Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/c_9nBkN6BdcTcTK1QOaO_lXFHiA.roa
File: c_9nBkN6BdcTcTK1QOaO_lXFHiA.roa (raw, json)
Hash identifier: jiSgj1qlCe60b9b5cFh4vaGPurxBQUW33x6m1VIt+Tk=
Subject key identifier: 73:FF:67:06:43:7A:05:D7:13:71:32:B5:40:E6:8E:FE:55:C5:1E:20
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 01857246B9FC3168B051B693F125040C0382
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/c_9nBkN6BdcTcTK1QOaO_lXFHiA.roa
Signing time: Mon 02 Jan 2023 11:38:35 +0000
ROA not before: Mon 02 Jan 2023 11:38:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49632
IP address blocks: 188.125.174.0/24 maxlen: 24
188.125.161.0/24 maxlen: 24
188.125.160.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.163.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.169.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 13:47:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:b9:fc:31:68:b0:51:b6:93:f1:25:04:0c:03:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Jan 2 11:38:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73ff6706437a05d7137132b540e68efe55c51e20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:62:65:86:e0:79:63:4a:37:35:95:31:20:8b:
88:3c:3c:11:63:ee:e9:d8:20:86:15:cf:35:25:9b:
32:a8:fb:4a:10:72:04:9d:9c:f1:6e:c7:b5:ab:07:
c1:6f:89:12:22:10:64:58:74:74:87:99:4a:40:b0:
39:91:6c:0a:c8:ea:c8:67:15:32:5b:db:0d:ae:d0:
12:af:1b:8e:a1:d1:8e:3a:26:eb:41:9b:36:a7:b8:
83:0f:9e:eb:2d:a5:a4:26:a4:08:44:dd:a8:4f:1c:
b6:7b:b5:2c:fa:5c:64:68:f4:29:bf:aa:e6:4c:eb:
6a:44:79:1e:29:76:41:77:8d:f1:61:78:38:32:f9:
ac:5c:fd:ff:ea:84:83:82:9e:93:29:f5:33:58:9c:
46:27:89:af:a4:17:32:d6:48:a1:1a:b7:74:a5:f6:
40:f5:f2:f5:93:04:3d:58:e0:06:33:fd:72:df:28:
44:55:9b:14:a5:fc:a8:91:12:85:0f:16:7e:e3:8e:
f8:55:ea:fa:bf:19:38:99:5a:ec:a9:63:8d:e0:4f:
af:b3:aa:33:11:be:04:84:ca:66:b8:7f:9d:d2:81:
5c:96:dc:4e:65:4f:42:2d:9b:36:bf:0c:c9:02:33:
01:21:e9:fb:bc:a6:40:d3:1b:60:dc:6b:50:6b:de:
44:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FF:67:06:43:7A:05:D7:13:71:32:B5:40:E6:8E:FE:55:C5:1E:20
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/c_9nBkN6BdcTcTK1QOaO_lXFHiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0/23
188.125.163.0-188.125.170.255
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c6:f3:99:79:9d:76:e9:69:9b:68:6e:0f:53:f1:ab:18:cc:
9d:53:58:50:0e:7e:4c:fe:91:b9:ce:4f:cf:69:c4:e8:8e:0a:
c5:6f:34:19:e7:62:17:c8:f7:8a:84:07:c8:df:59:5b:c0:5f:
9b:73:46:01:13:ec:52:68:42:4f:1c:14:ee:2d:21:e9:51:94:
00:ad:40:f5:76:a7:d4:a8:5d:67:73:a1:c9:34:46:20:bc:83:
7f:5d:53:9a:e4:75:85:0d:7e:59:d4:27:76:2a:9f:52:c2:e2:
9b:60:c9:fa:5b:16:24:13:ec:e7:3f:97:d3:e0:51:3e:e5:fe:
90:66:e1:13:20:fa:3f:51:4f:3e:5d:61:da:d5:2a:e5:ac:1e:
f4:20:aa:34:72:59:70:32:cf:bb:cc:8a:2b:17:75:1b:34:00:
98:8f:c4:03:06:37:40:d3:17:a8:20:35:ad:37:fa:fd:9f:c9:
85:12:8e:fe:7d:61:63:21:ce:95:50:23:88:97:37:3b:56:11:
11:d3:01:60:bf:e4:8c:84:ff:b6:f0:bf:26:b9:8f:ff:2c:25:
79:44:c9:6c:74:2c:4e:ca:2b:13:50:e7:e1:9e:3f:dc:1c:f4:
73:68:58:ef:39:85:4b:6c:a7:2a:b0:23:f5:64:72:a4:60:3d:
86:e6:26:a3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVyRrn8MWiwUbaT8SUEDAOCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjMwMTAyMTEzODM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZmNjcwNjQzN2EwNWQ3MTM3MTMyYjU0MGU2OGVmZTU1YzUxZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWJlhuB5Y0o3NZUxIIuIPDwRY+7p
2CCGFc81JZsyqPtKEHIEnZzxbse1qwfBb4kSIhBkWHR0h5lKQLA5kWwKyOrIZxUy
W9sNrtASrxuOodGOOibrQZs2p7iDD57rLaWkJqQIRN2oTxy2e7Us+lxkaPQpv6rm
TOtqRHkeKXZBd43xYXg4MvmsXP3/6oSDgp6TKfUzWJxGJ4mvpBcy1kihGrd0pfZA
9fL1kwQ9WOAGM/1y3yhEVZsUpfyokRKFDxZ+4474Ver6vxk4mVrsqWON4E+vs6oz
Eb4EhMpmuH+d0oFcltxOZU9CLZs2vwzJAjMBIen7vKZA0xtg3GtQa95EdQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHP/ZwZDegXXE3EytUDmjv5VxR4gMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvY185bkJrTjZCZGNUY1RLMVFPYU9fbFhGSGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBvH2gMAwD
BAC8faMDBAC8faoDBAC8fa4wDQYJKoZIhvcNAQELBQADggEBAGDG85l5nXbpaZto
bg9T8asYzJ1TWFAOfkz+kbnOT89pxOiOCsVvNBnnYhfI94qEB8jfWVvAX5tzRgET
7FJoQk8cFO4tIelRlACtQPV2p9SoXWdzock0RiC8g39dU5rkdYUNflnUJ3Yqn1LC
4ptgyfpbFiQT7Oc/l9PgUT7l/pBm4RMg+j9RTz5dYdrVKuWsHvQgqjRyWXAyz7vM
iisXdRs0AJiPxAMGN0DTF6ggNa03+v2fyYUSjv59YWMhzpVQI4iXNztWERHTAWC/
5IyE/7bwvya5j/8sJXlEyWx0LE7KKxNQ5+GeP9wc9HNoWO85hUtspyqwI/VkcqRg
PYbmJqM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:47 2024 by rpki-client on console-fra.rpki-client.org