Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/C1R25BfL7GT7-OvroIQ9h2E_HZA.roa
File: C1R25BfL7GT7-OvroIQ9h2E_HZA.roa (raw, json)
Hash identifier: yXvlvfIt7JZQVymUiCELSV1ZpyDTs2xqrncCEAxxxe8=
Subject key identifier: 0B:54:76:E4:17:CB:EC:64:FB:F8:EB:EB:A0:84:3D:87:61:3F:1D:90
Certificate issuer: /CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Certificate serial: 0186FFC94AF1CDC22EE08C40CD7EC70B3B98
Authority key identifier: C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/C1R25BfL7GT7-OvroIQ9h2E_HZA.roa
Signing time: Mon 20 Mar 2023 16:10:27 +0000
ROA not before: Mon 20 Mar 2023 16:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44942
IP address blocks: 92.63.224.0/20 maxlen: 22
185.114.116.0/22 maxlen: 22
185.157.216.0/22 maxlen: 22
92.246.104.0/22 maxlen: 22
92.246.108.0/22 maxlen: 22
92.246.111.0/24 maxlen: 24
92.246.108.0/24 maxlen: 24
92.246.110.0/24 maxlen: 24
92.246.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ff:c9:4a:f1:cd:c2:2e:e0:8c:40:cd:7e:c7:0b:3b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a6e22f4e23965f6c4a025c6c92efc0b662e793
Validity
Not Before: Mar 20 16:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b5476e417cbec64fbf8ebeba0843d87613f1d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:24:f4:22:18:7a:d5:ce:7c:21:e5:3e:da:20:
50:c9:c4:2a:2f:7e:fc:99:35:b6:f5:1b:25:db:e9:
51:32:05:72:8c:9f:31:7a:77:46:4f:d2:a0:a6:d3:
ed:5b:2e:58:70:1e:86:e8:61:2e:18:3c:58:c1:1c:
28:e6:ed:9a:6e:46:d4:bd:2b:7d:fb:64:cf:63:11:
dc:bf:85:fc:6a:51:30:51:e0:36:4a:24:b8:bb:11:
a9:39:00:64:83:d3:2a:c6:03:44:8f:0e:e6:04:21:
4b:ed:cc:1b:41:0e:55:b5:23:7a:e9:49:80:c9:c1:
74:79:77:69:e0:a8:a3:32:b7:b1:8f:ca:06:5d:c0:
e1:5a:f5:a8:92:3a:90:d5:13:f1:d1:d8:ed:09:6a:
26:ab:c7:54:64:63:49:ea:f3:ff:ab:90:96:84:e5:
6d:d5:c4:42:34:d7:6a:20:fd:c7:61:fe:31:b2:45:
88:a4:a6:10:e5:b3:9f:5a:b4:55:7d:12:e3:06:65:
4a:16:51:25:50:63:14:89:a4:0e:ad:dc:84:bc:61:
02:e6:fb:c5:5f:02:11:1b:b4:03:7e:de:b2:6d:a4:
f6:84:b6:68:79:a4:d9:f4:dd:cf:3e:03:a8:70:3d:
0c:be:74:82:24:4f:14:f3:9c:de:89:0f:94:69:e9:
4a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:54:76:E4:17:CB:EC:64:FB:F8:EB:EB:A0:84:3D:87:61:3F:1D:90
X509v3 Authority Key Identifier:
keyid:C6:A6:E2:2F:4E:23:96:5F:6C:4A:02:5C:6C:92:EF:C0:B6:62:E7:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqbiL04jll9sSgJcbJLvwLZi55M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/C1R25BfL7GT7-OvroIQ9h2E_HZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d334ed-36bd-4170-b4d6-06af6dba34f7/1/xqbiL04jll9sSgJcbJLvwLZi55M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.63.224.0/20
