Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/eJy5-b3JyEVquZn506FNzARu1e4.roa
File: eJy5-b3JyEVquZn506FNzARu1e4.roa (raw, json)
Hash identifier: BnrI+ZVfl58eZapjGknnPmad12yFf+4IA4uiawFEj0E=
Subject key identifier: 78:9C:B9:F9:BD:C9:C8:45:6A:B9:99:F9:D3:A1:4D:CC:04:6E:D5:EE
Certificate issuer: /CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Certificate serial: 018570152E77B3100D55927E492949514BA3
Authority key identifier: 0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/eJy5-b3JyEVquZn506FNzARu1e4.roa
Signing time: Mon 02 Jan 2023 01:25:14 +0000
ROA not before: Mon 02 Jan 2023 01:25:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39464
IP address blocks: 185.160.92.0/22 maxlen: 22
91.196.44.0/22 maxlen: 22
193.84.185.0/24 maxlen: 24
195.74.71.0/24 maxlen: 24
185.189.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:2e:77:b3:10:0d:55:92:7e:49:29:49:51:4b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2ce64c3e65a8202a7c1b1b20ca11e45ae6d58c
Validity
Not Before: Jan 2 01:25:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=789cb9f9bdc9c8456ab999f9d3a14dcc046ed5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:09:4d:4a:63:08:09:16:90:da:8a:7e:86:1a:
52:00:b7:69:69:ac:a1:e8:3a:bc:56:4d:98:99:a3:
1b:f6:4b:0f:49:45:06:73:57:11:f6:bf:ca:0f:e9:
b2:00:9f:51:c3:70:75:54:f9:30:0f:06:aa:b5:a8:
d8:49:ee:46:bb:17:1e:3a:95:70:a3:9f:93:c5:21:
9a:82:80:1f:52:01:af:48:41:77:9c:95:55:bf:47:
75:6e:72:a8:ff:34:ec:2a:91:64:37:77:b1:5b:13:
2a:ae:6c:60:ea:ea:d8:ba:15:62:fe:81:a1:8b:b4:
11:55:d0:4b:2d:02:91:7f:70:52:b2:19:af:d8:cb:
e6:5d:c8:85:a9:45:99:d2:c1:6c:12:8e:06:b8:3e:
f3:67:79:5b:c5:1c:18:29:93:c7:d2:b5:89:e6:59:
2e:ca:87:83:28:c1:89:dc:f4:25:6f:a2:78:f7:a6:
c0:1d:6d:61:7b:e8:b3:9d:c2:2b:b2:c9:bb:70:1c:
66:a7:af:13:4c:51:2b:13:6a:ce:86:06:b4:3b:a4:
43:b4:b4:90:fd:ae:7b:91:46:a9:31:ab:a2:3b:10:
ce:0c:46:08:8b:f7:1d:5d:21:b0:c4:dd:47:c6:ef:
48:60:cc:af:53:07:9a:6d:31:9a:37:d4:17:d9:57:
1b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:9C:B9:F9:BD:C9:C8:45:6A:B9:99:F9:D3:A1:4D:CC:04:6E:D5:EE
X509v3 Authority Key Identifier:
keyid:0C:2C:E6:4C:3E:65:A8:20:2A:7C:1B:1B:20:CA:11:E4:5A:E6:D5:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/eJy5-b3JyEVquZn506FNzARu1e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/8a00c2-bb87-40a7-b1e9-5c4b76f48d50/1/DCzmTD5lqCAqfBsbIMoR5Frm1Yw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.44.0/22
185.160.92.0/22
185.189.168.0/22
193.84.185.0/24
195.74.71.0/24
