Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/ipW_uImnhfALpk7KvIDhFVL6qWA.roa
File: ipW_uImnhfALpk7KvIDhFVL6qWA.roa (raw, json)
Hash identifier: ykEMgJf1Cl4ty8GjbqaincLNzQ7km5Mt4ymUJaAitJw=
Subject key identifier: 8A:95:BF:B8:89:A7:85:F0:0B:A6:4E:CA:BC:80:E1:15:52:FA:A9:60
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 01856C9CD5B0AA1F475CC9E9149BA3DE4E9A
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/ipW_uImnhfALpk7KvIDhFVL6qWA.roa
Signing time: Sun 01 Jan 2023 09:14:55 +0000
ROA not before: Sun 01 Jan 2023 09:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200044
IP address blocks: 185.159.64.0/24 maxlen: 24
185.159.64.0/22 maxlen: 24
109.238.246.0/24 maxlen: 24
109.238.240.0/20 maxlen: 24
89.249.16.0/20 maxlen: 24
89.249.31.0/24 maxlen: 24
93.158.192.0/22 maxlen: 22
93.158.192.0/21 maxlen: 21
93.158.192.0/23 maxlen: 23
93.158.192.0/24 maxlen: 24
93.158.198.0/23 maxlen: 23
93.158.198.0/24 maxlen: 24
93.158.196.0/24 maxlen: 24
93.158.197.0/24 maxlen: 24
93.158.194.0/24 maxlen: 24
93.158.194.0/23 maxlen: 23
93.158.195.0/24 maxlen: 24
93.158.199.0/24 maxlen: 24
93.158.193.0/24 maxlen: 24
2a0d:380::/29 maxlen: 29
2a00:eb8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:d5:b0:aa:1f:47:5c:c9:e9:14:9b:a3:de:4e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Jan 1 09:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a95bfb889a785f00ba64ecabc80e11552faa960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0a:68:26:d6:5a:72:7e:e5:93:df:1d:88:18:
46:0f:59:ce:00:be:d6:3f:40:ee:89:25:6f:77:9f:
a8:54:ca:fc:ae:fe:64:b6:89:ef:c7:e6:3d:72:b1:
3e:7b:f2:42:5d:ab:1b:a8:60:86:a9:15:65:9b:e2:
1d:58:06:a6:da:d7:fd:08:1b:c8:7c:be:c0:46:a5:
f9:85:9c:8f:20:67:b6:46:f6:e3:12:7d:14:96:b9:
2f:c1:0a:06:cf:3e:73:46:28:54:9a:e7:d4:a7:da:
5d:95:ab:5f:67:0a:49:5b:89:40:76:da:f1:a6:ec:
5c:7f:81:52:6e:ec:17:a4:2a:56:93:f8:72:2f:c0:
e2:dd:99:01:77:57:43:c3:aa:8e:a6:a4:d3:f1:20:
53:78:5f:44:2f:89:f2:88:2d:34:bb:9e:f4:4a:03:
1b:0f:4c:e5:3c:ae:3e:50:c6:3f:52:9f:f2:2f:cc:
83:6f:ca:5d:fa:c4:5c:15:d4:31:20:49:f3:29:32:
27:fe:8a:9c:25:d0:80:2b:60:07:6b:cd:2b:a7:23:
82:11:0e:09:5d:84:d0:88:70:a1:d6:f8:0a:b1:2b:
e2:0f:88:4c:94:1b:8f:7c:7c:33:14:e9:2d:b9:92:
5a:f9:f1:5d:a1:a4:26:2e:51:a6:23:7b:60:c0:da:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:95:BF:B8:89:A7:85:F0:0B:A6:4E:CA:BC:80:E1:15:52:FA:A9:60
