Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/g-a7EcOlrtJwGJNJOd2k_iJ__l8.roa
File: g-a7EcOlrtJwGJNJOd2k_iJ__l8.roa (raw, json)
Hash identifier: KMwvAvIt2ViKPqrhlrmgt35eGDMigqGnqWEqDvzzic0=
Subject key identifier: 83:E6:BB:11:C3:A5:AE:D2:70:18:93:49:39:DD:A4:FE:22:7F:FE:5F
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 0188FFCC9154A55939C88D0B066FD7DC1D01
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/g-a7EcOlrtJwGJNJOd2k_iJ__l8.roa
Signing time: Wed 28 Jun 2023 02:19:36 +0000
ROA not before: Wed 28 Jun 2023 02:19:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4637
IP address blocks: 193.82.192.0/19 maxlen: 24
195.153.124.0/24 maxlen: 24
195.153.19.0/24 maxlen: 24
193.82.96.0/19 maxlen: 24
217.151.32.0/20 maxlen: 24
193.82.128.0/19 maxlen: 24
195.153.74.0/24 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.217.0/24 maxlen: 24
195.153.216.0/24 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 04 Oct 2023 01:32:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ff:cc:91:54:a5:59:39:c8:8d:0b:06:6f:d7:dc:1d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jun 28 02:19:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83e6bb11c3a5aed27018934939dda4fe227ffe5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e9:34:63:f7:54:60:4a:05:83:f3:d7:98:25:
1e:00:bd:4b:7c:aa:40:51:88:c9:c8:3f:cb:db:47:
62:b2:9e:8c:5e:b3:bf:67:88:4d:a8:63:c1:a3:b9:
d9:b1:80:c4:7a:ff:f8:31:75:1d:26:b2:74:23:39:
3c:41:20:90:5e:f9:41:73:82:40:d4:ff:65:af:7a:
98:7e:7d:1f:15:f3:e7:99:82:9d:cf:49:b5:1b:0d:
dd:8e:2f:d1:27:e0:68:96:04:7d:30:4f:c5:04:fe:
b3:9e:a6:c5:0f:05:15:41:1f:34:de:59:fd:fa:09:
26:fa:42:f8:ce:10:74:a2:a5:b4:91:24:b1:5a:e3:
bd:a2:fc:d0:eb:34:2b:1f:c2:92:ad:52:3f:93:45:
c5:0a:2c:eb:3c:ca:56:5a:14:3c:1e:ec:15:bf:2d:
91:eb:d8:0d:2a:f9:d2:da:40:4a:ef:23:69:b2:f9:
b8:ac:b0:0a:b7:e6:e3:d5:05:0f:4c:cf:05:4f:b0:
64:a9:2d:41:62:e0:cc:94:ee:ca:8f:64:d9:c0:1b:
a3:ca:e5:31:df:e3:33:f1:d4:ff:8e:73:81:2f:4c:
7d:b1:ea:83:c0:ff:9e:67:1e:2d:56:bd:0e:11:22:
0c:ed:47:24:47:01:f9:d3:e8:f9:e8:a1:09:2e:ef:
5d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E6:BB:11:C3:A5:AE:D2:70:18:93:49:39:DD:A4:FE:22:7F:FE:5F
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/g-a7EcOlrtJwGJNJOd2k_iJ__l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
5a:dd:6c:69:82:cf:8d:70:aa:7e:b4:d3:c1:09:91:9f:42:4c:
14:3a:be:77:33:70:de:75:38:f0:c6:9c:25:b4:0c:a6:5b:ff:
ff:f3:37:4d:5c:e9:20:72:95:77:82:a3:9f:f0:d1:b1:66:6b:
93:7f:19:01:60:14:96:ea:1b:60:cd:0f:f6:8b:cb:2e:73:44:
5c:6a:56:39:17:bd:0a:90:f4:46:2c:62:f1:95:42:93:56:b7:
bb:f2:2b:f1:4e:05:6a:46:1d:60:c0:eb:2d:58:03:70:2c:20:
24:a4:64:c5:a9:a9:40:10:1e:69:80:a0:3e:16:2c:bf:ca:f8:
aa:fa:dd:6b:30:c6:43:3e:56:12:02:a6:45:9a:3f:d7:e7:32:
54:1c:22:0a:fc:41:7b:c4:66:f0:eb:02:26:f5:e1:97:82:c3:
20:ad:6c:e3:47:6e:ee:02:4d:e5:5b:b2:44:d7:f5:c3:9f:98:
d0:27:2d:1b:36:43:15:40:09:8f:4f:f7:c4:90:fd:fb:71:31:
46:6d:c7:b9:34:fd:da:40:12:72:2f:88:b1:b1:1c:9d:3e:31:
b9:f6:ff:ac:d2:06:45:71:e9:b9:83:38:f1:75:72:cd:00:4d:
d6:9e:aa:f0:38:39:f5:1b:80:a2:a6:4a:c3:66:eb:9f:72:ec:
fb:c3:51:73
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYj/zJFUpVk5yI0LBm/X3B0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjMwNjI4MDIxOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2U2YmIxMWMzYTVhZWQyNzAxODkzNDkzOWRkYTRmZTIyN2ZmZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+k0Y/dUYEoFg/PXmCUeAL1LfKpA
UYjJyD/L20disp6MXrO/Z4hNqGPBo7nZsYDEev/4MXUdJrJ0Izk8QSCQXvlBc4JA
1P9lr3qYfn0fFfPnmYKdz0m1Gw3dji/RJ+BolgR9ME/FBP6znqbFDwUVQR803ln9
+gkm+kL4zhB0oqW0kSSxWuO9ovzQ6zQrH8KSrVI/k0XFCizrPMpWWhQ8HuwVvy2R
69gNKvnS2kBK7yNpsvm4rLAKt+bj1QUPTM8FT7BkqS1BYuDMlO7Kj2TZwBujyuUx
3+Mz8dT/jnOBL0x9seqDwP+eZx4tVr0OESIM7UckRwH50+j56KEJLu9dLQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIPmuxHDpa7ScBiTSTndpP4if/5fMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvZy1hN0VjT2xydEp3R0pOSk9kMmtfaUpfX2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+MAwDBAXBUmAD
BAXBUoADBAXBUsADBAXBdSADBADDmRMDBADDmUoDBALDmWwDBADDmXwDBAHDmdgD
BATZlyAwDQQCAAIwBwMFACoCFiAwDQYJKoZIhvcNAQELBQADggEBAFrdbGmCz41w
qn6008EJkZ9CTBQ6vnczcN51OPDGnCW0DKZb///zN01c6SBylXeCo5/w0bFma5N/
GQFgFJbqG2DND/aLyy5zRFxqVjkXvQqQ9EYsYvGVQpNWt7vyK/FOBWpGHWDA6y1Y
A3AsICSkZMWpqUAQHmmAoD4WLL/K+Kr63WswxkM+VhICpkWaP9fnMlQcIgr8QXvE
ZvDrAib14ZeCwyCtbONHbu4CTeVbskTX9cOfmNAnLRs2QxVACY9P98SQ/ftxMUZt
x7k0/dpAEnIviLGxHJ0+Mbn2/6zSBkVx6bmDOPF1cs0ATdaeqvA4OfUbgKKmSsNm
659y7PvDUXM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org