Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/AUBh5mksinBszoGx3ly-ERuWXvg.roa
File: AUBh5mksinBszoGx3ly-ERuWXvg.roa (raw, json)
Hash identifier: AozviCpPyLfc8bQX+WibO9XpbDLySE4UHyKokHwNxd0=
Subject key identifier: 01:40:61:E6:69:2C:8A:70:6C:CE:81:B1:DE:5C:BE:11:1B:96:5E:F8
Certificate issuer: /CN=0c202663de852c7060fdea0298b490d5edcc0f24
Certificate serial: 018D5994C97A4142741A92D9734D18EEEAEB
Authority key identifier: 0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/AUBh5mksinBszoGx3ly-ERuWXvg.roa
Signing time: Tue 30 Jan 2024 08:55:39 +0000
ROA not before: Tue 30 Jan 2024 08:55:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197036
IP address blocks: 178.23.152.0/21 maxlen: 21
185.19.240.0/22 maxlen: 22
185.228.20.0/22 maxlen: 22
195.28.192.0/19 maxlen: 19
213.173.48.0/22 maxlen: 22
213.173.51.0/24 maxlen: 24
2a02:21e8::/32 maxlen: 32
2a02:21e8:71::/48 maxlen: 48
2a09:2600::/29 maxlen: 29
2a0c:e600::/29 maxlen: 29
2a0c:e9c0::/29 maxlen: 29
2a0d:d040::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 31 May 2024 12:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:94:c9:7a:41:42:74:1a:92:d9:73:4d:18:ee:ea:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c202663de852c7060fdea0298b490d5edcc0f24
Validity
Not Before: Jan 30 08:55:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=014061e6692c8a706cce81b1de5cbe111b965ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6f:6c:d6:a7:23:34:46:f6:28:58:96:ea:51:
8d:e5:48:ca:64:a0:19:14:75:8b:33:be:40:4d:cf:
f2:06:73:5a:06:5a:fe:36:f5:d3:22:2c:9c:8f:ca:
80:58:e5:cd:e6:7a:4a:00:6e:20:15:33:76:3e:fe:
b4:c2:c0:81:fc:af:63:4f:88:7e:2e:cf:86:fe:3f:
5c:fa:7e:5a:c7:72:af:19:27:68:02:17:54:9e:a8:
94:3c:d4:8d:f6:2d:3e:86:cb:c1:7f:d2:e0:f3:d2:
ab:df:e6:a5:a6:08:ff:39:98:48:33:3b:c3:cf:8e:
0d:2c:b4:dd:ed:cc:fd:e9:a4:c3:65:91:ce:f8:9c:
ba:6d:36:e6:1c:26:4a:ea:3a:b0:fc:50:b2:93:2f:
f1:15:37:71:e9:5c:98:c9:c0:87:d4:b4:24:a7:c9:
5c:a0:46:a0:0b:25:f4:af:07:db:8f:3a:ff:38:5d:
b6:1d:45:17:44:32:83:28:87:f0:21:7e:80:40:15:
e5:ee:d5:a2:09:90:58:3e:d8:98:3f:b8:5f:e6:2e:
91:38:0b:32:13:5d:0b:20:07:00:52:6e:d2:5f:94:
bf:90:fc:d4:b6:51:2a:6f:62:87:c2:0a:b8:6d:94:
94:65:36:f9:c4:e8:b3:a7:2c:8a:42:33:50:8f:69:
bc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:40:61:E6:69:2C:8A:70:6C:CE:81:B1:DE:5C:BE:11:1B:96:5E:F8
X509v3 Authority Key Identifier:
keyid:0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/AUBh5mksinBszoGx3ly-ERuWXvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.152.0/21
185.19.240.0/22
185.228.20.0/22
195.28.192.0/19
213.173.48.0/22