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/ipW_uImnhfALpk7KvIDhFVL6qWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.16.0/20
93.158.192.0/21
109.238.240.0/20
185.159.64.0/22
IPv6:
2a00:eb8::/32
2a0d:380::/29
Signature Algorithm: sha256WithRSAEncryption
0f:40:73:ac:f1:30:5d:d5:d6:eb:80:53:e3:37:5e:71:cc:b0:
e9:2c:a0:ae:73:f9:65:a3:03:96:1d:06:fb:71:c5:4c:82:49:
ac:7c:8f:c6:2f:5b:9d:c8:a3:c1:aa:7b:ff:70:a6:79:d4:e9:
36:90:27:cb:9c:ab:82:77:2f:33:38:de:82:58:df:96:c2:53:
ae:6a:07:83:49:33:09:a4:fc:a6:0d:5d:90:27:3c:c9:41:41:
48:4b:1c:0e:37:0e:10:24:c0:a2:a2:ea:0b:6c:ad:79:8d:64:
0c:bb:26:a9:73:12:87:d1:8f:93:eb:ce:17:4a:01:63:ec:b7:
f6:6a:78:0c:c9:77:fd:ff:73:2f:91:5f:8f:9e:59:6c:4d:10:
b7:a5:07:fb:07:e9:07:b6:34:e3:67:f0:89:1d:39:f8:ee:44:
af:40:91:e6:69:bf:05:f0:c5:e1:95:69:6c:83:52:76:24:df:
36:1f:b4:2b:77:3c:d7:55:e2:3d:c2:1c:7a:7f:9c:3f:93:d6:
29:ea:53:24:a6:0a:f7:7c:72:91:d8:a6:2a:ef:ca:14:6f:53:
b5:81:5e:6f:30:e2:70:e6:9f:42:19:d4:1c:1d:1c:17:4e:53:
a1:3c:28:f7:d7:5b:56:c6:cf:5b:ce:63:b7:6e:fd:5b:16:c0:
2d:dd:28:80
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVsnNWwqh9HXMnpFJuj3k6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjMwMTAxMDkxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTk1YmZiODg5YTc4NWYwMGJhNjRlY2FiYzgwZTExNTUyZmFhOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQpoJtZacn7lk98diBhGD1nOAL7W
P0DuiSVvd5+oVMr8rv5ktonvx+Y9crE+e/JCXasbqGCGqRVlm+IdWAam2tf9CBvI
fL7ARqX5hZyPIGe2RvbjEn0UlrkvwQoGzz5zRihUmufUp9pdlatfZwpJW4lAdtrx
puxcf4FSbuwXpCpWk/hyL8Di3ZkBd1dDw6qOpqTT8SBTeF9EL4nyiC00u570SgMb
D0zlPK4+UMY/Up/yL8yDb8pd+sRcFdQxIEnzKTIn/oqcJdCAK2AHa80rpyOCEQ4J
XYTQiHCh1vgKsSviD4hMlBuPfHwzFOktuZJa+fFdoaQmLlGmI3tgwNp5hwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIqVv7iJp4XwC6ZOyryA4RVS+qlgMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvaXBXX3VJbW5oZkFMcGs3S3ZJRGhGVkw2cVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQEWfkQAwQD
XZ7AAwQEbe7wAwQCuZ9AMBQEAgACMA4DBQAqAA64AwUDKg0DgDANBgkqhkiG9w0B
AQsFAAOCAQEAD0BzrPEwXdXW64BT4zdeccyw6SygrnP5ZaMDlh0G+3HFTIJJrHyP
xi9bncijwap7/3CmedTpNpAny5yrgncvMzjegljflsJTrmoHg0kzCaT8pg1dkCc8
yUFBSEscDjcOECTAoqLqC2yteY1kDLsmqXMSh9GPk+vOF0oBY+y39mp4DMl3/f9z
L5Ffj55ZbE0Qt6UH+wfpB7Y042fwiR05+O5Er0CR5mm/BfDF4ZVpbINSdiTfNh+0
K3c811XiPcIcen+cP5PWKepTJKYK93xykdimKu/KFG9TtYFebzDicOafQhnUHB0c
F05ToTwo99dbVsbPW85jt279WxbALd0ogA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:18 2024 by rpki-client on console-fra.rpki-client.org