Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/h88rQjOXz-BC6HTuqP2rjD9UzeA.roa
File: h88rQjOXz-BC6HTuqP2rjD9UzeA.roa (raw, json)
Hash identifier: KeWuCsQto6fnkeLRhH2O2vS9+A8t4R/F+U+RpaoG5og=
Subject key identifier: 87:CF:2B:42:33:97:CF:E0:42:E8:74:EE:A8:FD:AB:8C:3F:54:CD:E0
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 018570676A342B36CD6C58D4BE9B21169ABB
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/h88rQjOXz-BC6HTuqP2rjD9UzeA.roa
Signing time: Mon 02 Jan 2023 02:55:03 +0000
ROA not before: Mon 02 Jan 2023 02:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208258
IP address blocks: 185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
45.140.10.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
193.109.137.0/24 maxlen: 24
45.144.244.0/23 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 11 Jan 2023 11:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:6a:34:2b:36:cd:6c:58:d4:be:9b:21:16:9a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jan 2 02:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87cf2b423397cfe042e874eea8fdab8c3f54cde0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:db:86:42:f8:2f:82:23:7d:08:9f:29:7a:f3:
2a:46:84:19:be:c8:56:6d:d5:5b:17:f2:f7:a4:8b:
4a:bc:bc:d7:de:15:e2:c7:9b:d1:6f:2e:99:9f:30:
e2:4a:50:65:90:5b:11:9f:f6:04:f5:51:ff:7e:b0:
f2:49:da:ff:f5:7c:c2:3e:27:6e:96:95:1c:e8:af:
92:1c:79:fe:4c:0e:95:85:26:c8:e8:ae:66:0c:94:
7d:f5:de:0c:88:a3:ee:0e:a9:97:bc:f4:0d:a8:09:
49:ab:24:66:dc:b5:0e:ba:ef:38:f0:8c:df:37:7e:
3a:78:e6:e2:1a:8e:e4:eb:9f:2c:ba:fe:4e:02:bf:
0c:95:7a:a4:39:bb:ee:31:f9:09:66:af:11:03:ae:
8c:5e:d5:4c:49:53:ee:a7:c1:7e:3c:67:f2:8c:2c:
cb:5c:d2:71:6c:f0:50:ae:0f:7c:53:f6:41:df:d6:
71:2b:83:c8:86:2d:65:8d:a0:98:24:03:e1:c0:6f:
91:6d:f1:35:5f:be:f8:45:aa:51:4b:08:46:b2:c4:
2a:f2:d9:9c:55:4d:42:4c:06:6e:54:b8:d0:cf:30:
ad:ce:98:95:f0:46:59:22:ec:c6:9a:c2:a0:21:cc:
63:f1:1d:fb:99:bf:3b:64:a8:88:05:c6:2b:d6:44:
af:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CF:2B:42:33:97:CF:E0:42:E8:74:EE:A8:FD:AB:8C:3F:54:CD:E0
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/h88rQjOXz-BC6HTuqP2rjD9UzeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.10.0/24
45.144.244.0/23
45.151.156.0-45.151.158.255
185.208.208.0-185.208.210.255
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
193.109.137.0/24
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
1f:84:cd:a6:e3:d7:fd:2f:03:06:d7:34:38:60:6d:9d:bf:65:
53:7b:18:e7:89:87:20:d6:de:41:c2:ab:6b:85:27:15:af:e2:
6a:2f:f4:0b:c1:1f:df:29:6d:11:06:9d:a9:a0:39:50:2c:9d:
db:48:62:ff:7d:8d:13:3e:c9:a6:47:63:48:68:5a:ee:b5:8e:
3b:c2:46:ce:54:93:98:54:69:d9:1b:36:45:04:c4:b5:f7:e1:
a3:37:df:db:04:8c:e7:c0:c2:72:15:69:1b:cf:fe:0e:dd:dc:
33:40:5d:90:4b:45:74:60:70:78:79:9f:f4:37:11:78:5f:a2:
bc:98:ea:b8:e6:27:ce:b0:d7:79:0a:fa:65:79:d1:85:e2:e5:
1f:3e:d1:95:f1:d4:fe:3c:01:49:1a:f7:29:94:6b:3b:f8:87:
f4:fc:02:5d:5b:11:11:ac:45:af:05:e1:aa:cb:6c:57:27:63:
aa:9e:a7:34:89:5f:49:5a:1d:ad:86:79:1c:24:6f:8d:f3:bc:
2b:49:70:dd:16:b1:c5:87:c6:fd:e0:be:38:c3:7d:d2:72:dc:
71:96:54:7d:1e:07:39:56:b7:6c:1c:58:ae:87:0d:23:3e:8d:
23:70:a9:d4:66:d5:aa:d1:44:3e:20:36:00:cb:46:b5:e8:a0:
d8:04:22:95
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAYVwZ2o0KzbNbFjUvpshFpq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAyMDI1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2NmMmI0MjMzOTdjZmUwNDJlODc0ZWVhOGZkYWI4YzNmNTRjZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtuGQvgvgiN9CJ8pevMqRoQZvshW
bdVbF/L3pItKvLzX3hXix5vRby6ZnzDiSlBlkFsRn/YE9VH/frDySdr/9XzCPidu
lpUc6K+SHHn+TA6VhSbI6K5mDJR99d4MiKPuDqmXvPQNqAlJqyRm3LUOuu848Izf
N346eObiGo7k658suv5OAr8MlXqkObvuMfkJZq8RA66MXtVMSVPup8F+PGfyjCzL
XNJxbPBQrg98U/ZB39ZxK4PIhi1ljaCYJAPhwG+RbfE1X774RapRSwhGssQq8tmc
VU1CTAZuVLjQzzCtzpiV8EZZIuzGmsKgIcxj8R37mb87ZKiIBcYr1kSvswIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFIfPK0Izl8/gQuh07qj9q4w/VM3gMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvaDg4clFqT1h6LUJDNkhUdXFQMnJqRDlVemVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DBSBAIAATBMAwQALYwK
AwQBLZD0MAwDBAItl5wDBAAtl54wDAMEBLnQ0AMEALnQ0gMEALnjUgMEALnkUwME
AbnzcAMEAMFtiQMEAMKSMAMEAcMaBjCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAA
CTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxA
ACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAA
EgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEAH4TNpuPX/S8DBtc0OGBtnb9l
U3sY54mHINbeQcKra4UnFa/iai/0C8Ef3yltEQadqaA5UCyd20hi/32NEz7Jpkdj
SGha7rWOO8JGzlSTmFRp2Rs2RQTEtffhozff2wSM58DCchVpG8/+Dt3cM0BdkEtF
dGBweHmf9DcReF+ivJjquOYnzrDXeQr6ZXnRheLlHz7RlfHU/jwBSRr3KZRrO/iH
9PwCXVsREaxFrwXhqstsVydjqp6nNIlfSVodrYZ5HCRvjfO8K0lw3RaxxYfG/eC+
OMN90nLccZZUfR4HOVa3bBxYrocNIz6NI3Cp1GbVqtFEPiA2AMtGteig2AQilQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:17 2024 by rpki-client on console-ams.rpki-client.org