IPv6:
2a02:21e8::/32
2a09:2600::/29
2a0c:e600::/29
2a0c:e9c0::/29
2a0d:d040::/29
Signature Algorithm: sha256WithRSAEncryption
7b:b5:49:3b:09:57:f9:f6:eb:f5:a9:c6:5c:4a:7c:10:4d:82:
92:dd:79:18:d2:f3:19:38:7b:a4:40:a3:bc:70:35:ac:c9:54:
49:ff:d8:16:34:13:8a:68:d5:47:80:b1:a8:81:dd:29:67:63:
f2:ce:1f:4b:62:7c:d7:50:93:b4:25:31:f0:d5:4b:0f:5b:11:
a6:28:c6:29:2f:43:56:d6:a2:33:f7:6b:c6:09:c0:a0:b1:23:
f2:32:8b:44:e2:3b:70:7b:e0:0b:28:bf:4e:22:da:a8:f8:c1:
81:ca:6c:95:2c:2f:09:bd:22:53:a7:81:d8:76:95:ec:6b:19:
de:a6:3d:07:56:8b:fe:54:23:ea:f7:1f:cc:f9:7f:a1:0e:bc:
5b:75:2d:b5:7a:0c:7d:00:05:06:d8:59:c4:15:c7:4d:3c:c8:
d7:3e:28:9b:e5:86:89:e3:c1:44:4a:d4:90:31:55:90:5a:23:
4d:de:86:12:b1:cc:27:31:60:f5:92:e9:58:27:7f:1c:dc:e5:
10:ee:c5:94:ae:a8:1d:02:0b:fd:62:91:bc:ba:28:76:4d:58:
34:5d:b9:34:62:0b:6c:7e:d0:3e:a1:88:64:9b:98:f2:35:a6:
59:5b:70:44:82:d6:cf:5f:5b:69:75:08:53:e2:04:75:e5:e3:
81:35:68:3d
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAY1ZlMl6QUJ0GpLZc00Y7urrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjAyNjYzZGU4NTJjNzA2MGZkZWEwMjk4YjQ5MGQ1ZWRj
YzBmMjQwHhcNMjQwMTMwMDg1NTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQwNjFlNjY5MmM4YTcwNmNjZTgxYjFkZTVjYmUxMTFiOTY1ZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhW9s1qcjNEb2KFiW6lGN5UjKZKAZ
FHWLM75ATc/yBnNaBlr+NvXTIiycj8qAWOXN5npKAG4gFTN2Pv60wsCB/K9jT4h+
Ls+G/j9c+n5ax3KvGSdoAhdUnqiUPNSN9i0+hsvBf9Lg89Kr3+alpgj/OZhIMzvD
z44NLLTd7cz96aTDZZHO+Jy6bTbmHCZK6jqw/FCyky/xFTdx6VyYycCH1LQkp8lc
oEagCyX0rwfbjzr/OF22HUUXRDKDKIfwIX6AQBXl7tWiCZBYPtiYP7hf5i6ROAsy
E10LIAcAUm7SX5S/kPzUtlEqb2KHwgq4bZSUZTb5xOizpyyKQjNQj2m8YQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFAFAYeZpLIpwbM6Bsd5cvhEbll74MB8GA1UdIwQY
MBaAFAwgJmPehSxwYP3qApi0kNXtzA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODkt
YTE3ODA0NDM5ODk1LzEvQVVCaDVta3NpbkJzem9HeDNseS1FUnVXWHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODktYTE3ODA0NDM5ODk1
LzEvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQDsheYAwQC
uRPwAwQCueQUAwQFwxzAAwQC1a0wMCkEAgACMCMDBQAqAiHoAwUDKgkmAAMFAyoM
5gADBQMqDOnAAwUDKg3QQDANBgkqhkiG9w0BAQsFAAOCAQEAe7VJOwlX+fbr9anG
XEp8EE2Ckt15GNLzGTh7pECjvHA1rMlUSf/YFjQTimjVR4CxqIHdKWdj8s4fS2J8
11CTtCUx8NVLD1sRpijGKS9DVtaiM/drxgnAoLEj8jKLROI7cHvgCyi/TiLaqPjB
gcpslSwvCb0iU6eB2HaV7GsZ3qY9B1aL/lQj6vcfzPl/oQ68W3UttXoMfQAFBthZ
xBXHTTzI1z4om+WGiePBRErUkDFVkFojTd6GErHMJzFg9ZLpWCd/HNzlEO7FlK6o
HQIL/WKRvLoodk1YNF25NGILbH7QPqGIZJuY8jWmWVtwRILWz19baXUIU+IEdeXj
gTVoPQ==
-----END CERTIFICATE-----
Generated at Fri May 31 18:26:16 2024 by rpki-client on console.sobornost.net