Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/aN6VXFrvSHDJwzSq6PVedw8U5CI.roa
File: aN6VXFrvSHDJwzSq6PVedw8U5CI.roa (raw, json)
Hash identifier: sM+0TMK7osr9MJXODwk0zsLZ7SrDDVtgVr5Wv4rQYjA=
Subject key identifier: 68:DE:95:5C:5A:EF:48:70:C9:C3:34:AA:E8:F5:5E:77:0F:14:E4:22
Certificate issuer: /CN=774d215caedb050d6f6fe8426d5058afe29aa896
Certificate serial: 0186FEA1936B29AE275C2A42142F3DD47E67
Authority key identifier: 77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/aN6VXFrvSHDJwzSq6PVedw8U5CI.roa
Signing time: Mon 20 Mar 2023 10:47:27 +0000
ROA not before: Mon 20 Mar 2023 10:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47264
IP address blocks: 185.66.112.0/24 maxlen: 24
185.66.113.0/24 maxlen: 24
185.66.115.0/24 maxlen: 24
185.66.114.0/24 maxlen: 24
93.191.32.0/21 maxlen: 23
178.248.105.0/24 maxlen: 24
178.248.104.0/21 maxlen: 23
2a02:400::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fe:a1:93:6b:29:ae:27:5c:2a:42:14:2f:3d:d4:7e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=774d215caedb050d6f6fe8426d5058afe29aa896
Validity
Not Before: Mar 20 10:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68de955c5aef4870c9c334aae8f55e770f14e422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:47:17:15:12:ff:c2:5b:e0:f6:5d:01:44:
2f:3d:b4:75:45:e3:15:42:af:6e:26:8e:c6:11:9e:
f7:30:17:e2:b1:4d:2d:06:07:17:11:23:7a:73:1b:
55:30:61:1b:72:c9:60:7b:34:2c:3e:f5:c3:84:a1:
87:32:23:5c:9a:7d:9a:ee:4e:f2:23:7a:bd:92:9c:
9f:c7:2c:54:16:5c:51:d2:bd:d5:0b:e7:6c:7b:75:
2c:bb:7a:ef:e5:fc:bd:74:fe:7d:5d:b8:b2:e1:03:
0b:fd:93:d7:27:fd:81:d8:d6:2c:de:db:4e:15:b2:
a3:58:b8:44:be:85:f5:9e:e4:48:6c:de:03:35:78:
e3:76:55:47:25:be:dd:01:8a:7d:f5:d1:0c:e4:a0:
8a:fb:89:10:24:e9:b5:e8:e8:9e:e5:33:e7:bc:3b:
d0:5c:a5:20:4f:1b:71:05:45:79:2e:d5:f0:e8:60:
58:a3:65:70:8d:3e:61:51:4f:fa:4e:e1:65:bb:1f:
34:31:b7:04:f2:d6:1c:51:48:1b:4c:62:50:23:65:
4e:3c:7f:a1:66:90:f4:79:14:e8:ea:07:14:ce:a3:
b0:07:7d:e6:28:9a:79:67:84:97:f9:32:33:dc:bc:
67:cc:75:8a:6c:d0:64:d2:c5:c4:9b:3c:c6:78:ae:
d2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:DE:95:5C:5A:EF:48:70:C9:C3:34:AA:E8:F5:5E:77:0F:14:E4:22
X509v3 Authority Key Identifier:
keyid:77:4D:21:5C:AE:DB:05:0D:6F:6F:E8:42:6D:50:58:AF:E2:9A:A8:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d00hXK7bBQ1vb-hCbVBYr-KaqJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/aN6VXFrvSHDJwzSq6PVedw8U5CI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9b3453-ae79-4f3c-bc72-5d8fe9acef83/1/d00hXK7bBQ1vb-hCbVBYr-KaqJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.32.0/21
