Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/1mCfeIRvopu4Qz1Gh_Mgw9enKWM.roa
File: 1mCfeIRvopu4Qz1Gh_Mgw9enKWM.roa (raw, json)
Hash identifier: 4334eZYdtFN75IxibwjAaRqWfE0pDsyJEveqMBhS/fc=
Subject key identifier: D6:60:9F:78:84:6F:A2:9B:B8:43:3D:46:87:F3:20:C3:D7:A7:29:63
Certificate issuer: /CN=351a14ce9d25239b92fe5abce532515044c1aba4
Certificate serial: 0185C2357023E1B97B13BE639CE0FE8504D5
Authority key identifier: 35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/1mCfeIRvopu4Qz1Gh_Mgw9enKWM.roa
Signing time: Wed 18 Jan 2023 00:09:20 +0000
ROA not before: Wed 18 Jan 2023 00:09:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56430
IP address blocks: 188.241.13.0/24 maxlen: 24
86.105.152.0/23 maxlen: 23
86.105.155.0/24 maxlen: 24
77.81.64.0/24 maxlen: 24
89.42.42.0/24 maxlen: 24
193.33.200.0/23 maxlen: 23
185.82.172.0/22 maxlen: 22
89.36.93.0/24 maxlen: 24
89.36.18.0/24 maxlen: 24
89.43.174.0/24 maxlen: 24
188.212.250.0/24 maxlen: 24
89.40.214.0/24 maxlen: 24
2a05:91c4::/32 maxlen: 32
2a05:91c0::/32 maxlen: 32
2a09:1340::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 18 Jan 2023 17:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c2:35:70:23:e1:b9:7b:13:be:63:9c:e0:fe:85:04:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a14ce9d25239b92fe5abce532515044c1aba4
Validity
Not Before: Jan 18 00:09:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6609f78846fa29bb8433d4687f320c3d7a72963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a0:57:c6:95:44:d7:a5:95:78:10:0d:c8:a1:
e3:83:85:23:de:17:bf:e8:40:b5:b6:4b:01:73:b5:
af:9c:32:1c:3f:49:9b:a7:14:41:93:b9:d5:3f:27:
2f:58:e3:7f:80:5a:d7:99:78:1f:62:06:e2:98:d4:
10:2d:f0:71:b6:5b:48:13:56:28:45:b7:4c:cd:de:
19:02:20:96:f2:26:5c:03:3e:a1:ee:9b:b2:7f:b6:
90:08:87:46:8d:e0:e3:f1:54:5b:2f:83:26:4b:9f:
20:f8:1f:e0:dd:24:d9:4f:d4:3b:13:56:c1:d4:24:
4b:7b:f5:77:83:84:22:40:c9:9f:04:92:06:73:6d:
94:5c:98:89:a5:37:7e:60:9c:75:40:79:c0:8f:18:
1e:97:e9:98:a5:8e:ba:0e:a6:8f:e3:98:94:02:dc:
ac:d5:37:da:66:62:d9:ec:1a:b0:6c:d3:0b:6e:06:
ea:b9:1a:ab:17:ad:09:4f:3a:42:59:4d:d0:b1:be:
60:61:2f:db:2c:79:31:59:1c:48:f1:62:3b:8c:7f:
21:3e:02:03:0a:90:fd:21:b3:8d:4d:1c:bc:c2:a9:
5b:14:a9:82:3a:12:aa:02:42:cc:90:7f:eb:9d:11:
87:70:d5:bd:be:13:e3:8f:17:f8:bf:99:1e:b8:7d:
73:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:60:9F:78:84:6F:A2:9B:B8:43:3D:46:87:F3:20:C3:D7:A7:29:63
X509v3 Authority Key Identifier:
keyid:35:1A:14:CE:9D:25:23:9B:92:FE:5A:BC:E5:32:51:50:44:C1:AB:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRoUzp0lI5uS_lq85TJRUETBq6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/1mCfeIRvopu4Qz1Gh_Mgw9enKWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e2165-3bb5-45c3-989a-2953894b1f6d/1/NRoUzp0lI5uS_lq85TJRUETBq6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.64.0/24
