Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/7owOhbIIGRZfiimlQVkO_r8Wo1o.roa
File: 7owOhbIIGRZfiimlQVkO_r8Wo1o.roa (raw, json)
Hash identifier: AyX3M3BfGXnzB8bSQpprMGxWcvhQd7Aleo/BsDYXKQs=
Subject key identifier: EE:8C:0E:85:B2:08:19:16:5F:8A:29:A5:41:59:0E:FE:BF:16:A3:5A
Certificate issuer: /CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Certificate serial: 01856C9CDD92ED9A4DE5B4DCF5988FAA3117
Authority key identifier: 00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/7owOhbIIGRZfiimlQVkO_r8Wo1o.roa
Signing time: Sun 01 Jan 2023 09:14:57 +0000
ROA not before: Sun 01 Jan 2023 09:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50257
IP address blocks: 195.191.4.0/24 maxlen: 24
195.191.4.0/23 maxlen: 23
195.191.5.0/24 maxlen: 24
185.99.4.0/24 maxlen: 24
185.99.5.0/24 maxlen: 24
185.99.6.0/24 maxlen: 24
185.10.172.0/24 maxlen: 24
185.10.172.0/22 maxlen: 22
185.10.172.0/23 maxlen: 23
185.10.173.0/24 maxlen: 24
185.10.174.0/23 maxlen: 23
185.10.174.0/24 maxlen: 24
185.10.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jan 2023 13:58:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:dd:92:ed:9a:4d:e5:b4:dc:f5:98:8f:aa:31:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Validity
Not Before: Jan 1 09:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee8c0e85b20819165f8a29a541590efebf16a35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3a:0f:f8:70:28:e4:3f:db:d9:77:1a:ee:52:
60:25:62:e4:c8:9b:47:a7:f2:9d:1a:db:52:d5:85:
29:8d:eb:d7:96:2d:2c:54:75:c3:bc:6e:66:e3:1a:
6f:a7:8d:b2:18:2d:e9:2a:73:46:a1:9e:93:8f:7d:
1c:89:b3:8c:95:59:7c:b9:f3:52:f4:8e:5a:75:2c:
84:af:f1:f2:e6:5f:5d:a6:e8:fd:08:11:b4:80:e6:
62:ff:71:24:87:ac:c8:8d:d4:b2:4f:06:20:b2:52:
98:68:ce:6b:4c:0a:78:86:e5:6d:1d:40:c3:72:a3:
74:71:ea:38:b1:ae:8d:af:22:01:8b:39:6d:55:30:
9b:c9:f2:af:b4:48:ed:d9:7b:31:4c:50:c2:c3:2c:
2a:0f:2e:d9:c3:ad:74:12:62:60:5a:eb:16:26:51:
48:02:38:7f:95:49:21:0c:e1:d4:a8:03:4d:19:d4:
17:50:d8:3c:95:8b:87:13:17:49:d3:f3:5e:41:ef:
79:fc:0f:07:01:b5:9d:f2:c0:a6:4a:a5:56:b7:b8:
9d:ce:bc:9b:95:4f:7f:4f:47:1e:dc:c5:4e:c0:6d:
20:41:be:87:1c:66:4a:33:7e:c5:77:a0:fd:62:37:
93:ea:8e:d1:48:bd:6e:da:88:5c:8d:8f:cc:d4:96:
a0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:8C:0E:85:B2:08:19:16:5F:8A:29:A5:41:59:0E:FE:BF:16:A3:5A
X509v3 Authority Key Identifier:
keyid:00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/7owOhbIIGRZfiimlQVkO_r8Wo1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.172.0/22
