Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/ISp5won9DcTDRSU0YshFlLIozEE.roa
File: ISp5won9DcTDRSU0YshFlLIozEE.roa (raw, json)
Hash identifier: l1UWgN8u3tKpyLJouGNoXW/GGElVpj5gWv+Jsi7MThI=
Subject key identifier: 21:2A:79:C2:89:FD:0D:C4:C3:45:25:34:62:C8:45:94:B2:28:CC:41
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 01856F26B9B1A8A848BEC2EAEDC8429E230B
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/ISp5won9DcTDRSU0YshFlLIozEE.roa
Signing time: Sun 01 Jan 2023 21:04:46 +0000
ROA not before: Sun 01 Jan 2023 21:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25192
IP address blocks: 193.29.206.0/24 maxlen: 30
194.0.14.0/24 maxlen: 30
194.0.12.0/23 maxlen: 30
212.237.229.0/24 maxlen: 24
185.43.132.0/24 maxlen: 24
185.43.132.0/22 maxlen: 22
185.43.133.0/24 maxlen: 24
217.31.192.0/20 maxlen: 30
185.43.134.0/24 maxlen: 24
185.43.135.0/24 maxlen: 24
2001:678:10::/47 maxlen: 64
2001:678:1::/48 maxlen: 64
2001:148f:fffd::/48 maxlen: 48
2001:678:f::/48 maxlen: 64
2001:148f:fffb::/48 maxlen: 48
2001:1488::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:b9:b1:a8:a8:48:be:c2:ea:ed:c8:42:9e:23:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 21:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=212a79c289fd0dc4c345253462c84594b228cc41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e1:6c:e5:91:e0:a5:03:e0:ee:94:b4:ce:ab:
19:bd:08:5e:cb:c4:47:3a:b9:5e:78:f8:8e:d8:be:
f1:d6:d6:84:fa:ca:93:4f:14:11:8f:ef:c1:ac:fa:
4a:9b:89:92:da:1e:a6:e8:0e:70:53:11:cc:e2:83:
e1:f9:6a:ff:f5:89:cf:71:27:53:91:2e:2a:11:a6:
03:38:43:a9:f6:ba:31:f7:9f:cb:93:66:20:39:67:
86:d6:ca:1d:a1:b3:74:c5:84:fc:51:1e:be:3e:75:
a1:d3:ca:33:ea:a2:72:e2:76:a0:0f:4b:8a:b8:b9:
6e:ba:48:3f:9d:1e:d2:5f:ad:42:e7:eb:6c:9b:c5:
75:5e:f8:e8:ab:de:2a:d9:36:2c:4a:82:4c:45:d6:
f1:54:b9:77:29:e4:42:e7:9b:10:7c:51:d6:51:67:
e6:16:a0:ee:0e:0c:69:17:d8:29:85:b9:0a:b1:ee:
5c:ac:26:9b:6e:db:79:ba:05:53:d4:7d:80:02:f6:
c0:01:2a:c6:76:c1:b9:99:d7:44:67:47:26:b6:4e:
60:1a:fb:6e:21:c2:65:10:03:8b:51:71:ef:bd:23:
44:9a:c8:f2:5b:9b:cb:9e:2e:52:98:d1:33:d7:b9:
87:2d:de:94:29:59:eb:96:9f:cc:5f:9a:5d:27:77:
92:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2A:79:C2:89:FD:0D:C4:C3:45:25:34:62:C8:45:94:B2:28:CC:41
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/ISp5won9DcTDRSU0YshFlLIozEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.132.0/22
193.29.206.0/24
194.0.12.0-194.0.14.255
212.237.229.0/24
217.31.192.0/20
