Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fDfShKPl6sYbiACES9V3dRiwwvE.roa
File: fDfShKPl6sYbiACES9V3dRiwwvE.roa (raw, json)
Hash identifier: gWERoAjB5vT76Fv60W1aTxrsGQZKG+R+sE1v6Rkh2cI=
Subject key identifier: 7C:37:D2:84:A3:E5:EA:C6:1B:88:00:84:4B:D5:77:75:18:B0:C2:F1
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018C311E0AEC3E443F458EE6FA1C25C29D7B
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fDfShKPl6sYbiACES9V3dRiwwvE.roa
Signing time: Sun 03 Dec 2023 19:18:21 +0000
ROA not before: Sun 03 Dec 2023 19:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39521
IP address blocks: 85.8.160.0/22 maxlen: 22
37.221.76.0/22 maxlen: 22
5.133.100.0/22 maxlen: 22
31.40.204.0/22 maxlen: 22
92.249.60.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
194.169.92.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
176.53.156.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
212.87.196.0/22 maxlen: 22
194.93.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 16 Dec 2023 20:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:31:1e:0a:ec:3e:44:3f:45:8e:e6:fa:1c:25:c2:9d:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Dec 3 19:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c37d284a3e5eac61b8800844bd5777518b0c2f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a4:56:69:de:56:90:42:ca:af:4c:07:3a:e9:
3c:40:e3:c3:93:8b:88:1c:f9:99:0b:c1:0f:c2:71:
1b:21:5c:7e:14:ea:2d:d1:44:e8:e1:10:39:fe:3d:
58:c7:c0:16:25:e4:71:2a:97:0a:35:32:27:97:79:
c7:a9:b3:8b:c4:3b:7a:f5:ea:b9:0d:ce:ea:43:a3:
88:e8:90:92:37:3a:52:50:93:0b:7c:e6:bf:5a:70:
b7:bb:cc:ca:00:be:68:64:c9:1e:8d:df:3f:be:8b:
69:5a:6a:b6:e0:24:e1:b2:49:21:77:d4:b5:bb:ba:
65:79:35:0f:a5:57:e8:7d:51:e1:34:78:81:7f:b9:
58:2f:fa:9a:7c:3d:6b:de:4b:4d:9f:10:7e:b1:fa:
a8:ad:d6:65:a5:46:b3:ae:67:ba:90:81:52:13:4b:
47:2b:69:d4:5f:b0:f7:4b:f5:2f:6f:7f:39:67:94:
20:65:a3:39:a3:cb:a9:e4:89:c3:4d:2c:41:fa:b7:
f6:70:f3:df:94:99:f2:d5:20:70:4a:77:01:01:d7:
d2:74:53:66:e6:25:f3:d2:19:cf:9a:a5:55:e5:e7:
f4:24:c8:ea:ed:0f:78:a2:05:2f:cb:ee:04:93:4d:
22:3d:a5:6c:b0:02:94:8d:65:ab:55:69:bf:62:96:
90:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:37:D2:84:A3:E5:EA:C6:1B:88:00:84:4B:D5:77:75:18:B0:C2:F1
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fDfShKPl6sYbiACES9V3dRiwwvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.100.0/22
31.40.204.0/22
37.221.76.0/22
83.171.244.0/22
85.8.160.0/22
92.249.60.0/22
176.53.156.0/22
188.119.68.0/22
194.93.60.0/22
194.169.92.0/22
212.87.196.0/22
212.107.4.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:4c:d9:71:c9:db:b8:13:2d:38:0a:34:7a:f7:a7:1c:71:17:
1b:38:c3:cd:35:75:94:7f:46:0b:bb:7b:60:ae:a3:3e:2f:cf:
32:c0:57:36:90:79:6b:ac:02:7d:d1:2c:c6:25:36:8e:8b:60:
17:71:2a:7c:c0:65:d9:fa:c4:e2:f6:9f:75:97:bb:20:75:36:
2b:47:83:ab:6f:ad:2d:ae:25:59:e7:bc:ba:13:8b:6f:41:d3:
66:f0:46:d2:af:cb:fa:b3:69:4f:40:7c:14:77:0f:7f:eb:7c:
cd:4a:cd:69:31:2b:24:04:c6:1c:80:a0:28:31:eb:4d:d1:41:
e2:f2:76:30:e1:40:f8:24:f7:06:51:98:82:01:18:3a:83:e4:
48:51:4c:2f:bc:6e:73:4e:9a:d0:fd:84:ed:30:fd:e9:12:01:
6e:e5:7b:f3:f9:2a:f5:91:68:f2:4b:43:c8:aa:b0:17:bb:0f:
51:94:12:e7:55:ea:d1:19:06:6c:16:cd:f1:14:d3:71:aa:0e:
05:be:e2:59:8a:08:25:e5:18:16:f4:53:ba:45:a5:0f:bf:2b:
c3:ad:56:8b:76:60:53:0d:c4:65:bd:78:db:f4:be:71:c5:ff:
ca:5c:c9:2b:45:d0:52:58:5a:82:ba:54:6e:d0:0f:a5:47:30:
d9:70:cb:1b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYwxHgrsPkQ/RY7m+hwlwp17MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMxMjAzMTkxODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM3ZDI4NGEzZTVlYWM2MWI4ODAwODQ0YmQ1Nzc3NTE4YjBjMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6RWad5WkELKr0wHOuk8QOPDk4uI
HPmZC8EPwnEbIVx+FOot0UTo4RA5/j1Yx8AWJeRxKpcKNTInl3nHqbOLxDt69eq5
Dc7qQ6OI6JCSNzpSUJMLfOa/WnC3u8zKAL5oZMkejd8/votpWmq24CThskkhd9S1
u7pleTUPpVfofVHhNHiBf7lYL/qafD1r3ktNnxB+sfqordZlpUazrme6kIFSE0tH
K2nUX7D3S/Uvb385Z5QgZaM5o8up5InDTSxB+rf2cPPflJny1SBwSncBAdfSdFNm
5iXz0hnPmqVV5ef0JMjq7Q94ogUvy+4Ek00iPaVssAKUjWWrVWm/YpaQtQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHw30oSj5erGG4gAhEvVd3UYsMLxMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvZkRmU2hLUGw2c1liaUFDRVM5VjNkUml3d3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCBYVkAwQC
HyjMAwQCJd1MAwQCU6v0AwQCVQigAwQCXPk8AwQCsDWcAwQCvHdEAwQCwl08AwQC
wqlcAwQC1FfEAwQC1GsEMA0GCSqGSIb3DQEBCwUAA4IBAQCbTNlxydu4Ey04CjR6
96cccRcbOMPNNXWUf0YLu3tgrqM+L88ywFc2kHlrrAJ90SzGJTaOi2AXcSp8wGXZ
+sTi9p91l7sgdTYrR4Orb60triVZ57y6E4tvQdNm8EbSr8v6s2lPQHwUdw9/63zN
Ss1pMSskBMYcgKAoMetN0UHi8nYw4UD4JPcGUZiCARg6g+RIUUwvvG5zTprQ/YTt
MP3pEgFu5Xvz+Sr1kWjyS0PIqrAXuw9RlBLnVerRGQZsFs3xFNNxqg4FvuJZiggl
5RgW9FO6RaUPvyvDrVaLdmBTDcRlvXjb9L5xxf/KXMkrRdBSWFqCulRu0A+lRzDZ
cMsb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org