Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/uRIDjxOS2AM39yRtBVSjasMzcRY.roa
File: uRIDjxOS2AM39yRtBVSjasMzcRY.roa (raw, json)
Hash identifier: c5G1XFYQ+4waScvxLhmlFss6r53ga/RfQkmbnZViSfQ=
Subject key identifier: B9:12:03:8F:13:92:D8:03:37:F7:24:6D:05:54:A3:6A:C3:33:71:16
Certificate issuer: /CN=e465acc90809efb45ccda250a1057618494b86eb
Certificate serial: 01856FF0199743EF3283A3DB127B13D3AA3F
Authority key identifier: E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/uRIDjxOS2AM39yRtBVSjasMzcRY.roa
Signing time: Mon 02 Jan 2023 00:44:44 +0000
ROA not before: Mon 02 Jan 2023 00:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1104
IP address blocks: 192.16.185.0/24 maxlen: 24
192.16.186.0/24 maxlen: 24
192.16.192.0/24 maxlen: 24
192.16.199.0/24 maxlen: 24
192.16.195.0/24 maxlen: 24
192.16.194.0/24 maxlen: 24
185.153.60.0/22 maxlen: 24
2a07:8500::/29 maxlen: 48
2a07:8504::/32 maxlen: 48
2a07:8504:1a0::/48 maxlen: 48
2a07:8500::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:f0:19:97:43:ef:32:83:a3:db:12:7b:13:d3:aa:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e465acc90809efb45ccda250a1057618494b86eb
Validity
Not Before: Jan 2 00:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b912038f1392d80337f7246d0554a36ac3337116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a4:a0:f0:ca:cc:32:f9:aa:4d:ac:e9:3f:0f:
32:0b:69:2b:6f:f5:a9:6b:32:b2:93:dc:bc:c4:f7:
dd:27:de:1a:88:ed:c6:97:15:66:e1:03:77:2a:45:
1a:5a:f7:f1:c1:68:e5:c9:17:99:9b:70:f2:dc:f7:
9e:e0:96:f6:a5:d3:35:00:02:8c:66:9f:9c:41:76:
48:46:70:36:1c:e6:62:43:b3:ca:73:fc:e0:80:30:
f4:c6:df:b7:c3:63:9f:7d:df:76:5a:52:7e:90:18:
b7:85:fd:5f:85:07:41:b3:8d:fa:df:78:a8:be:89:
5a:53:38:12:13:9d:41:0c:1a:ef:53:86:cf:ab:d3:
d6:e9:1a:25:01:bd:8d:00:ea:64:30:7b:fe:a3:63:
9f:f8:53:f3:4c:07:34:e4:9a:c6:22:71:f6:a7:8f:
03:cd:ba:24:bb:07:87:47:67:32:e7:0e:be:26:cc:
cf:9c:77:87:a3:be:03:d6:c2:2d:e5:a7:64:e4:cc:
d5:0f:0e:fb:d7:81:d9:0c:e8:d5:59:c6:55:99:9f:
8e:fc:bc:ef:d1:87:26:2b:55:3b:5a:af:91:1f:74:
02:45:90:d6:85:fc:8d:37:76:6d:85:24:68:73:29:
b8:52:24:18:db:94:c5:90:2d:10:58:e4:13:b5:56:
50:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:12:03:8F:13:92:D8:03:37:F7:24:6D:05:54:A3:6A:C3:33:71:16
X509v3 Authority Key Identifier:
keyid:E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/uRIDjxOS2AM39yRtBVSjasMzcRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.60.0/22
192.16.185.0-192.16.186.255
192.16.192.0/24
192.16.194.0/23
192.16.199.0/24
IPv6:
2a07:8500::/29