178.248.104.0/21
185.66.112.0/22
IPv6:
2a02:400::/32
Signature Algorithm: sha256WithRSAEncryption
67:b6:74:80:99:4e:e6:2b:72:ed:c9:2d:48:2b:bd:16:6d:1f:
9a:ec:fc:a9:58:51:bf:d9:48:e8:29:6d:75:4d:aa:9a:f7:a6:
98:02:cf:1e:80:7e:41:4d:ad:af:30:05:db:e4:ec:98:66:da:
d8:28:df:4c:02:ad:64:0e:f4:82:b4:47:37:31:34:ed:6f:36:
df:83:42:a2:da:09:2b:34:89:75:91:bb:7f:7d:10:e6:cc:ed:
ad:d5:d4:21:d0:80:fa:dd:7b:a4:c0:d6:c3:8e:a7:98:c4:bb:
f9:0a:c9:31:c3:9d:98:e2:48:60:86:f2:35:13:03:09:ff:d2:
e0:42:fc:99:8e:2e:86:66:a1:f6:f1:85:bb:7d:49:88:8b:74:
d6:71:27:4f:84:36:fe:94:bf:0b:68:ac:ed:62:0d:5b:45:56:
11:ac:46:34:c8:ed:93:a9:9f:f7:b6:a0:b9:65:27:1b:6b:5e:
2a:a8:fa:24:b2:5c:8d:f3:36:99:b4:f4:e0:44:65:8b:7e:20:
1e:f8:f3:9b:d8:3e:22:85:d5:89:4d:70:60:c5:fa:16:29:42:
67:be:b1:b2:70:18:0a:d1:64:13:74:3d:b0:e4:0c:96:21:45:
21:67:f0:04:d8:5f:14:a1:20:d3:8c:b4:1e:79:7f:a5:5f:de:
a1:7f:2b:2d
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYb+oZNrKa4nXCpCFC891H5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NGQyMTVjYWVkYjA1MGQ2ZjZmZTg0MjZkNTA1OGFmZTI5
YWE4OTYwHhcNMjMwMzIwMTA0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGRlOTU1YzVhZWY0ODcwYzljMzM0YWFlOGY1NWU3NzBmMTRlNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt05HFxUS/8Jb4PZdAUQvPbR1ReMV
Qq9uJo7GEZ73MBfisU0tBgcXESN6cxtVMGEbcslgezQsPvXDhKGHMiNcmn2a7k7y
I3q9kpyfxyxUFlxR0r3VC+dse3Usu3rv5fy9dP59Xbiy4QML/ZPXJ/2B2NYs3ttO
FbKjWLhEvoX1nuRIbN4DNXjjdlVHJb7dAYp99dEM5KCK+4kQJOm16Oie5TPnvDvQ
XKUgTxtxBUV5LtXw6GBYo2VwjT5hUU/6TuFlux80MbcE8tYcUUgbTGJQI2VOPH+h
ZpD0eRTo6gcUzqOwB33mKJp5Z4SX+TIz3LxnzHWKbNBk0sXEmzzGeK7SDQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGjelVxa70hwycM0quj1XncPFOQiMB8GA1UdIwQY
MBaAFHdNIVyu2wUNb2/oQm1QWK/imqiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzIt
NWQ4ZmU5YWNlZjgzLzEvYU42VlhGcnZTSERKd3pTcTZQVmVkdzhVNUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YjM0NTMtYWU3OS00ZjNjLWJjNzItNWQ4ZmU5YWNlZjgz
LzEvZDAwaFhLN2JCUTF2Yi1oQ2JWQllyLUthcUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXb8gAwQD
svhoAwQCuUJwMA0EAgACMAcDBQAqAgQAMA0GCSqGSIb3DQEBCwUAA4IBAQBntnSA
mU7mK3LtyS1IK70WbR+a7PypWFG/2UjoKW11Taqa96aYAs8egH5BTa2vMAXb5OyY
ZtrYKN9MAq1kDvSCtEc3MTTtbzbfg0Ki2gkrNIl1kbt/fRDmzO2t1dQh0ID63Xuk
wNbDjqeYxLv5Cskxw52Y4khghvI1EwMJ/9LgQvyZji6GZqH28YW7fUmIi3TWcSdP
hDb+lL8LaKztYg1bRVYRrEY0yO2TqZ/3tqC5ZScba14qqPokslyN8zaZtPTgRGWL
fiAe+POb2D4ihdWJTXBgxfoWKUJnvrGycBgK0WQTdD2w5AyWIUUhZ/AE2F8UoSDT
jLQeeX+lX96hfyst
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org