Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/sJ5dLQUPEB-FL_7hgPea29eyv68.roa
File: sJ5dLQUPEB-FL_7hgPea29eyv68.roa (raw, json)
Hash identifier: ejDmPbWfEIxIbQDon+CXBHRxZIH/HFpA7dY6QvUqVuE=
Subject key identifier: B0:9E:5D:2D:05:0F:10:1F:85:2F:FE:E1:80:F7:9A:DB:D7:B2:BF:AF
Certificate issuer: /CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Certificate serial: 01856D41AA0083FFB943BDB4BFC2166ABA7A
Authority key identifier: 4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/sJ5dLQUPEB-FL_7hgPea29eyv68.roa
Signing time: Sun 01 Jan 2023 12:14:57 +0000
ROA not before: Sun 01 Jan 2023 12:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48707
IP address blocks: 195.2.208.0/24 maxlen: 24
195.2.209.0/24 maxlen: 24
185.253.212.0/24 maxlen: 24
185.253.213.0/24 maxlen: 24
185.253.214.0/24 maxlen: 24
185.253.215.0/24 maxlen: 24
91.230.202.0/24 maxlen: 24
91.230.203.0/24 maxlen: 24
91.230.204.0/24 maxlen: 24
91.230.205.0/24 maxlen: 24
91.230.200.0/24 maxlen: 24
91.230.201.0/24 maxlen: 24
185.237.30.0/24 maxlen: 24
185.237.31.0/24 maxlen: 24
185.237.28.0/24 maxlen: 24
185.237.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Aug 2023 09:25:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:aa:00:83:ff:b9:43:bd:b4:bf:c2:16:6a:ba:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93029c5b2639cd29b9f9dd5294cc94ef52d6af
Validity
Not Before: Jan 1 12:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b09e5d2d050f101f852ffee180f79adbd7b2bfaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:95:9a:16:2f:51:dd:40:a1:67:cd:8e:05:
b5:2a:8a:ec:c7:d6:4d:a0:f7:b0:a5:e4:bd:57:8d:
97:63:0a:84:7b:55:9f:72:f9:51:76:e1:b7:43:00:
2d:35:84:6f:b4:25:2b:45:48:de:e6:a0:f8:0b:e9:
8b:f6:b8:e2:24:46:61:ff:54:8d:8d:9b:f2:57:74:
03:48:ba:6e:78:57:e7:6a:a3:25:56:fc:e5:28:83:
cd:05:51:7c:f1:8f:eb:dc:7e:86:d7:18:7f:28:67:
e5:11:ac:b7:a9:95:5e:df:3a:22:59:3c:5f:4d:e1:
6d:49:ec:15:c0:82:59:d8:16:88:f1:c0:a4:b0:ea:
fc:59:fd:0d:1e:06:9d:f6:31:12:73:21:1e:26:ec:
94:57:6d:f1:65:f7:1a:78:76:3d:7f:96:da:85:c5:
6d:fe:87:20:28:e4:8a:f2:97:3f:5e:be:0c:bf:4f:
b6:1f:09:0b:53:79:3e:4d:29:b6:99:3d:0d:8a:c1:
c4:0c:f0:46:e6:06:67:3e:d1:4a:77:12:c1:89:e3:
04:c6:0c:73:f3:0c:fb:23:d0:4e:84:33:28:db:a7:
62:48:d0:15:cf:d7:e8:e6:fe:81:70:a8:de:15:df:
a7:70:c9:29:4d:f0:d2:ac:5f:20:c7:8b:5e:13:f6:
36:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:9E:5D:2D:05:0F:10:1F:85:2F:FE:E1:80:F7:9A:DB:D7:B2:BF:AF
X509v3 Authority Key Identifier:
keyid:4C:93:02:9C:5B:26:39:CD:29:B9:F9:DD:52:94:CC:94:EF:52:D6:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMCnFsmOc0pufndUpTMlO9S1q8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/sJ5dLQUPEB-FL_7hgPea29eyv68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7bd729-98e5-43ff-afe6-187b1f77c1a5/1/TJMCnFsmOc0pufndUpTMlO9S1q8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.200.0-91.230.205.255