Signature Algorithm: sha256WithRSAEncryption
c1:f0:da:08:9f:37:bb:b3:c0:71:7a:39:d5:63:09:a4:29:b6:
99:a7:2e:c3:a8:73:fa:22:19:41:56:2c:29:cd:69:c5:57:d0:
bc:55:5d:05:83:d4:81:ab:f8:fc:55:18:9c:b1:df:91:9f:84:
0b:c0:ce:0b:f0:1d:94:b5:76:b6:19:71:0e:08:a0:5a:65:5f:
41:b4:10:70:f1:02:84:02:e8:b1:cb:59:44:c9:46:34:13:bf:
88:07:88:3c:a6:12:1a:e6:f2:df:34:c3:70:99:28:b1:ba:9c:
90:95:aa:6f:6b:a6:b1:34:18:b8:6a:2a:a6:e1:33:ec:38:4c:
2f:cc:f2:05:49:69:99:43:27:08:83:5b:92:53:7d:70:dd:9e:
d2:67:58:ee:e9:70:62:00:05:a2:98:97:c1:73:56:53:81:f2:
cf:2d:1a:56:6d:fc:66:5d:08:30:fd:93:0c:3e:b4:cb:e5:65:
3b:46:98:0b:46:cf:06:5f:c7:6b:a1:fc:51:85:ea:ec:1b:b8:
95:02:8a:d4:34:8d:24:50:01:10:f7:38:5c:b4:d6:7c:d6:c1:
10:4c:03:be:2f:48:61:a7:ea:49:65:ee:01:bf:4c:01:c1:c1:
aa:c0:9c:e6:17:0d:03:22:b4:f1:1d:b5:f8:f1:5c:a3:51:09:
18:44:43:59
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVv8BmXQ+8yg6PbEnsT06o/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NjVhY2M5MDgwOWVmYjQ1Y2NkYTI1MGExMDU3NjE4NDk0
Yjg2ZWIwHhcNMjMwMTAyMDA0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTEyMDM4ZjEzOTJkODAzMzdmNzI0NmQwNTU0YTM2YWMzMzM3MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaSg8MrMMvmqTazpPw8yC2krb/Wp
azKyk9y8xPfdJ94aiO3GlxVm4QN3KkUaWvfxwWjlyReZm3Dy3Pee4Jb2pdM1AAKM
Zp+cQXZIRnA2HOZiQ7PKc/zggDD0xt+3w2Offd92WlJ+kBi3hf1fhQdBs43633io
volaUzgSE51BDBrvU4bPq9PW6RolAb2NAOpkMHv+o2Of+FPzTAc05JrGInH2p48D
zbokuweHR2cy5w6+JszPnHeHo74D1sIt5adk5MzVDw7714HZDOjVWcZVmZ+O/Lzv
0YcmK1U7Wq+RH3QCRZDWhfyNN3ZthSRocym4UiQY25TFkC0QWOQTtVZQjwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFLkSA48TktgDN/ckbQVUo2rDM3EWMB8GA1UdIwQY
MBaAFORlrMkICe+0XM2iUKEFdhhJS4brMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYt
YzBiM2IwZjU0YmViLzEvdVJJRGp4T1MyQU0zOXlSdEJWU2phc016Y1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi85ZWY2MGEtNzNlZS00MGUxLTkwMDYtYzBiM2IwZjU0YmVi
LzEvNUdXc3lRZ0o3N1JjemFKUW9RVjJHRWxMaHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCuZk8MAwD
BADAELkDBADAELoDBADAEMADBAHAEMIDBADAEMcwDQQCAAIwBwMFAyoHhQAwDQYJ
KoZIhvcNAQELBQADggEBAMHw2gifN7uzwHF6OdVjCaQptpmnLsOoc/oiGUFWLCnN
acVX0LxVXQWD1IGr+PxVGJyx35GfhAvAzgvwHZS1drYZcQ4IoFplX0G0EHDxAoQC
6LHLWUTJRjQTv4gHiDymEhrm8t80w3CZKLG6nJCVqm9rprE0GLhqKqbhM+w4TC/M
8gVJaZlDJwiDW5JTfXDdntJnWO7pcGIABaKYl8FzVlOB8s8tGlZt/GZdCDD9kww+
tMvlZTtGmAtGzwZfx2uh/FGF6uwbuJUCitQ0jSRQARD3OFy01nzWwRBMA74vSGGn
6kll7gG/TAHBwarAnOYXDQMitPEdtfjxXKNRCRhEQ1k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:59 2024 by rpki-client on console-fra.rpki-client.org