92.246.104.0/21
185.114.116.0/22
185.157.216.0/22
Signature Algorithm: sha256WithRSAEncryption
13:a2:c0:45:8e:bc:b1:36:97:54:25:8f:d7:bb:af:45:cb:e3:
d5:c1:c7:9c:21:81:32:21:16:90:8d:17:d3:aa:28:cd:9a:c0:
7c:03:77:41:41:fb:69:72:20:f4:1a:f4:34:52:c1:5c:43:aa:
8a:c1:3f:c6:62:98:7f:ab:3c:f9:73:89:45:72:71:1c:a6:c0:
79:34:a8:d7:2b:45:23:24:08:07:c8:b9:60:3b:82:20:64:55:
20:40:9e:74:8a:7f:cc:aa:17:9e:8c:9d:f1:ea:10:7b:a9:25:
01:69:00:c8:b3:97:d9:3a:27:14:87:97:65:ac:c0:b0:ef:0d:
b0:9f:2f:03:4a:24:c7:37:a2:14:dd:72:3c:3c:b3:30:25:74:
26:f6:e2:0a:53:b9:7c:7b:ef:0b:76:36:fd:d4:de:10:1b:45:
34:88:87:62:c4:16:8c:5d:5b:5e:98:a5:6c:2e:64:2f:53:8c:
a1:b1:db:b9:c1:77:69:73:bd:c0:eb:88:2f:eb:c2:4f:d9:0a:
ba:27:35:33:31:32:2c:c2:55:22:e3:24:6d:e3:a0:4e:b6:79:
99:e4:2e:5a:26:fa:90:3d:bd:54:d1:e8:c2:e0:e7:29:4e:a1:
f9:32:34:5a:0c:cb:3d:06:dd:88:39:d3:cd:ac:8f:27:91:23:
8e:ca:50:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYb/yUrxzcIu4IxAzX7HCzuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTZlMjJmNGUyMzk2NWY2YzRhMDI1YzZjOTJlZmMwYjY2
MmU3OTMwHhcNMjMwMzIwMTYxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjU0NzZlNDE3Y2JlYzY0ZmJmOGViZWJhMDg0M2Q4NzYxM2YxZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlST0Ihh61c58IeU+2iBQycQqL378
mTW29Rsl2+lRMgVyjJ8xendGT9KgptPtWy5YcB6G6GEuGDxYwRwo5u2abkbUvSt9
+2TPYxHcv4X8alEwUeA2SiS4uxGpOQBkg9MqxgNEjw7mBCFL7cwbQQ5VtSN66UmA
ycF0eXdp4KijMrexj8oGXcDhWvWokjqQ1RPx0djtCWomq8dUZGNJ6vP/q5CWhOVt
1cRCNNdqIP3HYf4xskWIpKYQ5bOfWrRVfRLjBmVKFlElUGMUiaQOrdyEvGEC5vvF
XwIRG7QDft6ybaT2hLZoeaTZ9N3PPgOocD0MvnSCJE8U85zeiQ+UaelKCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAtUduQXy+xk+/jr66CEPYdhPx2QMB8GA1UdIwQY
MBaAFMam4i9OI5ZfbEoCXGyS78C2YueTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYt
MDZhZjZkYmEzNGY3LzEvQzFSMjVCZkw3R1Q3LU92cm9JUTloMkVfSFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMzM0ZWQtMzZiZC00MTcwLWI0ZDYtMDZhZjZkYmEzNGY3
LzEveHFiaUwwNGpsbDlzU2dKY2JKTHZ3TFppNTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXD/gAwQD
XPZoAwQCuXJ0AwQCuZ3YMA0GCSqGSIb3DQEBCwUAA4IBAQATosBFjryxNpdUJY/X
u69Fy+PVwcecIYEyIRaQjRfTqijNmsB8A3dBQftpciD0GvQ0UsFcQ6qKwT/GYph/
qzz5c4lFcnEcpsB5NKjXK0UjJAgHyLlgO4IgZFUgQJ50in/MqheejJ3x6hB7qSUB
aQDIs5fZOicUh5dlrMCw7w2wny8DSiTHN6IU3XI8PLMwJXQm9uIKU7l8e+8Ldjb9
1N4QG0U0iIdixBaMXVtemKVsLmQvU4yhsdu5wXdpc73A64gv68JP2Qq6JzUzMTIs
wlUi4yRt46BOtnmZ5C5aJvqQPb1U0ejC4OcpTqH5MjRaDMs9Bt2IOdPNrI8nkSOO
ylCx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:01 2024 by rpki-client on console-fra.rpki-client.org