Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/AuX3ZGE5P-vL4re3msEvaa_fPW4.roa
File: AuX3ZGE5P-vL4re3msEvaa_fPW4.roa (raw, json)
Hash identifier: Er8ZL/9tTTx9TscLIcZLrLGWFkQZxSrCa+LkHPM+q/I=
Subject key identifier: 02:E5:F7:64:61:39:3F:EB:CB:E2:B7:B7:9A:C1:2F:69:AF:DF:3D:6E
Certificate issuer: /CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Certificate serial: 0187008FF5E5ACF32A2256BA1CC34C32791A
Authority key identifier: BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/AuX3ZGE5P-vL4re3msEvaa_fPW4.roa
Signing time: Mon 20 Mar 2023 19:47:27 +0000
ROA not before: Mon 20 Mar 2023 19:47:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43463
IP address blocks: 185.244.251.0/24 maxlen: 24
185.244.250.0/24 maxlen: 24
185.244.249.0/24 maxlen: 24
91.224.93.0/24 maxlen: 24
193.46.83.0/24 maxlen: 24
185.36.80.0/24 maxlen: 24
185.36.83.0/24 maxlen: 24
185.36.82.0/24 maxlen: 24
185.255.192.0/22 maxlen: 22
2a00:ea60:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:00:8f:f5:e5:ac:f3:2a:22:56:ba:1c:c3:4c:32:79:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be49fb190f4bd0f5815a8e579f366ad58d5d41f9
Validity
Not Before: Mar 20 19:47:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02e5f76461393febcbe2b7b79ac12f69afdf3d6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a7:47:8a:f5:47:d1:82:94:59:28:bf:20:9b:
36:01:50:b9:45:21:04:fe:85:f5:54:72:54:f2:6c:
3d:57:46:50:76:19:cc:c6:46:12:26:9d:d8:8b:05:
0c:c8:9c:17:b6:1e:c6:35:30:2a:83:47:d5:08:a3:
0f:32:a8:ac:94:bc:1f:e4:54:c4:a4:9b:23:54:38:
39:65:39:55:5a:15:54:d5:d4:89:8b:61:78:69:fd:
3c:0a:6c:5f:4a:53:47:8f:3a:24:40:25:4c:a3:47:
cb:d6:71:42:56:9a:a1:0c:4d:9e:a5:ea:ea:61:04:
f7:b0:d0:8f:54:6b:5e:bc:95:80:97:9e:5a:7b:3f:
0c:05:34:17:89:fa:a5:c4:f7:6c:16:7e:28:f6:51:
d9:ff:50:f7:97:a9:bf:54:04:25:0e:7f:30:02:09:
5f:17:8d:0d:44:dd:01:20:ad:47:1a:c5:68:03:39:
c4:a8:66:aa:19:c3:0f:a0:06:0c:0d:0a:98:73:8d:
90:f1:7c:4c:10:46:1b:fa:0f:28:3a:0d:12:f6:34:
c7:23:de:6d:4c:67:f6:70:9f:40:20:10:d0:b2:e3:
7f:83:ba:7d:65:6f:7a:f3:50:a4:76:9d:33:9d:51:
36:02:a5:82:16:f9:c3:c9:98:45:57:0f:5e:a4:74:
b7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:E5:F7:64:61:39:3F:EB:CB:E2:B7:B7:9A:C1:2F:69:AF:DF:3D:6E
X509v3 Authority Key Identifier:
keyid:BE:49:FB:19:0F:4B:D0:F5:81:5A:8E:57:9F:36:6A:D5:8D:5D:41:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/AuX3ZGE5P-vL4re3msEvaa_fPW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bd0d13-e983-4ff9-b507-5e656f1b4876/1/vkn7GQ9L0PWBWo5XnzZq1Y1dQfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.93.0/24
185.36.80.0/24