185.237.28.0/22
185.253.212.0/22
195.2.208.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:53:46:3c:ce:ad:59:77:de:94:51:c1:2b:51:22:35:46:7c:
8b:14:62:bb:7b:08:69:57:e5:62:83:56:64:96:ab:0e:66:45:
74:5d:25:60:f1:57:e1:fa:d4:38:42:d5:4d:9b:51:2f:8c:f3:
56:43:a8:97:22:6d:41:bd:a2:6a:e0:b4:e7:f6:43:c8:9a:c1:
32:18:64:52:c3:3e:24:a5:a7:ad:09:a7:dd:72:3e:d4:8e:df:
55:10:8c:91:72:3d:49:0c:ab:18:74:64:97:51:26:7a:b9:2d:
d8:f9:c8:6b:4d:24:e3:e9:bd:d0:a1:45:9a:3e:44:bf:5c:ba:
8e:1b:08:68:2f:35:c7:dc:58:54:b6:0c:7f:20:8e:be:7e:ac:
18:8d:68:5f:d9:88:74:2c:26:e2:ce:c5:48:74:08:18:b2:4e:
e4:34:64:f9:67:8d:8c:81:ad:e9:81:7d:20:51:4d:0b:0b:20:
eb:45:a0:e5:ce:4f:d9:c6:f6:db:53:7c:50:06:30:ff:25:7c:
10:28:6e:76:19:b7:2e:a0:54:95:36:b1:c3:ba:f7:4b:15:1c:
78:d4:61:e7:71:79:ae:d6:19:fe:94:d8:28:04:a0:9e:06:8b:
3a:cf:09:c1:82:be:04:05:25:ae:e9:49:89:27:60:17:bb:62:
38:1e:6a:99
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVtQaoAg/+5Q720v8IWarp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMwMjljNWIyNjM5Y2QyOWI5ZjlkZDUyOTRjYzk0ZWY1
MmQ2YWYwHhcNMjMwMTAxMTIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDllNWQyZDA1MGYxMDFmODUyZmZlZTE4MGY3OWFkYmQ3YjJiZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8WVmhYvUd1AoWfNjgW1Korsx9ZN
oPewpeS9V42XYwqEe1WfcvlRduG3QwAtNYRvtCUrRUje5qD4C+mL9rjiJEZh/1SN
jZvyV3QDSLpueFfnaqMlVvzlKIPNBVF88Y/r3H6G1xh/KGflEay3qZVe3zoiWTxf
TeFtSewVwIJZ2BaI8cCksOr8Wf0NHgad9jEScyEeJuyUV23xZfcaeHY9f5bahcVt
/ocgKOSK8pc/Xr4Mv0+2HwkLU3k+TSm2mT0NisHEDPBG5gZnPtFKdxLBieMExgxz
8wz7I9BOhDMo26diSNAVz9fo5v6BcKjeFd+ncMkpTfDSrF8gx4teE/Y2aQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLCeXS0FDxAfhS/+4YD3mtvXsr+vMB8GA1UdIwQY
MBaAFEyTApxbJjnNKbn53VKUzJTvUtavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYt
MTg3YjFmNzdjMWE1LzEvc0o1ZExRVVBFQi1GTF83aGdQZWEyOWV5djY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83YmQ3MjktOThlNS00M2ZmLWFmZTYtMTg3YjFmNzdjMWE1
LzEvVEpNQ25Gc21PYzBwdWZuZFVwVE1sTzlTMXE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBANb5sgD
BAFb5swDBAK57RwDBAK5/dQDBAHDAtAwDQYJKoZIhvcNAQELBQADggEBAHpTRjzO
rVl33pRRwStRIjVGfIsUYrt7CGlX5WKDVmSWqw5mRXRdJWDxV+H61DhC1U2bUS+M
81ZDqJcibUG9omrgtOf2Q8iawTIYZFLDPiSlp60Jp91yPtSO31UQjJFyPUkMqxh0
ZJdRJnq5Ldj5yGtNJOPpvdChRZo+RL9cuo4bCGgvNcfcWFS2DH8gjr5+rBiNaF/Z
iHQsJuLOxUh0CBiyTuQ0ZPlnjYyBremBfSBRTQsLIOtFoOXOT9nG9ttTfFAGMP8l
fBAobnYZty6gVJU2scO690sVHHjUYedxea7WGf6U2CgEoJ4GizrPCcGCvgQFJa7p
SYknYBe7Yjgeapk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:35 2024 by rpki-client on console-fra.rpki-client.org