Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/bK9tmUhXRr7tsL5NAXXt6WkSvU0.roa
File: bK9tmUhXRr7tsL5NAXXt6WkSvU0.roa (raw, json)
Hash identifier: xSeqc7ypuIXLOcjRRu4XHUDwvBwDJzGqNz9srC7tF+c=
Subject key identifier: 6C:AF:6D:99:48:57:46:BE:ED:B0:BE:4D:01:75:ED:E9:69:12:BD:4D
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A3308EE97F4A3C9AD1F248394B678
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/bK9tmUhXRr7tsL5NAXXt6WkSvU0.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21286
IP address blocks: 192.33.239.0/24 maxlen: 24
192.33.235.0/24 maxlen: 24
192.33.238.0/24 maxlen: 24
192.101.111.0/24 maxlen: 24
192.101.112.0/24 maxlen: 24
199.88.208.0/24 maxlen: 24
192.101.113.0/24 maxlen: 24
199.88.209.0/24 maxlen: 24
145.13.0.0/16 maxlen: 16
193.202.32.0/23 maxlen: 23
192.35.133.0/24 maxlen: 24
194.104.59.0/24 maxlen: 24
192.58.226.0/24 maxlen: 24
192.58.227.0/24 maxlen: 24
192.58.228.0/24 maxlen: 24
145.222.0.0/16 maxlen: 16
194.104.32.0/24 maxlen: 24
2a02:2b50:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 22 Mar 2023 07:08:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:33:08:ee:97:f4:a3:c9:ad:1f:24:83:94:b6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6caf6d99485746beedb0be4d0175ede96912bd4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:76:11:63:3b:f1:ff:75:fd:dc:f0:52:7d:cb:
bf:77:72:7b:4d:45:76:0a:f4:6e:eb:f8:b4:eb:65:
f7:9f:ce:8d:52:e6:e7:9c:cb:f0:92:61:95:01:d3:
88:cf:7a:3d:86:50:ff:72:60:32:23:70:e0:53:25:
4c:c0:49:d4:0e:11:36:8c:e0:24:ae:31:92:b9:dd:
d0:96:84:0c:d2:d6:28:a4:0a:08:00:cb:0e:90:7c:
47:87:f5:51:bf:be:5b:fa:35:cd:af:f1:97:e6:10:
b1:a6:f3:90:ba:72:7d:1d:44:08:be:75:0e:1a:b9:
8f:79:b4:5c:be:2f:2d:6f:74:4e:ac:f3:4c:56:f3:
73:4f:07:1e:d4:76:b0:14:f9:7b:29:e4:64:94:d1:
f1:97:90:77:68:3b:d4:e4:ae:c7:96:7a:a1:15:23:
f6:7c:fa:73:83:96:bc:3e:63:62:18:84:ea:d6:57:
8a:e6:b4:eb:52:f3:83:33:c6:b0:db:d6:bd:6b:61:
f0:ba:b2:18:58:71:15:dd:9e:2e:86:3d:4b:81:78:
46:9e:32:7e:4a:32:19:50:25:57:5f:10:13:5b:20:
fe:6b:ab:31:61:a2:27:5f:17:8d:05:35:2e:e3:a1:
c7:e8:49:a7:b2:06:63:e4:56:cc:b4:0f:2d:5a:1f:
e7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:AF:6D:99:48:57:46:BE:ED:B0:BE:4D:01:75:ED:E9:69:12:BD:4D
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/bK9tmUhXRr7tsL5NAXXt6WkSvU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.13.0.0/16
145.222.0.0/16
192.33.235.0/24