185.36.82.0/23
185.244.249.0-185.244.251.255
185.255.192.0/22
193.46.83.0/24
IPv6:
2a00:ea60:200::/40
Signature Algorithm: sha256WithRSAEncryption
a3:15:96:7a:06:a6:27:57:05:55:06:be:bd:1a:cf:f8:ea:4b:
f8:a6:27:be:2e:f1:bb:e4:2b:2f:9e:8e:85:85:0c:0e:4f:f2:
21:1c:d7:d0:3b:ec:b9:61:c7:70:97:51:4a:98:f9:03:a3:6d:
c0:55:62:1a:8d:e4:b0:9b:d8:16:33:d2:55:2e:10:53:d8:87:
20:23:83:b8:e0:00:12:ab:db:fc:16:69:c5:89:82:62:ca:0b:
e7:5d:1f:ab:ac:f0:9d:8a:76:ce:55:f7:91:00:b7:6e:81:5c:
66:60:52:ec:cf:51:35:e4:97:fc:33:73:af:36:44:03:db:09:
fc:00:9a:d1:50:89:25:2f:4c:61:ae:9b:fa:8b:36:a6:fe:df:
f0:8a:16:96:01:a9:42:5c:d8:3c:a4:0f:18:57:c4:07:b2:e5:
28:36:29:7f:79:14:03:fa:05:f8:a9:25:d4:fc:6d:cd:c7:c5:
91:f1:00:45:19:d8:06:23:36:fa:ff:7c:66:e4:47:d3:eb:76:
1f:41:4e:08:3f:5b:de:11:25:fe:f4:7f:0d:dc:af:69:b9:51:
94:4f:a5:d2:46:7b:4e:1f:69:f7:3d:4d:ff:40:d1:3b:71:43:
37:b6:c5:94:2f:0b:fb:69:8b:95:99:59:1d:8b:d6:67:47:46:
b0:57:8b:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYcAj/XlrPMqIla6HMNMMnkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNDlmYjE5MGY0YmQwZjU4MTVhOGU1NzlmMzY2YWQ1OGQ1
ZDQxZjkwHhcNMjMwMzIwMTk0NzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmU1Zjc2NDYxMzkzZmViY2JlMmI3Yjc5YWMxMmY2OWFmZGYzZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqdHivVH0YKUWSi/IJs2AVC5RSEE
/oX1VHJU8mw9V0ZQdhnMxkYSJp3YiwUMyJwXth7GNTAqg0fVCKMPMqislLwf5FTE
pJsjVDg5ZTlVWhVU1dSJi2F4af08CmxfSlNHjzokQCVMo0fL1nFCVpqhDE2eperq
YQT3sNCPVGtevJWAl55aez8MBTQXifqlxPdsFn4o9lHZ/1D3l6m/VAQlDn8wAglf
F40NRN0BIK1HGsVoAznEqGaqGcMPoAYMDQqYc42Q8XxMEEYb+g8oOg0S9jTHI95t
TGf2cJ9AIBDQsuN/g7p9ZW9681Ckdp0znVE2AqWCFvnDyZhFVw9epHS3+wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFALl92RhOT/ry+K3t5rBL2mv3z1uMB8GA1UdIwQY
MBaAFL5J+xkPS9D1gVqOV582atWNXUH5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDct
NWU2NTZmMWI0ODc2LzEvQXVYM1pHRTVQLXZMNHJlM21zRXZhYV9mUFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZDBkMTMtZTk4My00ZmY5LWI1MDctNWU2NTZmMWI0ODc2
LzEvdmtuN0dROUwwUFdCV281WG56WnExWTFkUWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAyBAIAATAsAwQAW+BdAwQA
uSRQAwQBuSRSMAwDBAC59PkDBAK59PgDBAK5/8ADBADBLlMwDgQCAAIwCAMGACoA
6mACMA0GCSqGSIb3DQEBCwUAA4IBAQCjFZZ6BqYnVwVVBr69Gs/46kv4pie+LvG7
5Csvno6FhQwOT/IhHNfQO+y5Ycdwl1FKmPkDo23AVWIajeSwm9gWM9JVLhBT2Icg
I4O44AASq9v8FmnFiYJiygvnXR+rrPCdinbOVfeRALdugVxmYFLsz1E15Jf8M3Ov
NkQD2wn8AJrRUIklL0xhrpv6izam/t/wihaWAalCXNg8pA8YV8QHsuUoNil/eRQD
+gX4qSXU/G3Nx8WR8QBFGdgGIzb6/3xm5EfT63YfQU4IP1veESX+9H8N3K9puVGU
T6XSRntOH2n3PU3/QNE7cUM3tsWULwv7aYuVmVkdi9ZnR0awV4td
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org