Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/IrgFHEm-Qw_lHAOE8JrPEd1kirQ.roa
File: IrgFHEm-Qw_lHAOE8JrPEd1kirQ.roa (raw, json)
Hash identifier: 4BZxXpmIsHZw57Ja0oYJfzDfamkdstCXyTgXK58sI90=
Subject key identifier: 22:B8:05:1C:49:BE:43:0F:E5:1C:03:84:F0:9A:CF:11:DD:64:8A:B4
Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial: 018C5892D20CA64F0EB4B75B360E5987785B
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/IrgFHEm-Qw_lHAOE8JrPEd1kirQ.roa
Signing time: Mon 11 Dec 2023 11:11:06 +0000
ROA not before: Mon 11 Dec 2023 11:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199541
IP address blocks: 193.221.181.0/24 maxlen: 24
193.58.31.0/24 maxlen: 24
193.221.170.0/24 maxlen: 24
192.70.89.0/24 maxlen: 24
192.70.90.0/24 maxlen: 24
193.221.2.0/24 maxlen: 24
153.98.83.0/24 maxlen: 24
147.196.0.0/16 maxlen: 16
153.98.105.0/24 maxlen: 24
153.98.100.0/24 maxlen: 24
153.98.106.0/24 maxlen: 24
153.98.108.0/24 maxlen: 24
153.98.107.0/24 maxlen: 24
153.98.110.0/24 maxlen: 24
153.98.109.0/24 maxlen: 24
153.98.111.0/24 maxlen: 24
153.98.113.0/24 maxlen: 24
193.58.19.0/24 maxlen: 24
193.58.21.0/24 maxlen: 24
193.221.14.0/24 maxlen: 24
192.93.20.0/22 maxlen: 22
153.98.37.0/24 maxlen: 24
153.98.36.0/24 maxlen: 24
153.98.68.0/24 maxlen: 24
153.98.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:58:92:d2:0c:a6:4f:0e:b4:b7:5b:36:0e:59:87:78:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Validity
Not Before: Dec 11 11:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22b8051c49be430fe51c0384f09acf11dd648ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c0:ca:f0:dc:47:b5:f9:76:ec:fa:98:ec:9a:
8d:63:b5:24:0f:a5:81:31:1c:e0:8b:d7:c2:d8:0b:
f1:5d:30:00:5d:18:2d:97:66:50:c4:3e:a6:ee:63:
e5:c8:5f:a2:34:bb:3a:4f:b5:44:4e:28:11:98:82:
0a:57:8e:3a:01:b7:89:0c:1e:4e:77:dd:ff:4c:03:
c9:cd:9a:83:96:65:ff:37:f8:a2:1b:50:fd:44:8a:
12:1a:7f:b0:96:9e:4c:21:b3:43:a4:ac:74:80:ea:
64:84:5e:84:61:dd:94:bf:e6:14:c9:eb:36:b0:c7:
92:d6:61:78:17:3b:c6:1e:8f:55:de:fb:5f:b0:5d:
4d:33:54:7a:dd:4d:b3:9d:ea:59:6b:b5:e3:7a:e6:
54:b7:2c:12:46:3a:a2:a1:59:3e:bb:1d:92:44:e7:
39:36:3e:7b:48:f5:f5:88:34:9e:92:45:96:10:a6:
c4:28:05:29:0b:cb:ff:5b:41:f4:fa:3f:ee:b3:83:
a6:3e:ce:42:ba:96:87:8c:e2:b5:a1:8a:fa:85:fa:
d7:22:28:22:00:98:04:22:fb:e8:d4:9b:8d:91:f9:
db:c9:99:79:72:b9:5d:29:66:5e:e5:81:59:df:e0:
75:4f:c7:42:19:b4:99:33:b9:9a:d1:37:83:f7:be:
f8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B8:05:1C:49:BE:43:0F:E5:1C:03:84:F0:9A:CF:11:DD:64:8A:B4
X509v3 Authority Key Identifier:
keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/IrgFHEm-Qw_lHAOE8JrPEd1kirQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.196.0.0/16
