Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/IYnB2AiUw2KaKWSpwle6Auy4vbI.roa
File: IYnB2AiUw2KaKWSpwle6Auy4vbI.roa (raw, json)
Hash identifier: rUmjtaDsF4mm8yYOxXfyCOUHkdieBFFrBJl+tv9dveo=
Subject key identifier: 21:89:C1:D8:08:94:C3:62:9A:29:64:A9:C2:57:BA:02:EC:B8:BD:B2
Certificate issuer: /CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Certificate serial: 01884CEC73D8D6CD269587C3CDB9F543A41E
Authority key identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/IYnB2AiUw2KaKWSpwle6Auy4vbI.roa
Signing time: Wed 24 May 2023 08:42:24 +0000
ROA not before: Wed 24 May 2023 08:42:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 147.189.175.0/24 maxlen: 24
147.189.174.0/24 maxlen: 24
147.189.173.0/24 maxlen: 24
147.189.171.0/24 maxlen: 24
147.189.172.0/24 maxlen: 24
147.189.168.0/24 maxlen: 24
147.189.170.0/24 maxlen: 24
147.189.169.0/24 maxlen: 24
193.23.127.0/24 maxlen: 24
193.23.126.0/24 maxlen: 24
194.156.88.0/24 maxlen: 24
194.156.90.0/24 maxlen: 24
194.156.91.0/24 maxlen: 24
88.214.58.0/24 maxlen: 24
88.214.57.0/24 maxlen: 24
88.214.56.0/24 maxlen: 24
5.249.161.0/24 maxlen: 24
5.249.160.0/24 maxlen: 24
5.249.163.0/24 maxlen: 24
5.249.162.0/24 maxlen: 24
5.249.164.0/24 maxlen: 24
92.42.44.0/24 maxlen: 24
92.42.44.0/22 maxlen: 22
193.23.160.0/24 maxlen: 24
193.23.161.0/24 maxlen: 24
92.42.46.0/24 maxlen: 24
92.42.45.0/24 maxlen: 24
92.42.47.0/24 maxlen: 24
193.203.238.0/24 maxlen: 24
185.239.239.0/24 maxlen: 24
185.239.236.0/24 maxlen: 24
185.239.238.0/24 maxlen: 24
185.239.237.0/24 maxlen: 24
185.223.28.0/24 maxlen: 24
185.223.30.0/24 maxlen: 24
185.223.29.0/24 maxlen: 24
185.223.31.0/24 maxlen: 24
45.146.253.0/24 maxlen: 24
45.146.252.0/24 maxlen: 24
45.146.254.0/24 maxlen: 24
45.146.255.0/24 maxlen: 24
185.249.197.0/24 maxlen: 24
185.249.199.0/24 maxlen: 24
185.249.198.0/24 maxlen: 24
2a0c:3580::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4c:ec:73:d8:d6:cd:26:95:87:c3:cd:b9:f5:43:a4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Validity
Not Before: May 24 08:42:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2189c1d80894c3629a2964a9c257ba02ecb8bdb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a9:6b:f1:5f:e4:85:2d:77:49:51:7b:8c:7d:
e9:79:0e:68:34:a9:30:b9:a7:2a:b1:f5:8c:40:f2:
66:0a:89:f2:91:8b:47:13:3f:03:90:14:2c:60:36:
9f:93:87:14:16:3c:8a:41:d1:4d:f4:4d:11:36:46:
89:36:a1:95:b3:bd:da:15:b0:27:aa:1b:58:48:68:
6b:12:89:72:f6:29:4d:39:0a:ce:5f:b6:3a:fa:4a:
89:96:6b:81:02:12:74:bc:fa:ba:38:87:f1:33:9c:
0b:80:e8:d0:b6:93:b6:c1:4a:93:6f:af:05:d3:77:
bb:80:d3:68:46:58:7d:9b:ce:40:9e:4e:53:65:68:
d3:f3:e3:30:7a:83:ba:1f:9b:98:18:00:a7:c6:38:
52:65:26:8b:79:49:cf:56:b0:9b:ad:ea:6a:02:6c:
43:6e:89:06:63:77:fd:df:28:4b:29:16:4f:85:11:
e3:94:3e:98:87:a8:04:5e:2f:dc:cd:b8:f0:99:d5:
82:a1:3c:b3:f5:79:fa:ca:6e:74:66:1a:0e:d4:4a:
c3:ca:0d:38:3d:19:66:13:ee:1c:eb:d6:09:1c:a3:
2b:06:42:ea:c6:e9:52:89:e8:1a:08:0a:fb:f4:3a:
99:a7:f2:16:0d:4f:88:12:47:2a:65:bd:4d:1e:5c:
58:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:89:C1:D8:08:94:C3:62:9A:29:64:A9:C2:57:BA:02:EC:B8:BD:B2
