Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/Ls8WwZP-7IA1WSH2UG7Mc5uNlR8.roa
File: Ls8WwZP-7IA1WSH2UG7Mc5uNlR8.roa (raw, json)
Hash identifier: 5TOWOYADteVAbgczXfIM/HAcAJkfxwsFE4VNH+TtZx8=
Subject key identifier: 2E:CF:16:C1:93:FE:EC:80:35:59:21:F6:50:6E:CC:73:9B:8D:95:1F
Certificate issuer: /CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Certificate serial: 0185718C1BD9B356CC99CB0C4A1E8BA389F1
Authority key identifier: 6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/Ls8WwZP-7IA1WSH2UG7Mc5uNlR8.roa
Signing time: Mon 02 Jan 2023 08:14:45 +0000
ROA not before: Mon 02 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62434
IP address blocks: 194.49.177.0/24 maxlen: 24
194.49.178.0/24 maxlen: 24
194.49.205.0/24 maxlen: 24
194.49.207.0/24 maxlen: 24
194.49.218.0/24 maxlen: 24
194.49.221.0/24 maxlen: 24
194.49.220.0/24 maxlen: 24
194.49.134.0/24 maxlen: 24
193.28.131.0/24 maxlen: 24
193.28.132.0/24 maxlen: 24
193.28.130.0/24 maxlen: 24
194.49.171.0/24 maxlen: 24
2001:67c:194c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:1b:d9:b3:56:cc:99:cb:0c:4a:1e:8b:a3:89:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a0c867c979871c7adb09f7c6219ba5b0645931c
Validity
Not Before: Jan 2 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ecf16c193feec80355921f6506ecc739b8d951f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:ce:40:ef:86:d3:9c:d5:6e:b6:6c:3c:f8:
76:85:15:3c:ac:0b:12:3b:37:d4:a3:90:f6:e4:41:
d4:47:b8:ff:51:5a:c4:14:0d:f6:dd:9d:f3:cc:db:
ee:4c:a7:96:b6:a1:ce:28:7e:8e:59:6e:76:ef:23:
9b:6f:a0:2b:bf:b1:be:e7:4c:a9:45:24:fd:a9:f7:
ef:92:e8:aa:b5:76:5d:7f:cd:d6:92:5f:ab:3c:c5:
74:27:33:4e:35:13:ac:89:9f:59:b2:9f:c5:94:8f:
27:92:30:c2:30:ff:a3:32:ae:2c:7f:58:35:e1:f2:
bc:ae:b5:e3:ef:87:9d:78:d2:36:7c:bf:16:3b:76:
41:e0:08:95:13:5c:c2:69:22:28:e6:c2:17:c5:74:
78:73:68:3d:5f:02:47:b2:68:3f:26:46:d5:93:4a:
bb:26:a7:ff:f1:f0:59:67:c0:7d:4f:16:5b:21:2b:
80:ae:a4:bd:b8:84:27:b1:2d:6f:ae:85:95:82:b1:
be:66:39:33:d4:db:aa:26:6a:d5:8b:ea:8f:20:16:
38:2e:da:ca:e8:f2:04:22:ea:f8:a1:e8:05:fe:6d:
56:76:0f:a6:1f:f0:89:0f:86:0b:e9:4b:80:2b:bb:
d1:5a:24:b1:fe:71:52:f8:df:01:00:c1:2f:ca:4a:
03:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CF:16:C1:93:FE:EC:80:35:59:21:F6:50:6E:CC:73:9B:8D:95:1F
X509v3 Authority Key Identifier:
keyid:6A:0C:86:7C:97:98:71:C7:AD:B0:9F:7C:62:19:BA:5B:06:45:93:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/agyGfJeYccetsJ98Yhm6WwZFkxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/Ls8WwZP-7IA1WSH2UG7Mc5uNlR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1e01d2-1a1d-4dc1-a8d5-e45863eac2b4/1/agyGfJeYccetsJ98Yhm6WwZFkxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.130.0-193.28.132.255