86.105.152.0/23
86.105.155.0/24
89.36.18.0/24
89.36.93.0/24
89.40.214.0/24
89.42.42.0/24
89.43.174.0/24
185.82.172.0/22
188.212.250.0/24
188.241.13.0/24
193.33.200.0/23
IPv6:
2a05:91c0::/32
2a05:91c4::/32
2a09:1340::/29
Signature Algorithm: sha256WithRSAEncryption
67:e3:6a:34:f8:3a:35:bd:50:a0:3a:74:09:a0:30:db:39:13:
69:1a:70:f0:d5:51:78:5d:cd:5b:f1:04:0b:f6:e0:12:5d:88:
35:39:52:29:d8:f9:b2:84:f4:ed:78:9b:1f:80:e1:ff:f4:ff:
30:d5:21:83:65:86:2b:cf:93:07:58:4f:fd:59:a2:9f:c4:07:
78:df:3b:7f:36:6d:bf:d1:5f:42:38:27:96:6e:0c:e3:56:5e:
7c:96:4a:f9:0b:7d:60:f0:4d:ac:c4:15:93:bf:ac:23:97:cb:
6d:f3:c7:1a:35:e8:7f:b5:a5:f6:75:fc:7d:1f:0a:f0:f5:f8:
85:fa:49:c7:36:09:a5:95:33:00:76:e9:a2:5d:de:ff:d8:74:
81:95:5b:d9:b6:61:16:d8:5f:59:1f:cb:b7:94:b1:16:f1:cd:
8c:cc:85:ec:1b:88:fb:db:77:62:2a:c2:e9:15:a7:78:c9:3c:
b0:5d:d6:7e:11:8c:1b:8f:07:cc:94:87:1f:39:00:90:6c:6c:
2b:25:7f:28:10:8b:4f:c6:f2:4c:1e:a2:2f:d0:02:04:62:11:
88:0f:54:3b:d9:14:0e:fd:b8:da:78:1e:de:0a:74:4d:29:6d:
83:06:59:23:8e:c4:5d:1d:b9:ef:83:e7:ab:0b:66:f6:71:57:
4e:59:0c:ea
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYXCNXAj4bl7E75jnOD+hQTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWExNGNlOWQyNTIzOWI5MmZlNWFiY2U1MzI1MTUwNDRj
MWFiYTQwHhcNMjMwMTE4MDAwOTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjYwOWY3ODg0NmZhMjliYjg0MzNkNDY4N2YzMjBjM2Q3YTcyOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaBXxpVE16WVeBANyKHjg4Uj3he/
6EC1tksBc7WvnDIcP0mbpxRBk7nVPycvWON/gFrXmXgfYgbimNQQLfBxtltIE1Yo
RbdMzd4ZAiCW8iZcAz6h7puyf7aQCIdGjeDj8VRbL4MmS58g+B/g3STZT9Q7E1bB
1CRLe/V3g4QiQMmfBJIGc22UXJiJpTd+YJx1QHnAjxgel+mYpY66DqaP45iUAtys
1TfaZmLZ7BqwbNMLbgbquRqrF60JTzpCWU3Qsb5gYS/bLHkxWRxI8WI7jH8hPgID
CpD9IbONTRy8wqlbFKmCOhKqAkLMkH/rnRGHcNW9vhPjjxf4v5keuH1zCQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFNZgn3iEb6KbuEM9RofzIMPXpyljMB8GA1UdIwQY
MBaAFDUaFM6dJSObkv5avOUyUVBEwaukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEt
Mjk1Mzg5NGIxZjZkLzEvMW1DZmVJUnZvcHU0UXoxR2hfTWd3OWVuS1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTIxNjUtM2JiNS00NWMzLTk4OWEtMjk1Mzg5NGIxZjZk
LzEvTlJvVXpwMGxJNXVTX2xxODVUSlJVRVRCcTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBOBAIAATBIAwQATVFAAwQB
VmmYAwQAVmmbAwQAWSQSAwQAWSRdAwQAWSjWAwQAWSoqAwQAWSuuAwQCuVKsAwQA
vNT6AwQAvPENAwQBwSHIMBsEAgACMBUDBQAqBZHAAwUAKgWRxAMFAyoJE0AwDQYJ
KoZIhvcNAQELBQADggEBAGfjajT4OjW9UKA6dAmgMNs5E2kacPDVUXhdzVvxBAv2
4BJdiDU5UinY+bKE9O14mx+A4f/0/zDVIYNlhivPkwdYT/1Zop/EB3jfO382bb/R
X0I4J5ZuDONWXnyWSvkLfWDwTazEFZO/rCOXy23zxxo16H+1pfZ1/H0fCvD1+IX6
Scc2CaWVMwB26aJd3v/YdIGVW9m2YRbYX1kfy7eUsRbxzYzMhewbiPvbd2IqwukV
p3jJPLBd1n4RjBuPB8yUhx85AJBsbCslfygQi0/G8kweoi/QAgRiEYgPVDvZFA79
uNp4Ht4KdE0pbYMGWSOOxF0due+D56sLZvZxV05ZDOo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:27 2024 by rpki-client on console-fra.rpki-client.org