Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/H1WWfqI_bYf2kwmDxLbApZo_KDo.roa
File: H1WWfqI_bYf2kwmDxLbApZo_KDo.roa (raw, json)
Hash identifier: d8q/AgruEbVBG3Vdoh5o+djMnVioiyxt0Lym0FeZayg=
Subject key identifier: 1F:55:96:7E:A2:3F:6D:87:F6:93:09:83:C4:B6:C0:A5:9A:3F:28:3A
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 01874730368CBF366A2D6A64F1CD416AA8DB
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/H1WWfqI_bYf2kwmDxLbApZo_KDo.roa
Signing time: Mon 03 Apr 2023 12:55:54 +0000
ROA not before: Mon 03 Apr 2023 12:55:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198102
IP address blocks: 195.28.8.0/23 maxlen: 23
213.225.240.0/20 maxlen: 20
89.35.168.0/22 maxlen: 22
195.225.40.0/23 maxlen: 23
89.45.212.0/22 maxlen: 22
195.238.80.0/23 maxlen: 23
128.65.204.0/23 maxlen: 24
128.65.200.0/23 maxlen: 24
86.105.236.0/22 maxlen: 22
185.85.192.0/23 maxlen: 23
185.85.194.0/24 maxlen: 24
78.111.224.0/20 maxlen: 24
195.210.40.0/23 maxlen: 23
134.255.168.0/22 maxlen: 22
91.231.62.0/24 maxlen: 24
2a00:4060::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 27 Jul 2023 09:38:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:30:36:8c:bf:36:6a:2d:6a:64:f1:cd:41:6a:a8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Apr 3 12:55:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f55967ea23f6d87f6930983c4b6c0a59a3f283a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:45:3d:a3:93:02:1a:4b:b1:fb:2d:02:ee:7f:
27:0f:35:e7:5b:f2:af:7d:17:f1:95:79:e9:cf:45:
61:92:7c:6e:c9:fd:da:86:7c:af:5a:d2:75:7b:3f:
d8:43:7f:e5:e3:82:37:c4:01:d8:e3:24:82:4e:5b:
50:de:f6:c3:f3:15:6c:7d:1c:18:ee:b8:78:a0:32:
30:3d:8d:de:35:55:99:5d:ec:f3:48:7e:3f:28:76:
16:a3:5b:c4:1f:f0:75:34:56:fb:99:bf:4f:84:c0:
11:52:37:ed:f8:38:4f:32:eb:99:97:3f:1e:82:a5:
6b:6e:61:65:08:f7:1a:ff:12:70:36:2d:0f:14:e9:
04:25:ed:0c:6d:f0:f4:af:24:50:27:8d:d7:7b:25:
b7:8c:1d:13:45:62:4e:c0:27:ab:5e:43:57:a9:db:
91:ce:45:48:ba:0d:58:ad:4e:78:51:52:ff:94:8c:
9d:51:11:14:48:27:68:8c:0f:54:74:81:a3:55:6b:
71:69:3c:c4:e3:f2:21:f7:44:bb:6d:8c:10:fd:38:
77:62:de:41:2d:74:c9:47:2d:69:b6:af:a0:b1:8c:
9f:c6:93:02:49:a1:5a:65:48:a3:e7:fb:81:3c:89:
34:5c:9f:c3:cf:ac:94:2e:09:ea:cd:3e:73:9d:1d:
2d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:55:96:7E:A2:3F:6D:87:F6:93:09:83:C4:B6:C0:A5:9A:3F:28:3A
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/H1WWfqI_bYf2kwmDxLbApZo_KDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.224.0/20
86.105.236.0/22
89.35.168.0/22
