Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/fC4cItwQbXXgQvbmYERfgKyzR68.roa
File: fC4cItwQbXXgQvbmYERfgKyzR68.roa (raw, json)
Hash identifier: zBu8VRCa2MtgF40cqtkKQQwb/v65ehy7xMur9S7m9Pw=
Subject key identifier: 7C:2E:1C:22:DC:10:6D:75:E0:42:F6:E6:60:44:5F:80:AC:B3:47:AF
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018CA166DDBBFB282F16FBCE37DC67423848
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/fC4cItwQbXXgQvbmYERfgKyzR68.roa
Signing time: Mon 25 Dec 2023 14:35:22 +0000
ROA not before: Mon 25 Dec 2023 14:35:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208258
IP address blocks: 185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
195.88.226.0/24 maxlen: 24
195.88.227.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
45.130.53.0/24 maxlen: 24
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 27 Dec 2023 10:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:66:dd:bb:fb:28:2f:16:fb:ce:37:dc:67:42:38:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Dec 25 14:35:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c2e1c22dc106d75e042f6e660445f80acb347af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:ac:db:1c:99:95:1e:6c:e6:be:04:67:27:
7b:23:74:cc:eb:eb:8b:bf:f4:ed:d4:8b:24:12:1b:
8f:ab:34:27:5b:fc:8a:ae:ab:d2:26:e3:25:d5:47:
a1:57:dd:02:01:10:1f:a3:e8:c7:85:58:97:d8:ff:
b8:2e:dc:b0:53:26:72:a3:5d:3c:b5:d4:b9:da:84:
ae:de:b8:fd:6d:86:9c:58:49:1f:9a:5e:ab:7e:5c:
bc:0a:22:4b:50:c4:0e:4c:cc:33:a2:44:9d:14:53:
4b:23:27:15:7e:d9:12:f9:ce:d0:5f:aa:29:90:26:
94:97:b0:f1:70:41:c9:94:f4:66:0a:f7:4b:dd:31:
47:2f:55:38:29:6c:8b:5a:86:ec:69:67:af:a4:43:
5b:61:56:0c:a5:c4:1a:dd:a8:67:1f:fb:74:39:7c:
4d:65:db:19:22:57:82:e3:53:81:16:6e:94:5a:02:
c4:3f:b3:b4:97:15:da:42:3d:21:e9:dd:2c:7d:e1:
2a:1e:9f:ba:9f:d5:93:f0:d0:fe:3d:43:09:34:2c:
b3:21:ad:f7:87:0a:9a:7f:0b:84:9b:91:86:c6:a1:
50:a0:df:ac:af:04:fb:22:34:a8:b8:2f:8b:38:f5:
82:ac:56:e3:12:77:dd:f8:ee:ad:5a:bd:df:db:ef:
85:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2E:1C:22:DC:10:6D:75:E0:42:F6:E6:60:44:5F:80:AC:B3:47:AF
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/fC4cItwQbXXgQvbmYERfgKyzR68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.53.0/24
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
6f:52:18:8b:aa:3a:74:d5:14:fa:d8:55:1a:b4:70:d4:53:f8:
9a:f7:e1:45:f2:64:0a:47:0f:7a:67:0c:44:a3:2a:83:b6:ee:
46:34:3c:2d:de:3c:e5:9b:36:14:52:94:ed:d3:a6:99:79:b8:
7f:6c:99:4d:52:b7:01:ac:4f:d2:e7:96:95:ab:c0:ca:2a:81:
2f:9d:77:62:01:81:38:b9:03:9e:34:fe:2a:de:52:95:89:a3:
f3:f5:80:b7:5d:e2:1d:08:d3:1c:e3:8b:a8:33:ad:26:0f:32:
b0:f0:64:b4:39:73:7f:4d:95:55:0e:04:7d:0b:d0:8d:7c:e5:
c3:4c:ac:19:99:f5:71:0d:82:0a:07:6c:15:d4:21:79:31:03:
ed:4f:8f:ee:12:d7:0f:9a:3b:28:c8:06:e0:ae:07:33:76:8f:
f7:57:41:c5:da:d5:6d:81:8f:11:21:bb:4e:ec:10:b0:c4:04:
2e:73:ef:81:34:72:1a:11:b3:15:87:9c:b7:f5:24:97:7c:42:
cb:64:fd:73:6c:3d:dc:99:e1:5d:a6:23:64:52:bc:e7:56:2c:
40:b5:22:15:f6:e6:40:07:52:fa:fe:27:d1:20:fa:1d:12:97:
8d:70:62:e2:8b:6e:2d:60:6d:3c:dd:4a:a8:db:9c:e3:82:92:
0a:b4:6c:d8
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYyhZt27+ygvFvvON9xnQjhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMxMjI1MTQzNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJlMWMyMmRjMTA2ZDc1ZTA0MmY2ZTY2MDQ0NWY4MGFjYjM0N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Yms2xyZlR5s5r4EZyd7I3TM6+uL
v/Tt1IskEhuPqzQnW/yKrqvSJuMl1UehV90CARAfo+jHhViX2P+4LtywUyZyo108
tdS52oSu3rj9bYacWEkfml6rfly8CiJLUMQOTMwzokSdFFNLIycVftkS+c7QX6op
kCaUl7DxcEHJlPRmCvdL3TFHL1U4KWyLWobsaWevpENbYVYMpcQa3ahnH/t0OXxN
ZdsZIleC41OBFm6UWgLEP7O0lxXaQj0h6d0sfeEqHp+6n9WT8ND+PUMJNCyzIa33
hwqafwuEm5GGxqFQoN+srwT7IjSouC+LOPWCrFbjEnfd+O6tWr3f2++FEwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFHwuHCLcEG114EL25mBEX4Css0evMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvZkM0Y0l0d1FiWFhnUXZibVlFUmZnS3l6UjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DBSBAIAATBMAwQALYI1
MAwDBAItkPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEArnQ0AMEALnjUgMEALnkUwME
AbnzcAMEAMKSMAMEAcMaBgMEAcNY4jCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAA
CTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxA
ACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAA
EgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEAb1IYi6o6dNUU+thVGrRw1FP4
mvfhRfJkCkcPemcMRKMqg7buRjQ8Ld485Zs2FFKU7dOmmXm4f2yZTVK3AaxP0ueW
lavAyiqBL513YgGBOLkDnjT+Kt5SlYmj8/WAt13iHQjTHOOLqDOtJg8ysPBktDlz
f02VVQ4EfQvQjXzlw0ysGZn1cQ2CCgdsFdQheTED7U+P7hLXD5o7KMgG4K4HM3aP
91dBxdrVbYGPESG7TuwQsMQELnPvgTRyGhGzFYect/Ukl3xCy2T9c2w93JnhXaYj
ZFK851YsQLUiFfbmQAdS+v4n0SD6HRKXjXBi4otuLWBtPN1KqNuc44KSCrRs2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org