Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ammvGDkb6GcA0PVp5XHHqcHSCus.roa
File: ammvGDkb6GcA0PVp5XHHqcHSCus.roa (raw, json)
Hash identifier: dqnmfUvLUiT5Y84zxpdej+gZMl3XrULCAn+biO4u/Jg=
Subject key identifier: 6A:69:AF:18:39:1B:E8:67:00:D0:F5:69:E5:71:C7:A9:C1:D2:0A:EB
Certificate issuer: /CN=01335442514d5249b5143cfdf821216bb5c52940
Certificate serial: 01857230F15FDED148256E5350777A0E741F
Authority key identifier: 01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ammvGDkb6GcA0PVp5XHHqcHSCus.roa
Signing time: Mon 02 Jan 2023 11:14:48 +0000
ROA not before: Mon 02 Jan 2023 11:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39134
IP address blocks: 185.206.100.0/22 maxlen: 24
185.206.100.0/24 maxlen: 24
88.212.220.0/22 maxlen: 24
88.212.224.0/22 maxlen: 24
88.212.229.0/24 maxlen: 24
88.212.228.0/22 maxlen: 24
88.212.230.0/23 maxlen: 23
88.212.192.0/24 maxlen: 24
88.212.192.0/20 maxlen: 24
88.212.196.0/24 maxlen: 24
88.212.204.0/24 maxlen: 24
88.212.208.0/22 maxlen: 24
2a02:2100::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 02 Jun 2023 08:52:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:f1:5f:de:d1:48:25:6e:53:50:77:7a:0e:74:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01335442514d5249b5143cfdf821216bb5c52940
Validity
Not Before: Jan 2 11:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a69af18391be86700d0f569e571c7a9c1d20aeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:94:28:93:8b:0e:2f:4f:07:70:7e:6c:c8:b0:
20:43:46:dd:24:b2:31:cb:d0:9e:49:f7:0d:6b:c0:
50:44:6b:8e:3f:7c:6e:97:2c:ea:62:39:d1:b8:4d:
46:d5:cc:af:95:d1:f2:e6:53:20:03:b6:df:71:83:
fb:5b:7c:dd:ca:14:a4:0a:ae:66:06:7b:64:89:16:
80:dc:e6:62:1f:d1:f5:b8:32:ff:47:5e:2d:c9:88:
0b:c2:b2:49:01:ad:36:7e:af:a9:2c:1b:13:36:a2:
26:bd:0b:e2:0f:5f:37:34:24:bc:47:7a:db:cb:96:
a6:0e:11:10:e0:5e:1d:85:de:c0:98:f8:b7:a6:43:
bf:94:95:25:59:cc:dc:a0:53:45:f4:b0:46:3b:04:
06:f1:71:d6:c8:08:18:e5:bf:70:97:22:6d:fd:72:
b5:49:ab:42:86:cd:40:7b:10:d7:96:6a:7f:de:96:
8d:1f:6b:06:6e:14:bb:b0:d3:bb:81:46:4d:7d:e5:
0d:a8:3c:27:e0:c5:d5:dd:b1:ef:89:a9:c8:4d:04:
01:31:8f:77:05:64:84:9a:bf:dd:b7:bf:92:bd:f7:
28:61:6d:58:ee:94:38:2e:09:fc:75:43:4d:21:f5:
3b:dc:5f:9a:87:d5:79:ad:88:c3:c8:bd:b6:65:f8:
f2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:69:AF:18:39:1B:E8:67:00:D0:F5:69:E5:71:C7:A9:C1:D2:0A:EB
X509v3 Authority Key Identifier:
keyid:01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ammvGDkb6GcA0PVp5XHHqcHSCus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.212.192.0-88.212.211.255
88.212.220.0-88.212.231.255
185.206.100.0/22
IPv6:
2a02:2100::/32