192.33.238.0/23
192.35.133.0/24
192.58.226.0-192.58.228.255
192.101.111.0-192.101.113.255
193.202.32.0/23
194.104.32.0/24
194.104.59.0/24
199.88.208.0/23
IPv6:
2a02:2b50:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
06:08:3f:2b:bc:28:fc:3e:5e:25:60:f5:03:26:27:00:9c:ca:
f3:59:1b:9a:9d:70:14:a1:dc:02:28:6a:7a:ce:77:0d:d7:f8:
09:aa:6c:10:26:0f:82:53:c5:0d:fb:9f:81:64:06:23:7c:cc:
39:82:a6:8f:18:e7:d4:b7:6c:5f:bd:4f:1d:03:c7:50:01:fa:
72:e1:a5:1e:90:a9:e3:10:76:8a:4d:56:79:6b:f6:44:2c:e6:
a1:e5:eb:c5:3c:84:c7:b0:e5:10:f2:02:c1:b3:7f:7e:03:6f:
22:90:47:df:f2:12:ce:db:a7:f2:ca:5b:ef:36:5a:15:06:f5:
a4:63:a7:c5:22:52:90:29:b2:f2:80:82:05:82:4c:8e:2e:7f:
34:e3:9a:7e:72:42:ae:fe:95:ce:fd:91:37:ab:2f:e0:83:62:
96:c2:2c:73:f1:99:e6:23:f3:4a:0a:eb:c5:dd:40:2f:71:b3:
93:3b:bb:59:d3:77:21:40:85:37:1e:12:30:d7:ca:81:f6:55:
2a:86:50:fb:05:50:c6:dc:04:cb:04:b1:3d:06:6e:1c:7e:0b:
b0:ed:88:7c:06:91:f6:52:ea:88:27:15:24:e8:bf:3b:9f:73:
30:c1:9f:90:ef:20:17:9d:ba:54:a7:7f:e2:06:d2:59:6a:f7:
7e:31:6b:ef
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYVyOjMI7pf0o8mtHySDlLZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2FmNmQ5OTQ4NTc0NmJlZWRiMGJlNGQwMTc1ZWRlOTY5MTJiZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnYRYzvx/3X93PBSfcu/d3J7TUV2
CvRu6/i062X3n86NUubnnMvwkmGVAdOIz3o9hlD/cmAyI3DgUyVMwEnUDhE2jOAk
rjGSud3QloQM0tYopAoIAMsOkHxHh/VRv75b+jXNr/GX5hCxpvOQunJ9HUQIvnUO
GrmPebRcvi8tb3ROrPNMVvNzTwce1HawFPl7KeRklNHxl5B3aDvU5K7HlnqhFSP2
fPpzg5a8PmNiGITq1leK5rTrUvODM8aw29a9a2HwurIYWHEV3Z4uhj1LgXhGnjJ+
SjIZUCVXXxATWyD+a6sxYaInXxeNBTUu46HH6EmnsgZj5FbMtA8tWh/ngwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFGyvbZlIV0a+7bC+TQF17elpEr1NMB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvYks5dG1VaFhScjd0c0w1TkFYWHQ2V2tTdlUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBWBAIAATBQAwMAkQ0DAwCR
3gMEAMAh6wMEAcAh7gMEAMAjhTAMAwQBwDriAwQAwDrkMAwDBADAZW8DBAHAZXAD
BAHByiADBADCaCADBADCaDsDBAHHWNAwDwQCAAIwCQMHACoCK1D//zANBgkqhkiG
9w0BAQsFAAOCAQEABgg/K7wo/D5eJWD1AyYnAJzK81kbmp1wFKHcAihqes53Ddf4
CapsECYPglPFDfufgWQGI3zMOYKmjxjn1LdsX71PHQPHUAH6cuGlHpCp4xB2ik1W
eWv2RCzmoeXrxTyEx7DlEPICwbN/fgNvIpBH3/ISztun8spb7zZaFQb1pGOnxSJS
kCmy8oCCBYJMji5/NOOafnJCrv6Vzv2RN6sv4INilsIsc/GZ5iPzSgrrxd1AL3Gz
kzu7WdN3IUCFNx4SMNfKgfZVKoZQ+wVQxtwEywSxPQZuHH4LsO2IfAaR9lLqiCcV
JOi/O59zMMGfkO8gF526VKd/4gbSWWr3fjFr7w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org