Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/lOVr7PrvUWQZR_4BxWbjDDI9-dU.roa
File: lOVr7PrvUWQZR_4BxWbjDDI9-dU.roa (raw, json)
Hash identifier: mVvQxUo/gFYSJzOJcKANNZWCPwf2Bj2ktJ4YDLx5CoI=
Subject key identifier: 94:E5:6B:EC:FA:EF:51:64:19:47:FE:01:C5:66:E3:0C:32:3D:F9:D5
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 0187BE6E700DF05EB4268ED60AC700DC03D8
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/lOVr7PrvUWQZR_4BxWbjDDI9-dU.roa
Signing time: Wed 26 Apr 2023 16:38:41 +0000
ROA not before: Wed 26 Apr 2023 16:38:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35600
IP address blocks: 185.56.176.0/22 maxlen: 22
91.221.92.0/23 maxlen: 24
91.221.106.0/23 maxlen: 24
194.117.246.0/23 maxlen: 23
185.48.132.0/22 maxlen: 24
2001:67c:184c::/48 maxlen: 48
2a02:5520::/32 maxlen: 32
2a00:4780::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:be:6e:70:0d:f0:5e:b4:26:8e:d6:0a:c7:00:dc:03:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Apr 26 16:38:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94e56becfaef51641947fe01c566e30c323df9d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:aa:06:e2:46:4b:fd:96:6a:6b:13:1c:b9:3c:
44:84:04:b1:73:af:be:f9:38:1b:83:55:75:8d:cc:
fd:8a:dd:2c:9d:39:63:d5:e4:88:fc:6e:f9:90:9b:
95:ba:60:61:40:a7:25:99:b3:1c:ba:1b:ea:d0:74:
22:33:45:26:d2:81:14:8f:5b:36:4b:1f:95:ce:cb:
cc:07:e8:15:47:cb:47:91:4d:80:b6:4a:0f:2d:a1:
97:10:66:21:88:ca:18:cb:13:ad:60:a7:02:ca:01:
dd:66:77:31:5b:8b:51:01:58:07:89:31:45:01:f2:
f4:48:ac:25:bb:5d:17:73:d1:57:e0:1f:76:6f:12:
d4:6a:02:89:3b:ef:99:57:eb:bf:d9:6b:38:4d:07:
a4:31:c5:fc:4f:7c:49:68:f9:36:7d:ab:ca:e5:4c:
2a:78:23:73:dd:1f:20:80:e6:52:43:11:23:70:76:
88:e0:77:cd:4d:94:43:34:ca:f8:ce:bc:32:90:7a:
71:3d:cf:0e:e9:85:c6:7d:6d:5e:82:91:6b:fa:e7:
72:27:4c:8f:dc:50:81:34:d6:ed:bc:65:f8:b1:8c:
49:79:4d:af:dd:50:ed:4d:3d:f5:2e:f0:b7:de:e0:
3c:4e:a4:52:93:d1:c9:a1:e5:25:d1:a2:12:1e:a0:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:E5:6B:EC:FA:EF:51:64:19:47:FE:01:C5:66:E3:0C:32:3D:F9:D5
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/lOVr7PrvUWQZR_4BxWbjDDI9-dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.92.0/23
91.221.106.0/23
185.48.132.0/22
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
3a:b6:7c:c4:97:3c:d5:9b:69:b3:85:f1:1b:92:53:f1:f6:05:
96:d1:cb:9f:30:59:75:74:f7:bf:3e:90:bf:ff:e1:4f:ef:f7:
e2:4c:c4:ea:e4:5d:5a:07:c2:91:be:2c:76:e7:c1:d5:14:f2:
00:c7:04:6a:00:56:73:d8:fe:1e:2d:a2:91:6b:6e:97:18:29:
c4:d0:68:01:90:cb:78:cd:ae:bb:18:84:ec:d7:ab:13:95:39:
38:a7:fb:dd:06:7b:90:2f:ed:70:4d:47:5b:02:58:fb:35:1d:
8d:2a:9f:0d:cd:63:a4:95:c8:ef:76:1d:8c:e3:96:04:a7:50:
ff:79:d9:ba:a9:02:6a:f5:63:12:a0:c5:3d:80:d9:4b:f3:c2:
f5:16:a9:22:80:77:a3:93:9d:5b:dd:cf:d9:bf:e3:b9:33:28:
70:31:32:5f:06:09:04:01:46:59:b8:6d:c7:51:4a:f4:1f:ca:
81:cc:4e:5c:17:af:32:1b:44:c9:a5:c0:3b:8f:fe:87:b9:2f:
fd:79:11:70:64:36:4a:1d:20:4c:f7:83:bb:b6:6d:d9:42:21:
bf:47:3a:29:65:5a:35:72:10:02:a9:21:ea:ee:85:7d:b1:31:
7e:d3:43:ae:a6:55:c5:31:82:ef:2c:79:e9:48:e9:66:c1:d7:
62:07:1b:71
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYe+bnAN8F60Jo7WCscA3APYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjMwNDI2MTYzODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGU1NmJlY2ZhZWY1MTY0MTk0N2ZlMDFjNTY2ZTMwYzMyM2RmOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6oG4kZL/ZZqaxMcuTxEhASxc6++
+Tgbg1V1jcz9it0snTlj1eSI/G75kJuVumBhQKclmbMcuhvq0HQiM0Um0oEUj1s2
Sx+VzsvMB+gVR8tHkU2AtkoPLaGXEGYhiMoYyxOtYKcCygHdZncxW4tRAVgHiTFF
AfL0SKwlu10Xc9FX4B92bxLUagKJO++ZV+u/2Ws4TQekMcX8T3xJaPk2favK5Uwq
eCNz3R8ggOZSQxEjcHaI4HfNTZRDNMr4zrwykHpxPc8O6YXGfW1egpFr+udyJ0yP
3FCBNNbtvGX4sYxJeU2v3VDtTT31LvC33uA8TqRSk9HJoeUl0aISHqDKaQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFJTla+z671FkGUf+AcVm4wwyPfnVMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvbE9WcjdQcnZVV1FaUl80QnhXYmpEREk5LWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAkBAIAATAeAwQBW91cAwQB
W91qAwQCuTCEAwQCuTiwAwQBwnX2MCQEAgACMB4DBwAgAQZ8GEwDBQAqAEeAAwUA
KgJVIAMFAyoOrIAwDQYJKoZIhvcNAQELBQADggEBADq2fMSXPNWbabOF8RuSU/H2
BZbRy58wWXV0978+kL//4U/v9+JMxOrkXVoHwpG+LHbnwdUU8gDHBGoAVnPY/h4t
opFrbpcYKcTQaAGQy3jNrrsYhOzXqxOVOTin+90Ge5Av7XBNR1sCWPs1HY0qnw3N
Y6SVyO92HYzjlgSnUP952bqpAmr1YxKgxT2A2UvzwvUWqSKAd6OTnVvdz9m/47kz
KHAxMl8GCQQBRlm4bcdRSvQfyoHMTlwXrzIbRMmlwDuP/oe5L/15EXBkNkodIEz3
g7u2bdlCIb9HOillWjVyEAKpIeruhX2xMX7TQ66mVcUxgu8seelI6WbB12IHG3E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:26 2024 by rpki-client on console-ams.rpki-client.org