89.45.212.0/22
91.231.62.0/24
128.65.200.0/23
128.65.204.0/23
134.255.168.0/22
185.85.192.0-185.85.194.255
195.28.8.0/23
195.210.40.0/23
195.225.40.0/23
195.238.80.0/23
213.225.240.0/20
IPv6:
2a00:4060::/29
Signature Algorithm: sha256WithRSAEncryption
1a:02:7d:74:aa:c4:6a:0c:69:24:01:22:5f:f6:0b:24:66:c7:
9f:7c:09:b0:ce:79:39:a2:8b:f7:b6:44:f7:cb:fd:b2:2a:a5:
ab:07:03:0e:b6:4d:be:98:0c:9a:43:2d:e1:9a:40:51:2e:73:
b9:d1:c2:55:45:8a:4f:17:84:59:ec:77:89:2c:69:36:e8:e5:
52:9f:57:0e:25:21:57:31:f0:50:a1:68:c2:56:56:f2:98:58:
5a:c6:0f:66:4e:76:0c:96:f4:99:24:2e:e1:7c:0e:21:3a:1d:
9b:75:2c:36:24:c1:56:6e:6c:70:37:ef:55:30:eb:d5:52:8b:
7b:4c:e3:0c:77:5c:1e:1d:00:48:6f:e1:d4:a6:6a:3c:2f:84:
cc:92:e7:98:2d:4d:cb:49:76:22:8a:2b:36:84:42:ab:95:df:
cb:1a:86:d5:43:34:de:1c:c1:39:8a:df:bd:6c:a9:cc:0d:16:
f0:d9:3b:c1:0a:13:51:f7:c3:e0:04:87:53:8e:3e:7f:ad:33:
e9:d6:6a:06:5e:21:0c:93:84:5e:1b:43:99:48:81:a1:cc:08:
76:48:93:aa:06:67:36:b1:9d:1a:79:db:b8:0c:04:3f:8c:8b:
f9:f0:10:0d:9a:3b:42:a3:aa:fe:4b:cf:e1:ff:c4:73:f2:22:
6c:fb:0e:47
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYdHMDaMvzZqLWpk8c1BaqjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjMwNDAzMTI1NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU1OTY3ZWEyM2Y2ZDg3ZjY5MzA5ODNjNGI2YzBhNTlhM2YyODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEU9o5MCGkux+y0C7n8nDzXnW/Kv
fRfxlXnpz0Vhknxuyf3ahnyvWtJ1ez/YQ3/l44I3xAHY4ySCTltQ3vbD8xVsfRwY
7rh4oDIwPY3eNVWZXezzSH4/KHYWo1vEH/B1NFb7mb9PhMARUjft+DhPMuuZlz8e
gqVrbmFlCPca/xJwNi0PFOkEJe0MbfD0ryRQJ43XeyW3jB0TRWJOwCerXkNXqduR
zkVIug1YrU54UVL/lIydUREUSCdojA9UdIGjVWtxaTzE4/Ih90S7bYwQ/Th3Yt5B
LXTJRy1ptq+gsYyfxpMCSaFaZUij5/uBPIk0XJ/Dz6yULgnqzT5znR0tFwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFB9Vln6iP22H9pMJg8S2wKWaPyg6MB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvSDFXV2ZxSV9iWWYya3dtRHhMYkFwWm9fS0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEBE5v4AME
AlZp7AMEAlkjqAMEAlkt1AMEAFvnPgMEAYBByAMEAYBBzAMEAob/qDAMAwQGuVXA
AwQAuVXCAwQBwxwIAwQBw9IoAwQBw+EoAwQBw+5QAwQE1eHwMA0EAgACMAcDBQMq
AEBgMA0GCSqGSIb3DQEBCwUAA4IBAQAaAn10qsRqDGkkASJf9gskZseffAmwznk5
oov3tkT3y/2yKqWrBwMOtk2+mAyaQy3hmkBRLnO50cJVRYpPF4RZ7HeJLGk26OVS
n1cOJSFXMfBQoWjCVlbymFhaxg9mTnYMlvSZJC7hfA4hOh2bdSw2JMFWbmxwN+9V
MOvVUot7TOMMd1weHQBIb+HUpmo8L4TMkueYLU3LSXYiiis2hEKrld/LGobVQzTe
HME5it+9bKnMDRbw2TvBChNR98PgBIdTjj5/rTPp1moGXiEMk4ReG0OZSIGhzAh2
SJOqBmc2sZ0aedu4DAQ/jIv58BANmjtCo6r+S8/h/8Rz8iJs+w5H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org