Signature Algorithm: sha256WithRSAEncryption
91:61:e1:aa:ef:72:0c:de:82:67:bc:d7:4c:ce:bf:c1:53:46:
fd:6a:18:4d:eb:f4:32:06:5f:cc:e8:93:5f:21:c1:43:7e:9e:
fd:e1:ab:8d:06:68:69:50:d4:bf:24:d6:82:36:68:65:2e:a8:
08:40:17:9b:fb:a6:33:70:92:eb:ed:69:35:82:70:b5:d8:5f:
c9:53:b2:88:c6:33:20:71:c6:71:09:b2:8b:41:94:07:aa:76:
7f:97:87:4f:c6:55:94:9e:fc:6f:fb:5c:31:c5:83:28:71:60:
95:d6:93:10:b2:bc:54:8d:1d:c7:68:0e:46:8f:68:d2:fb:64:
0b:a7:32:6f:42:e2:4c:86:19:1d:d3:38:14:dc:c9:6f:2f:fa:
8e:0d:5a:ee:df:56:2f:f4:d5:f5:91:d7:23:48:0e:0f:26:3d:
ef:63:55:50:19:48:71:ed:ff:70:b8:ef:4c:96:92:de:9e:2e:
eb:92:ea:9c:68:85:49:d7:de:b1:97:d3:13:63:0c:cd:08:b2:
6f:4c:98:46:af:3f:bf:e2:89:41:0a:46:3a:9c:98:88:a4:b9:
9b:b5:22:33:93:a0:dc:c5:93:9d:c6:5c:57:7e:be:99:70:de:
0c:a0:6b:d9:2f:da:d5:4e:b0:df:ea:8e:9f:93:4c:57:5c:d0:
70:d3:15:5f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVwFS53sxANVZJ+SSlJUUujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMmNlNjRjM2U2NWE4MjAyYTdjMWIxYjIwY2ExMWU0NWFl
NmQ1OGMwHhcNMjMwMTAyMDEyNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODljYjlmOWJkYzljODQ1NmFiOTk5ZjlkM2ExNGRjYzA0NmVkNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAlNSmMICRaQ2op+hhpSALdpaayh
6Dq8Vk2YmaMb9ksPSUUGc1cR9r/KD+myAJ9Rw3B1VPkwDwaqtajYSe5GuxceOpVw
o5+TxSGagoAfUgGvSEF3nJVVv0d1bnKo/zTsKpFkN3exWxMqrmxg6urYuhVi/oGh
i7QRVdBLLQKRf3BSshmv2MvmXciFqUWZ0sFsEo4GuD7zZ3lbxRwYKZPH0rWJ5lku
yoeDKMGJ3PQlb6J496bAHW1he+izncIrssm7cBxmp68TTFErE2rOhga0O6RDtLSQ
/a57kUapMauiOxDODEYIi/cdXSGwxN1Hxu9IYMyvUweabTGaN9QX2VcbmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHicufm9ychFarmZ+dOhTcwEbtXuMB8GA1UdIwQY
MBaAFAws5kw+ZaggKnwbGyDKEeRa5tWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTkt
NWM0Yjc2ZjQ4ZDUwLzEvZUp5NS1iM0p5RVZxdVpuNTA2Rk56QVJ1MWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84YTAwYzItYmI4Ny00MGE3LWIxZTktNWM0Yjc2ZjQ4ZDUw
LzEvREN6bVRENWxxQ0FxZkJzYklNb1I1RnJtMVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8QsAwQC
uaBcAwQCub2oAwQAwVS5AwQAw0pHMA0GCSqGSIb3DQEBCwUAA4IBAQCRYeGq73IM
3oJnvNdMzr/BU0b9ahhN6/QyBl/M6JNfIcFDfp794auNBmhpUNS/JNaCNmhlLqgI
QBeb+6YzcJLr7Wk1gnC12F/JU7KIxjMgccZxCbKLQZQHqnZ/l4dPxlWUnvxv+1wx
xYMocWCV1pMQsrxUjR3HaA5Gj2jS+2QLpzJvQuJMhhkd0zgU3MlvL/qODVru31Yv
9NX1kdcjSA4PJj3vY1VQGUhx7f9wuO9MlpLeni7rkuqcaIVJ196xl9MTYwzNCLJv
TJhGrz+/4olBCkY6nJiIpLmbtSIzk6DcxZOdxlxXfr6ZcN4MoGvZL9rVTrDf6o6f
k0xXXNBw0xVf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:18 2024 by rpki-client on console-ams.rpki-client.org