY7MTPwrQQ7cPkjhXBs9fiBK/sC+5n2XQo
PUQppqU0y1Yw3x5+SfVTxobb12JywkvfiNWOIJkh7NXyobr/MUlSrsSWs5M1uQNy
CiPMHKUeHNsBE90QKJVloyFRjuK0DTFsqxhhXNW5fcxi1DzaA10ZRMkq4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK/e7mDReK0PmSDS5jwIgvVePvD2MB8GA1UdIwQY
MBaAFNUJYgNcXpUQE8oGcMpWnnn41jwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFsaUExeGVsUkFUeWdad3lsYWVlZmpXUEJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kNGU4ZTktMGQ0Ny00MTliLWIzZTIt
MDU0YTM2MzExNWY1LzEvcjk3dVlORjRyUS1aSU5MbVBBaUM5VjQtOFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kNGU4ZTktMGQ0Ny00MTliLWIzZTItMDU0YTM2MzExNWY1
LzEvMVFsaUExeGVsUkFUeWdad3lsYWVlZmpXUEJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDLv+gAwQB
W8/+AwQCuWQEAwQAwm7AAwQAw5ALMA0GCSqGSIb3DQEBCwUAA4IBAQBjpcR4BUXC
rJowJXb2aGsR6KYo2hI2yh+gRbvBHVW7d3NDFRgH9yb34FI5FQkVsvZ2NoPymHIt
mkrgatkDaygF8I0Jhf0xZJpGKD6GdCT8z/K/BBIIxAHPpZGpnCzWZhEXI+ixBUDf
LrvpAe9HSRNPxZoYsBEnSBddKa3BWYrm+al9xU+hQx4I66Ryjf4NgMa25FyYgXt6
YPWBpaXR/IrjvZWKlQcLqGYWUTv/HUR2hVtFlZZ/OBbPje2WA8S0w+VHlo4ccBPA
+17ltCEywGcI/MXHLtTlZMc6w4pHICKo2Sey18Z2QaCWRasAKewqDaS7y5pwZSuu
5MFqjhUkN5bA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:31 2024 by rpki-client on console-ams.rpki-client.org