185.99.4.0-185.99.6.255
195.191.4.0/23
Signature Algorithm: sha256WithRSAEncryption
47:08:ec:2d:4d:10:8e:58:df:41:31:b1:61:a5:35:1a:ec:9c:
02:f9:de:0c:bf:2c:a2:38:2e:ab:f8:cc:a9:b9:8d:b0:89:8d:
f3:d2:15:77:1a:20:cb:f4:cc:e1:0e:2e:d9:1b:9b:94:d5:d0:
de:3c:b4:8b:6d:6a:91:b7:d7:cf:84:0a:ef:53:cc:69:c3:e5:
bc:d9:0d:af:51:01:51:af:7e:f8:be:21:00:46:4c:f9:92:5b:
09:a9:6d:0e:69:02:f0:07:69:fd:64:4a:d8:e4:f4:0c:07:c2:
08:5e:2d:50:77:c4:01:26:e3:e2:7a:26:d5:56:ad:6d:4a:93:
5e:1d:c6:33:3c:51:8e:9e:68:a6:9c:7a:f5:e4:e0:74:fb:11:
dd:38:c1:78:a1:56:2b:1f:75:46:19:48:22:c8:1a:71:12:a3:
00:29:2b:c5:5d:9f:5d:6c:ca:7f:0e:d7:e4:cc:bc:ac:f0:0e:
18:7f:5d:19:c0:22:24:28:61:75:b4:8c:31:b9:f9:7c:2a:11:
6f:81:75:1c:e7:18:86:86:93:42:6c:ad:32:62:c2:ac:a5:d6:
3f:e1:f3:20:bd:f8:bf:86:04:e1:c2:0b:ef:e2:79:63:d6:f7:
6a:67:56:37:f7:33:bc:73:33:f9:2e:1f:06:bb:5f:52:19:ed:
4e:e9:c3:1a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVsnN2S7ZpN5bTc9ZiPqjEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmM4ODY1YmMyYTA3ZTRhY2ZlYjI2M2I0ZDljZjYyNDYw
ZmQ1MjMwHhcNMjMwMTAxMDkxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZThjMGU4NWIyMDgxOTE2NWY4YTI5YTU0MTU5MGVmZWJmMTZhMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlToP+HAo5D/b2Xca7lJgJWLkyJtH
p/KdGttS1YUpjevXli0sVHXDvG5m4xpvp42yGC3pKnNGoZ6Tj30cibOMlVl8ufNS
9I5adSyEr/Hy5l9dpuj9CBG0gOZi/3Ekh6zIjdSyTwYgslKYaM5rTAp4huVtHUDD
cqN0ceo4sa6NryIBizltVTCbyfKvtEjt2XsxTFDCwywqDy7Zw610EmJgWusWJlFI
Ajh/lUkhDOHUqANNGdQXUNg8lYuHExdJ0/NeQe95/A8HAbWd8sCmSqVWt7idzryb
lU9/T0ce3MVOwG0gQb6HHGZKM37Fd6D9YjeT6o7RSL1u2ohcjY/M1JagMwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFO6MDoWyCBkWX4oppUFZDv6/FqNaMB8GA1UdIwQY
MBaAFAAsiGW8KgfkrP6yY7TZz2JGD9UjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjIt
YTYwYzIwYzhmNzE3LzEvN293T2hiSUlHUlpmaWltbFFWa09fcjhXbzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjItYTYwYzIwYzhmNzE3
LzEvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCuQqsMAwD
BAK5YwQDBAC5YwYDBAHDvwQwDQYJKoZIhvcNAQELBQADggEBAEcI7C1NEI5Y30Ex
sWGlNRrsnAL53gy/LKI4Lqv4zKm5jbCJjfPSFXcaIMv0zOEOLtkbm5TV0N48tItt
apG318+ECu9TzGnD5bzZDa9RAVGvfvi+IQBGTPmSWwmpbQ5pAvAHaf1kStjk9AwH
wgheLVB3xAEm4+J6JtVWrW1Kk14dxjM8UY6eaKacevXk4HT7Ed04wXihVisfdUYZ
SCLIGnESowApK8Vdn11syn8O1+TMvKzwDhh/XRnAIiQoYXW0jDG5+XwqEW+BdRzn
GIaGk0JsrTJiwqyl1j/h8yC9+L+GBOHCC+/ieWPW92pnVjf3M7xzM/kuHwa7X1IZ
7U7pwxo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:04 2024 by rpki-client on console-ams.rpki-client.org