Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/u9UEXNrykkRU6CDvkt8ebFHlBzA.roa
File: u9UEXNrykkRU6CDvkt8ebFHlBzA.roa (raw, json)
Hash identifier: d0QXHatC5ENtHU2AbCiYaclk57wi2M1sy56OWYSvGEM=
Subject key identifier: BB:D5:04:5C:DA:F2:92:44:54:E8:20:EF:92:DF:1E:6C:51:E5:07:30
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 018B81E5B1CE2B34B87C57526B1CFD139F7E
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/u9UEXNrykkRU6CDvkt8ebFHlBzA.roa
Signing time: Mon 30 Oct 2023 18:43:15 +0000
ROA not before: Mon 30 Oct 2023 18:43:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7393
IP address blocks: 193.201.13.0/24 maxlen: 24
193.3.171.0/24 maxlen: 24
188.244.127.0/24 maxlen: 24
185.249.55.0/24 maxlen: 24
80.71.151.0/24 maxlen: 24
62.204.59.0/24 maxlen: 24
5.172.176.0/24 maxlen: 24
89.107.8.0/24 maxlen: 24
185.235.224.0/24 maxlen: 24
195.225.97.0/24 maxlen: 24
91.247.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Nov 2023 14:56:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:e5:b1:ce:2b:34:b8:7c:57:52:6b:1c:fd:13:9f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Oct 30 18:43:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbd5045cdaf2924454e820ef92df1e6c51e50730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f6:fd:74:96:1a:43:bc:9e:1b:eb:49:ed:e8:
3e:97:67:51:18:9a:1a:51:24:cc:46:9c:75:cc:dc:
98:21:76:e6:80:7c:6f:d3:0c:14:bf:1b:67:70:38:
d2:fc:77:b6:5f:1e:d3:9c:d7:c2:e7:30:42:2c:7c:
a8:c3:f0:63:62:57:9b:28:0e:0b:25:89:eb:a6:6a:
20:2e:c6:89:23:a2:dd:d8:8b:89:52:70:7b:4e:e2:
8c:34:76:a6:e2:d5:3b:42:81:b4:27:7b:4e:4f:19:
8d:df:f3:cf:a5:58:cd:81:ff:44:b7:8a:b2:1e:2d:
11:c6:02:0a:a1:56:97:f9:f9:b2:18:79:2d:89:29:
36:23:43:ff:6b:70:81:2b:0b:9d:47:8c:c1:5f:17:
82:44:ba:34:f5:27:47:1d:fc:fd:79:cb:e7:36:61:
48:5e:dd:e1:17:cf:70:41:c4:b8:f2:fe:ff:c4:76:
a6:29:6a:46:fb:3f:b3:91:97:e5:d7:cf:a9:30:0f:
5f:2a:b8:9b:bb:c0:f2:c6:61:7e:76:8f:aa:3b:d5:
24:d5:02:5b:71:c8:60:15:07:43:ff:d3:54:fc:9d:
11:03:cb:fd:0f:7b:8d:58:e0:00:00:91:7d:fb:6c:
24:61:e3:59:72:3f:23:cf:14:08:5e:b6:65:f4:7f:
07:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D5:04:5C:DA:F2:92:44:54:E8:20:EF:92:DF:1E:6C:51:E5:07:30
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/u9UEXNrykkRU6CDvkt8ebFHlBzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.176.0/24
62.204.59.0/24
80.71.151.0/24
89.107.8.0/24
91.247.191.0/24
185.235.224.0/24
185.249.55.0/24
188.244.127.0/24
193.3.171.0/24
193.201.13.0/24
195.225.97.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:30:70:fb:b3:84:d2:29:aa:d4:f8:bb:37:a4:d2:70:8d:6c:
18:ae:4f:bc:fc:07:80:29:80:1f:d8:b6:af:b2:21:d4:ad:47:
2d:58:56:e2:4c:2c:f5:56:46:f9:7c:eb:25:f8:25:bb:36:50:
be:32:71:69:cd:5e:db:72:8e:98:04:21:2d:ad:1f:f9:ae:00:
64:49:2a:5e:ab:63:ba:6b:57:95:b2:34:61:ba:93:ac:b2:78:
24:6d:d4:68:7e:23:88:4a:22:ee:b6:2a:47:6c:a5:0a:47:68:
e2:f5:ad:68:02:56:48:f2:8d:f7:98:5f:8d:cc:fe:57:6b:25:
f4:4e:5a:c4:26:72:5a:f2:a6:a1:c8:19:7c:30:11:2f:bd:5f:
90:36:7c:ec:c1:7f:a4:c2:46:2c:b4:da:51:0d:0e:8d:d8:62:
18:68:7b:16:91:25:8a:e3:84:a8:f1:57:f7:f6:fc:da:e7:36:
69:3c:f2:8f:06:b6:28:c7:2f:d8:a8:c2:11:5c:73:2b:58:78:
65:f8:5d:79:23:4d:3d:f2:96:8d:5a:85:dc:ab:a4:1b:6e:da:
a0:08:6a:ce:ab:c0:33:4c:f8:98:d4:0d:1f:d8:cb:b1:8e:5f:
7a:ab:df:11:ff:8e:e0:ed:3b:70:7a:96:26:bb:20:e0:1a:21:
2c:bf:3e:6a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYuB5bHOKzS4fFdSaxz9E59+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjMxMDMwMTg0MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ1MDQ1Y2RhZjI5MjQ0NTRlODIwZWY5MmRmMWU2YzUxZTUwNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/b9dJYaQ7yeG+tJ7eg+l2dRGJoa
USTMRpx1zNyYIXbmgHxv0wwUvxtncDjS/He2Xx7TnNfC5zBCLHyow/BjYlebKA4L
JYnrpmogLsaJI6Ld2IuJUnB7TuKMNHam4tU7QoG0J3tOTxmN3/PPpVjNgf9Et4qy
Hi0RxgIKoVaX+fmyGHktiSk2I0P/a3CBKwudR4zBXxeCRLo09SdHHfz9ecvnNmFI
Xt3hF89wQcS48v7/xHamKWpG+z+zkZfl18+pMA9fKribu8DyxmF+do+qO9Uk1QJb
cchgFQdD/9NU/J0RA8v9D3uNWOAAAJF9+2wkYeNZcj8jzxQIXrZl9H8H2wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLvVBFza8pJEVOgg75LfHmxR5QcwMB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvdTlVRVhOcnlra1JVNkNEdmt0OGViRkhsQnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABaywAwQA
Psw7AwQAUEeXAwQAWWsIAwQAW/e/AwQAuevgAwQAufk3AwQAvPR/AwQAwQOrAwQA
wckNAwQAw+FhMA0GCSqGSIb3DQEBCwUAA4IBAQBMMHD7s4TSKarU+Ls3pNJwjWwY
rk+8/AeAKYAf2LavsiHUrUctWFbiTCz1Vkb5fOsl+CW7NlC+MnFpzV7bco6YBCEt
rR/5rgBkSSpeq2O6a1eVsjRhupOssngkbdRofiOISiLutipHbKUKR2ji9a1oAlZI
8o33mF+NzP5XayX0TlrEJnJa8qahyBl8MBEvvV+QNnzswX+kwkYstNpRDQ6N2GIY
aHsWkSWK44So8Vf39vza5zZpPPKPBrYoxy/YqMIRXHMrWHhl+F15I0098paNWoXc
q6QbbtqgCGrOq8AzTPiY1A0f2Muxjl96q98R/47g7TtwepYmuyDgGiEsvz5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org