194.49.134.0/24
194.49.171.0/24
194.49.177.0-194.49.178.255
194.49.205.0/24
194.49.207.0/24
194.49.218.0/24
194.49.220.0/23
IPv6:
2001:67c:194c::/48
Signature Algorithm: sha256WithRSAEncryption
4c:26:76:00:69:83:81:ae:ee:ab:93:27:df:e8:71:af:ce:94:
81:86:2c:23:a3:0d:28:16:ec:13:47:3d:0b:3b:84:17:91:52:
e3:a4:d5:3e:79:ac:98:14:00:ed:41:74:c9:82:41:b4:a7:48:
56:aa:03:18:2e:64:be:99:cb:e9:e9:60:47:74:2b:03:98:38:
38:98:ea:14:f3:d2:fd:2b:9a:25:9a:be:56:75:b8:b0:12:16:
00:48:48:da:7b:94:75:ed:4f:f7:cb:c0:bc:d0:42:2a:9b:1d:
8c:79:88:1f:88:16:60:44:bf:b3:47:ff:54:4c:1c:75:93:ea:
ed:0c:78:3c:da:c7:04:9f:ef:11:a9:c5:66:af:a6:59:97:2d:
a0:6e:03:c4:70:d8:ea:4f:63:0d:c9:ee:0d:a7:45:44:79:60:
82:24:29:5b:4f:36:d8:9d:1e:6e:16:53:dd:8d:91:1f:db:5d:
4d:b4:18:61:3f:f2:a9:e4:00:0f:c9:e1:22:d1:82:c3:9d:c7:
47:8a:f9:bb:a8:02:9b:bb:18:ff:36:30:79:4a:d0:8c:dd:80:
89:b8:07:40:f4:d6:b6:29:1a:60:2a:02:fc:d9:59:48:f1:2c:
7f:20:dc:e3:29:86:ff:a0:44:58:08:8c:1d:f9:8f:c3:14:2d:
9b:49:32:c7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVxjBvZs1bMmcsMSh6Lo4nxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMGM4NjdjOTc5ODcxYzdhZGIwOWY3YzYyMTliYTViMDY0
NTkzMWMwHhcNMjMwMTAyMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNmMTZjMTkzZmVlYzgwMzU1OTIxZjY1MDZlY2M3MzliOGQ5NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFHOQO+G05zVbrZsPPh2hRU8rAsS
OzfUo5D25EHUR7j/UVrEFA323Z3zzNvuTKeWtqHOKH6OWW527yObb6Arv7G+50yp
RST9qffvkuiqtXZdf83Wkl+rPMV0JzNONROsiZ9Zsp/FlI8nkjDCMP+jMq4sf1g1
4fK8rrXj74edeNI2fL8WO3ZB4AiVE1zCaSIo5sIXxXR4c2g9XwJHsmg/JkbVk0q7
Jqf/8fBZZ8B9TxZbISuArqS9uIQnsS1vroWVgrG+Zjkz1NuqJmrVi+qPIBY4LtrK
6PIEIur4oegF/m1Wdg+mH/CJD4YL6UuAK7vRWiSx/nFS+N8BAMEvykoD3wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFC7PFsGT/uyANVkh9lBuzHObjZUfMB8GA1UdIwQY
MBaAFGoMhnyXmHHHrbCffGIZulsGRZMcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUt
ZTQ1ODYzZWFjMmI0LzEvTHM4V3daUC03SUExV1NIMlVHN01jNXVObFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8xZTAxZDItMWExZC00ZGMxLWE4ZDUtZTQ1ODYzZWFjMmI0
LzEvYWd5R2ZKZVljY2V0c0o5OFlobTZXd1pGa3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBGBAIAATBAMAwDBAHBHIID
BADBHIQDBADCMYYDBADCMaswDAMEAMIxsQMEAMIxsgMEAMIxzQMEAMIxzwMEAMIx
2gMEAcIx3DAPBAIAAjAJAwcAIAEGfBlMMA0GCSqGSIb3DQEBCwUAA4IBAQBMJnYA
aYOBru6rkyff6HGvzpSBhiwjow0oFuwTRz0LO4QXkVLjpNU+eayYFADtQXTJgkG0
p0hWqgMYLmS+mcvp6WBHdCsDmDg4mOoU89L9K5olmr5WdbiwEhYASEjae5R17U/3
y8C80EIqmx2MeYgfiBZgRL+zR/9UTBx1k+rtDHg82scEn+8RqcVmr6ZZly2gbgPE
cNjqT2MNye4Np0VEeWCCJClbTzbYnR5uFlPdjZEf211NtBhhP/Kp5AAPyeEi0YLD
ncdHivm7qAKbuxj/NjB5StCM3YCJuAdA9Na2KRpgKgL82VlI8Sx/INzjKYb/oERY
CIwd+Y/DFC2bSTLH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org