153.98.36.0/23
153.98.68.0/24
153.98.71.0/24
153.98.83.0/24
153.98.100.0/24
153.98.105.0-153.98.111.255
153.98.113.0/24
192.70.89.0-192.70.90.255
192.93.20.0/22
193.58.19.0/24
193.58.21.0/24
193.58.31.0/24
193.221.2.0/24
193.221.14.0/24
193.221.170.0/24
193.221.181.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:b6:32:21:9c:0a:b4:7e:f8:05:9b:ae:45:10:22:e2:4a:72:
5c:57:11:b3:5c:2f:fb:d3:69:cd:1c:62:4f:92:80:4e:b1:d3:
6f:41:d6:67:06:db:96:8f:ba:b0:27:47:07:83:45:b4:73:33:
3d:01:14:ec:73:f3:5e:f0:06:d3:2e:bc:87:f5:73:5a:26:0e:
6b:c5:94:89:a4:f7:a5:06:f7:44:c0:3a:b7:9b:28:bf:7c:3c:
26:31:2f:65:a0:a1:06:5c:de:f3:64:13:e4:92:0d:e2:e7:b6:
0a:8e:25:db:5e:f5:6e:c8:0b:0e:41:66:9d:c7:2b:6b:87:cc:
0d:86:06:14:93:dd:2a:bc:82:28:47:29:fd:e9:f0:88:78:0e:
14:73:ca:dc:89:f1:1d:45:46:46:75:f1:00:3b:31:a8:7c:34:
02:99:f4:5c:dc:7f:70:17:6f:71:93:c4:01:47:91:55:84:39:
f2:9f:78:af:23:43:af:81:02:22:be:82:ab:f1:5d:04:97:fe:
6f:80:78:ac:bd:b3:a8:0c:d2:28:d1:98:02:92:d0:0e:c0:e8:
dc:60:f4:24:6e:be:ac:62:1f:58:c1:d9:c3:d8:4d:51:e8:47:
63:c0:f3:59:4b:ee:b7:dd:63:91:1a:9e:fd:03:f0:e4:a5:87:
00:df:df:a2
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYxYktIMpk8OtLdbNg5Zh3hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjMxMjExMTExMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI4MDUxYzQ5YmU0MzBmZTUxYzAzODRmMDlhY2YxMWRkNjQ4YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8DK8NxHtfl27PqY7JqNY7UkD6WB
MRzgi9fC2AvxXTAAXRgtl2ZQxD6m7mPlyF+iNLs6T7VETigRmIIKV446AbeJDB5O
d93/TAPJzZqDlmX/N/iiG1D9RIoSGn+wlp5MIbNDpKx0gOpkhF6EYd2Uv+YUyes2
sMeS1mF4FzvGHo9V3vtfsF1NM1R63U2znepZa7XjeuZUtywSRjqioVk+ux2SROc5
Nj57SPX1iDSekkWWEKbEKAUpC8v/W0H0+j/us4OmPs5CupaHjOK1oYr6hfrXIigi
AJgEIvvo1JuNkfnbyZl5crldKWZe5YFZ3+B1T8dCGbSZM7ma0TeD9774fQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFCK4BRxJvkMP5RwDhPCazxHdZIq0MB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvSXJnRkhFbS1Rd19sSEFPRThKclBFZDFraXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wewQCAAEwdQMDAJPEAwQB
mWIkAwQAmWJEAwQAmWJHAwQAmWJTAwQAmWJkMAwDBACZYmkDBASZYmADBACZYnEw
DAMEAMBGWQMEAMBGWgMEAsBdFAMEAME6EwMEAME6FQMEAME6HwMEAMHdAgMEAMHd
DgMEAMHdqgMEAMHdtTANBgkqhkiG9w0BAQsFAAOCAQEAHbYyIZwKtH74BZuuRRAi
4kpyXFcRs1wv+9NpzRxiT5KATrHTb0HWZwbblo+6sCdHB4NFtHMzPQEU7HPzXvAG
0y68h/VzWiYOa8WUiaT3pQb3RMA6t5sov3w8JjEvZaChBlze82QT5JIN4ue2Co4l
2171bsgLDkFmnccra4fMDYYGFJPdKryCKEcp/enwiHgOFHPK3InxHUVGRnXxADsx
qHw0Apn0XNx/cBdvcZPEAUeRVYQ58p94ryNDr4ECIr6Cq/FdBJf+b4B4rL2zqAzS
KNGYApLQDsDo3GD0JG6+rGIfWMHZw9hNUehHY8DzWUvut91jkRqe/QPw5KWHAN/f
og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:39 2024 by rpki-client on console-fra.rpki-client.org