Signature Algorithm: sha256WithRSAEncryption
40:e3:47:cb:7b:5d:06:7b:0e:f0:4b:93:58:5f:d2:43:2f:83:
3d:39:4d:0a:a4:5b:a5:38:b1:b5:19:e0:c7:3a:3e:f3:77:0f:
ae:c5:c1:25:52:06:6e:19:d1:3b:e2:ed:29:c3:c5:1b:6a:47:
a5:74:28:2e:9f:04:fa:73:2a:2f:cf:b6:19:d9:b8:5d:be:88:
11:b9:c8:d4:65:ef:01:32:70:57:8e:4f:71:7a:14:35:0b:3f:
1b:20:a4:43:82:65:b1:6c:fe:db:7d:89:17:2d:6a:fd:c1:94:
c3:09:0e:91:81:50:dd:64:8f:fa:c3:03:56:4a:2e:b6:41:99:
50:eb:07:92:50:f2:a8:5a:6f:75:64:be:e6:0c:ff:8a:3a:0c:
a9:5b:c5:58:c7:62:86:f1:85:f1:d1:fa:d4:68:ff:6e:fb:24:
25:42:44:cb:7d:e3:36:ec:00:31:37:ab:a5:3f:86:4e:1f:2e:
d9:e4:73:4b:38:1a:a3:54:08:df:7f:38:53:3b:c9:7d:bf:e6:
db:52:19:e0:a0:4c:2b:4e:a7:bf:80:7f:91:09:4b:2e:85:bd:
d6:8d:09:44:ba:72:0e:9a:af:8a:a1:ae:98:78:c8:3f:21:c3:
64:4b:7b:7f:a2:a9:74:8b:dd:c5:1e:6b:ac:7a:21:62:88:dc:
d0:14:e4:dc
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVyMPFf3tFIJW5TUHd6DnQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMzM1NDQyNTE0ZDUyNDliNTE0M2NmZGY4MjEyMTZiYjVj
NTI5NDAwHhcNMjMwMTAyMTExNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTY5YWYxODM5MWJlODY3MDBkMGY1NjllNTcxYzdhOWMxZDIwYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZQok4sOL08HcH5syLAgQ0bdJLIx
y9CeSfcNa8BQRGuOP3xulyzqYjnRuE1G1cyvldHy5lMgA7bfcYP7W3zdyhSkCq5m
BntkiRaA3OZiH9H1uDL/R14tyYgLwrJJAa02fq+pLBsTNqImvQviD183NCS8R3rb
y5amDhEQ4F4dhd7AmPi3pkO/lJUlWczcoFNF9LBGOwQG8XHWyAgY5b9wlyJt/XK1
SatChs1AexDXlmp/3paNH2sGbhS7sNO7gUZNfeUNqDwn4MXV3bHvianITQQBMY93
BWSEmr/dt7+SvfcoYW1Y7pQ4Lgn8dUNNIfU73F+ah9V5rYjDyL22Zfjy3QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFGpprxg5G+hnAND1aeVxx6nB0grrMB8GA1UdIwQY
MBaAFAEzVEJRTVJJtRQ8/fghIWu1xSlAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVROVVFsRk5Va20xRkR6OS1DRWhhN1hGS1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9jN2E2OGYtN2JmOC00ZjgwLWE5YTIt
ODE1ZDJjMDI2NjQ2LzEvYW1tdkdEa2I2R2NBMFBWcDVYSEhxY0hTQ3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9jN2E2OGYtN2JmOC00ZjgwLWE5YTItODE1ZDJjMDI2NjQ2
LzEvQVROVVFsRk5Va20xRkR6OS1DRWhhN1hGS1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAZY1MAD
BAJY1NAwDAMEAljU3AMEA1jU4AMEArnOZDANBAIAAjAHAwUAKgIhADANBgkqhkiG
9w0BAQsFAAOCAQEAQONHy3tdBnsO8EuTWF/SQy+DPTlNCqRbpTixtRngxzo+83cP
rsXBJVIGbhnRO+LtKcPFG2pHpXQoLp8E+nMqL8+2Gdm4Xb6IEbnI1GXvATJwV45P
cXoUNQs/GyCkQ4JlsWz+232JFy1q/cGUwwkOkYFQ3WSP+sMDVkoutkGZUOsHklDy
qFpvdWS+5gz/ijoMqVvFWMdihvGF8dH61Gj/bvskJUJEy33jNuwAMTerpT+GTh8u
2eRzSzgao1QI3384UzvJfb/m21IZ4KBMK06nv4B/kQlLLoW91o0JRLpyDpqviqGu
mHjIPyHDZEt7f6KpdIvdxR5rrHohYojc0BTk3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:10 2024 by rpki-client on console-fra.rpki-client.org