X509v3 Authority Key Identifier:
keyid:A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/IYnB2AiUw2KaKWSpwle6Auy4vbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.160.0-5.249.164.255
45.146.252.0/22
88.214.56.0-88.214.58.255
92.42.44.0/22
147.189.168.0/21
185.223.28.0/22
185.239.236.0/22
185.249.197.0-185.249.199.255
193.23.126.0/23
193.23.160.0/23
193.203.238.0/24
194.156.88.0/24
194.156.90.0/23
IPv6:
2a0c:3580::/29
Signature Algorithm: sha256WithRSAEncryption
5d:d1:e4:6d:d5:27:5a:82:35:cf:3a:be:54:ec:13:79:89:eb:
65:52:56:f9:de:35:1f:23:06:b7:fc:f1:72:8c:25:89:70:9c:
9e:f6:10:8c:8f:c9:ba:9e:3d:28:5a:f7:6a:68:e2:f0:3c:68:
09:ef:68:01:ba:34:f9:9c:60:78:16:88:aa:35:c3:25:cf:e9:
cd:5f:20:99:a5:a9:b8:1c:84:38:9b:a9:ce:84:51:e1:e7:3e:
0f:bf:95:4b:97:29:b3:db:c7:72:c0:99:ab:4b:dc:c1:75:ea:
62:b3:aa:8c:27:62:30:4b:9a:43:46:4f:02:08:ef:a7:3f:55:
d2:8e:fa:c1:b3:af:d5:23:de:34:54:51:2f:e6:00:69:64:5d:
83:f1:8b:e1:dd:7a:5e:ab:c6:b0:c5:e8:22:e8:b1:5e:e1:50:
a4:eb:ef:63:78:6d:bd:d9:08:59:cc:34:ce:b5:a4:30:24:f9:
7d:67:20:1b:2b:94:8d:bf:b5:fa:10:cb:c5:a9:97:97:dd:fd:
f1:23:d7:85:70:38:8c:84:ad:ed:64:bb:33:e0:b4:cf:31:55:
62:74:c9:2a:74:84:dd:99:99:ec:0b:68:33:ed:1e:3f:5f:bf:
8a:62:d3:fd:90:57:70:5d:ce:31:2c:6f:4f:58:a2:44:b1:a9:
14:ac:a4:e4
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYhM7HPY1s0mlYfDzbn1Q6QeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNTEzZDI4OGRhYmRlN2RlZTA2OWJkYjYzNjU3M2NlOWMz
ZWNiNjAwHhcNMjMwNTI0MDg0MjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTg5YzFkODA4OTRjMzYyOWEyOTY0YTljMjU3YmEwMmVjYjhiZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsalr8V/khS13SVF7jH3peQ5oNKkw
uacqsfWMQPJmConykYtHEz8DkBQsYDafk4cUFjyKQdFN9E0RNkaJNqGVs73aFbAn
qhtYSGhrEoly9ilNOQrOX7Y6+kqJlmuBAhJ0vPq6OIfxM5wLgOjQtpO2wUqTb68F
03e7gNNoRlh9m85Ank5TZWjT8+MweoO6H5uYGACnxjhSZSaLeUnPVrCbrepqAmxD
bokGY3f93yhLKRZPhRHjlD6Yh6gEXi/czbjwmdWCoTyz9Xn6ym50ZhoO1ErDyg04
PRlmE+4c69YJHKMrBkLqxulSiegaCAr79DqZp/IWDU+IEkcqZb1NHlxYqwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFCGJwdgIlMNimilkqcJXugLsuL2yMB8GA1UdIwQY
MBaAFKNRPSiNq9597gab22Nlc86cPstgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDct
ZTBkN2RkNWUyZTZmLzEvSVluQjJBaVV3MkthS1dTcHdsZTZBdXk0dmJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDctZTBkN2RkNWUyZTZm
LzEvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZjAMAwQFBfmg
AwQABfmkAwQCLZL8MAwDBANY1jgDBABY1joDBAJcKiwDBAOTvagDBAK53xwDBAK5
7+wwDAMEALn5xQMEA7n5wAMEAcEXfgMEAcEXoAMEAMHL7gMEAMKcWAMEAcKcWjAN
BAIAAjAHAwUDKgw1gDANBgkqhkiG9w0BAQsFAAOCAQEAXdHkbdUnWoI1zzq+VOwT
eYnrZVJW+d41HyMGt/zxcowliXCcnvYQjI/Jup49KFr3amji8DxoCe9oAbo0+Zxg
eBaIqjXDJc/pzV8gmaWpuByEOJupzoRR4ec+D7+VS5cps9vHcsCZq0vcwXXqYrOq
jCdiMEuaQ0ZPAgjvpz9V0o76wbOv1SPeNFRRL+YAaWRdg/GL4d16XqvGsMXoIuix
XuFQpOvvY3htvdkIWcw0zrWkMCT5fWcgGyuUjb+1+hDLxamXl9398SPXhXA4jISt
7WS7M+C0zzFVYnTJKnSE3ZmZ7AtoM+0eP1+/imLT/ZBXcF3OMSxvT1iiRLGpFKyk
5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:27 2024 by rpki-client on console-ams.rpki-client.org