Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Ym0W5olgrQD-YfF6lcSx9U1LXvQ.roa
File: Ym0W5olgrQD-YfF6lcSx9U1LXvQ.roa (raw, json)
Hash identifier: 2OdWW1ORjGrpQh7+x7RyUkO5krzeBcsZW4otJON/6Dw=
Subject key identifier: 62:6D:16:E6:89:60:AD:00:FE:61:F1:7A:95:C4:B1:F5:4D:4B:5E:F4
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737AB908BD83C965824E5453F3A57B82
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Ym0W5olgrQD-YfF6lcSx9U1LXvQ.roa
Signing time: Mon 02 Jan 2023 17:15:00 +0000
ROA not before: Mon 02 Jan 2023 17:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3348
IP address blocks: 193.0.164.0/23 maxlen: 24
93.92.224.0/22 maxlen: 24
185.81.132.0/22 maxlen: 24
185.119.236.0/22 maxlen: 24
85.117.244.0/22 maxlen: 24
45.144.12.0/22 maxlen: 24
188.208.20.0/22 maxlen: 24
93.187.132.0/22 maxlen: 24
193.0.146.0/23 maxlen: 24
2a06:8840::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:b9:08:bd:83:c9:65:82:4e:54:53:f3:a5:7b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=626d16e68960ad00fe61f17a95c4b1f54d4b5ef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:79:c8:41:90:25:88:ec:89:1b:bb:61:4b:e8:
b1:d4:b4:72:00:06:87:54:3c:8d:01:c9:f2:a3:d9:
f0:66:9d:75:79:b1:02:5f:3f:5f:74:ca:26:ba:9b:
b8:dd:69:d1:d2:3b:b4:04:8f:9d:f3:3f:b5:72:94:
a2:1a:1e:00:d5:61:a5:3a:72:27:9f:96:4f:40:bd:
e8:69:eb:2c:ac:7e:03:48:94:1c:c3:f8:8b:36:a8:
65:41:07:d4:58:1a:a2:bf:6f:3f:96:4c:e7:95:bc:
56:95:63:c7:44:0a:9c:ac:84:76:ff:29:41:c8:c0:
98:0a:fc:69:b1:60:ce:04:38:b5:18:f3:46:95:ea:
ec:10:0a:4f:00:a5:1b:e2:c6:fb:ad:1f:25:aa:b9:
82:13:b7:cb:b4:ab:b9:85:22:10:ca:c6:ba:b8:07:
e2:16:e8:d6:7c:59:fe:54:c6:b8:e1:f4:3d:e4:df:
ce:53:f4:47:f2:ff:a2:b3:55:82:92:12:1c:4b:a7:
0b:c1:d8:d5:0f:50:ca:8b:1b:3a:c4:47:5e:23:65:
12:dc:f6:f1:31:8c:d0:d3:2f:c9:30:c5:db:27:0b:
14:8c:33:4d:db:39:86:00:d4:9c:71:bc:8c:c1:9d:
24:18:89:b0:ee:44:97:03:b2:6c:78:cb:06:4c:ca:
ec:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6D:16:E6:89:60:AD:00:FE:61:F1:7A:95:C4:B1:F5:4D:4B:5E:F4
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/Ym0W5olgrQD-YfF6lcSx9U1LXvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.12.0/22
85.117.244.0/22
93.92.224.0/22
93.187.132.0/22
185.81.132.0/22
185.119.236.0/22
188.208.20.0/22
193.0.146.0/23
193.0.164.0/23
IPv6:
2a06:8840::/29
Signature Algorithm: sha256WithRSAEncryption
b5:2e:ac:c3:05:18:0a:83:ac:9e:b6:e3:89:50:9c:7f:96:6d:
a6:34:9d:08:ab:8d:81:3f:e2:e2:c5:f8:89:45:34:6d:6a:f4:
38:77:d3:af:73:af:79:c0:8e:01:e8:9c:44:60:e0:0c:7b:28:
70:2b:4b:ab:e0:d8:5b:3b:66:eb:4f:ba:a0:ab:95:e5:26:3e:
58:c5:17:08:c1:59:9b:41:82:53:87:a1:5d:e7:93:34:3c:69:
5a:fb:d0:1c:0a:d2:1d:0a:14:af:45:a1:19:67:fc:dd:c0:13:
2b:67:e4:34:32:c0:b6:f4:30:4d:d0:d9:40:13:81:c4:36:fa:
80:e3:d9:19:54:5c:a1:cb:e4:fe:4a:2c:d9:97:a3:e5:d9:d9:
48:66:b7:93:6e:49:40:4d:53:d2:e5:3a:35:f8:92:3d:d7:c0:
77:56:07:25:0c:67:42:2c:db:5c:43:5a:3f:f1:80:82:61:71:
46:a3:71:b8:68:eb:79:96:c8:e4:65:83:86:2b:36:7e:a8:5d:
67:e0:46:2d:9a:04:1a:c8:93:60:02:1c:16:94:c2:66:19:2f:
e1:a4:7d:d4:e4:97:36:7f:66:97:30:ef:61:1c:61:6a:c9:a5:
8b:f9:7f:38:85:5c:c9:01:f6:74:bf:8e:20:a5:9e:79:f3:a0:
16:a7:c2:77
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVzerkIvYPJZYJOVFPzpXuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZkMTZlNjg5NjBhZDAwZmU2MWYxN2E5NWM0YjFmNTRkNGI1ZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXnIQZAliOyJG7thS+ix1LRyAAaH
VDyNAcnyo9nwZp11ebECXz9fdMomupu43WnR0ju0BI+d8z+1cpSiGh4A1WGlOnIn
n5ZPQL3oaessrH4DSJQcw/iLNqhlQQfUWBqiv28/lkznlbxWlWPHRAqcrIR2/ylB
yMCYCvxpsWDOBDi1GPNGlersEApPAKUb4sb7rR8lqrmCE7fLtKu5hSIQysa6uAfi
FujWfFn+VMa44fQ95N/OU/RH8v+is1WCkhIcS6cLwdjVD1DKixs6xEdeI2US3Pbx
MYzQ0y/JMMXbJwsUjDNN2zmGANSccbyMwZ0kGImw7kSXA7JseMsGTMrs0QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGJtFuaJYK0A/mHxepXEsfVNS170MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvWW0wVzVvbGdyUUQtWWZGNmxjU3g5VTFMWHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLZAMAwQC
VXX0AwQCXVzgAwQCXbuEAwQCuVGEAwQCuXfsAwQCvNAUAwQBwQCSAwQBwQCkMA0E
AgACMAcDBQMqBohAMA0GCSqGSIb3DQEBCwUAA4IBAQC1LqzDBRgKg6yetuOJUJx/
lm2mNJ0Iq42BP+LixfiJRTRtavQ4d9Ovc695wI4B6JxEYOAMeyhwK0ur4NhbO2br
T7qgq5XlJj5YxRcIwVmbQYJTh6Fd55M0PGla+9AcCtIdChSvRaEZZ/zdwBMrZ+Q0
MsC29DBN0NlAE4HENvqA49kZVFyhy+T+SizZl6Pl2dlIZreTbklATVPS5To1+JI9
18B3VgclDGdCLNtcQ1o/8YCCYXFGo3G4aOt5lsjkZYOGKzZ+qF1n4EYtmgQayJNg
AhwWlMJmGS/hpH3U5Jc2f2aXMO9hHGFqyaWL+X84hVzJAfZ0v44gpZ5586AWp8J3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org