IPv6:
2001:678:1::/48
2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
2001:1488::/32
2001:148f:fffb::/48
2001:148f:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
11:26:f1:57:52:98:f9:fc:48:3b:f3:dd:8c:5d:6a:84:b1:83:
35:4e:29:fe:d5:78:6e:20:94:a4:ef:ba:6d:0d:b3:eb:3b:4f:
82:49:86:e2:27:f3:9a:36:ff:67:09:a7:e9:07:ed:c3:21:3b:
46:53:32:69:f1:00:fd:b8:e5:11:fa:f4:78:7f:1e:d0:4d:df:
c3:f6:86:17:b2:87:11:e2:ac:cc:73:6f:cf:8c:4c:b3:ac:8e:
af:d9:19:9b:fc:5a:c8:ee:26:d0:18:e6:eb:f4:19:ef:06:81:
f2:54:cb:83:7f:0b:4b:11:a0:18:22:b1:01:66:4a:50:f2:c8:
0a:69:88:82:c2:0e:a3:ea:e5:ba:7b:18:0e:d3:fc:a5:43:eb:
c4:5f:6f:c4:01:51:15:fc:23:cd:a1:da:af:a0:b1:1f:72:32:
b5:63:91:82:5d:f4:6e:a0:ce:b2:ce:42:33:20:2f:48:cb:4f:
ee:ac:da:6c:eb:4f:e6:f0:49:97:34:d1:cc:86:29:3b:37:15:
5c:38:f1:27:db:4a:61:6b:ff:17:4b:56:94:4a:c1:ad:a7:11:
4a:25:11:05:ef:7b:63:8b:75:42:09:f3:8d:59:92:90:37:06:
84:01:66:1f:c0:08:bc:95:a2:94:94:4e:e3:68:be:b6:b0:69:
a0:81:49:6b
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYVvJrmxqKhIvsLq7chCniMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjMwMTAxMjEwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJhNzljMjg5ZmQwZGM0YzM0NTI1MzQ2MmM4NDU5NGIyMjhjYzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOFs5ZHgpQPg7pS0zqsZvQhey8RH
OrleePiO2L7x1taE+sqTTxQRj+/BrPpKm4mS2h6m6A5wUxHM4oPh+Wr/9YnPcSdT
kS4qEaYDOEOp9rox95/Lk2YgOWeG1sodobN0xYT8UR6+PnWh08oz6qJy4nagD0uK
uLluukg/nR7SX61C5+tsm8V1Xvjoq94q2TYsSoJMRdbxVLl3KeRC55sQfFHWUWfm
FqDuDgxpF9gphbkKse5crCabbtt5ugVT1H2AAvbAASrGdsG5mddEZ0cmtk5gGvtu
IcJlEAOLUXHvvSNEmsjyW5vLni5SmNEz17mHLd6UKVnrlp/MX5pdJ3eSgQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFCEqecKJ/Q3Ew0UlNGLIRZSyKMxBMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvSVNwNXdvbjlEY1REUlNVMFlzaEZsTElvekVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAsBAIAATAmAwQCuSuEAwQA
wR3OMAwDBALCAAwDBADCAA4DBADU7eUDBATZH8AwPAQCAAIwNgMHACABBngAATAS
AwcAIAEGeAAPAwcBIAEGeAAQAwUAIAEUiAMHACABFI//+wMHACABFI///TANBgkq
hkiG9w0BAQsFAAOCAQEAESbxV1KY+fxIO/PdjF1qhLGDNU4p/tV4biCUpO+6bQ2z
6ztPgkmG4ifzmjb/Zwmn6QftwyE7RlMyafEA/bjlEfr0eH8e0E3fw/aGF7KHEeKs
zHNvz4xMs6yOr9kZm/xayO4m0Bjm6/QZ7waB8lTLg38LSxGgGCKxAWZKUPLICmmI
gsIOo+rlunsYDtP8pUPrxF9vxAFRFfwjzaHar6CxH3IytWORgl30bqDOss5CMyAv
SMtP7qzabOtP5vBJlzTRzIYpOzcVXDjxJ9tKYWv/F0tWlErBracRSiURBe97Y4t1
QgnzjVmSkDcGhAFmH8AIvJWilJRO42i+trBpoIFJaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:54 2024 by rpki-client on console-ams.rpki-client.org