Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bS0fPhwYuv0ELMLR9-lUwchfS4A.roa
File: bS0fPhwYuv0ELMLR9-lUwchfS4A.roa (raw, json)
Hash identifier: li7olV31uPUM9HJHjfbmgKoKJQbjIJLt3ox5Dwb3A5Q=
Subject key identifier: 6D:2D:1F:3E:1C:18:BA:FD:04:2C:C2:D1:F7:E9:54:C1:C8:5F:4B:80
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D93A22D775F24DFCD5CDAA1B4C9446373
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bS0fPhwYuv0ELMLR9-lUwchfS4A.roa
Signing time: Sat 10 Feb 2024 15:28:15 +0000
ROA not before: Sat 10 Feb 2024 15:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.66.0/24 maxlen: 24
147.45.67.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 08:26:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:93:a2:2d:77:5f:24:df:cd:5c:da:a1:b4:c9:44:63:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 10 15:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d2d1f3e1c18bafd042cc2d1f7e954c1c85f4b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9d:e6:08:a4:d9:e1:94:5d:a9:e3:2d:85:64:
74:56:55:30:8b:73:4a:10:09:45:c8:d2:17:76:40:
5d:07:e2:5f:3e:2b:80:ba:8b:5c:15:13:e5:9c:f5:
d7:e5:32:b4:5a:6c:b6:a1:0a:a7:f7:77:c8:f2:27:
04:e3:33:50:30:b7:62:be:d5:8e:3f:f6:3a:81:45:
52:45:46:fa:15:c9:79:72:e9:cd:d7:46:13:89:62:
1a:d0:3c:17:fa:47:5f:6e:ed:d8:ed:74:a2:7f:e2:
c2:3c:41:92:13:26:9e:0e:0c:b0:36:94:89:9c:59:
ed:7b:02:a8:e2:19:1b:bb:08:6a:77:68:1f:af:7d:
59:16:6b:f1:79:4f:7f:95:b8:82:b8:83:10:ca:be:
58:4a:5e:46:e6:78:22:dd:ca:5a:a5:59:ef:70:e4:
d3:64:28:20:77:96:c1:98:b5:f0:e3:4e:ea:c7:b5:
71:ee:0c:41:a9:a5:c5:35:0d:5d:16:5b:0d:eb:e4:
bc:75:e6:d8:b2:59:43:72:cc:9e:b9:2c:b2:2b:c0:
bf:32:f0:a2:16:be:74:c4:51:39:a7:53:43:9a:0a:
2d:e3:f8:24:a8:1f:fc:2b:f6:1d:06:c9:21:70:37:
86:69:45:89:db:56:f1:3b:20:b3:25:a1:42:db:6c:
05:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:2D:1F:3E:1C:18:BA:FD:04:2C:C2:D1:F7:E9:54:C1:C8:5F:4B:80
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/bS0fPhwYuv0ELMLR9-lUwchfS4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.66.0/23
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.164.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:da:9e:60:f3:22:d0:4e:01:d0:9e:58:fc:ff:fa:f2:35:90:
49:1b:21:a0:7a:3e:aa:05:84:5e:9b:21:c2:15:32:62:02:e5:
bd:b2:c7:7b:02:61:5d:70:7e:da:e2:c8:cd:21:53:9d:8e:be:
e0:7f:cc:8b:7a:97:70:7b:9f:2b:9a:d3:85:50:53:1d:28:f1:
65:f3:10:2d:6c:7a:41:9c:2e:15:c5:57:fe:99:1a:44:22:4f:
2f:4a:79:35:1b:70:54:61:c3:b0:0e:68:71:7e:8a:00:fe:b8:
dd:91:8f:34:64:a8:05:c9:3a:f3:b9:d2:e7:e7:55:71:73:97:
5a:85:6d:4a:50:1d:36:54:1f:93:85:61:1d:7a:1b:bf:45:17:
53:a4:2b:41:4c:43:d8:e0:cd:e1:b5:e5:b2:54:05:2e:88:4b:
f8:af:d7:67:4d:53:3b:63:36:87:93:61:45:2d:ae:52:d3:03:
6d:a1:7b:cb:d7:5c:12:99:b1:22:bb:0b:ed:b7:27:41:47:1c:
a1:c7:cb:c4:5a:0b:19:9a:63:10:ca:30:9b:d7:54:9c:fa:21:
34:f5:6b:1d:c3:df:13:63:e8:08:33:5c:a4:b3:b8:c2:44:4f:
9d:f3:b6:78:17:b6:9d:f7:40:7d:60:0b:27:6c:55:fe:c6:37:
9c:1d:8e:12
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY2Toi13XyTfzVzaobTJRGNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjEwMTUyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDJkMWYzZTFjMThiYWZkMDQyY2MyZDFmN2U5NTRjMWM4NWY0YjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs53mCKTZ4ZRdqeMthWR0VlUwi3NK
EAlFyNIXdkBdB+JfPiuAuotcFRPlnPXX5TK0Wmy2oQqn93fI8icE4zNQMLdivtWO
P/Y6gUVSRUb6Fcl5cunN10YTiWIa0DwX+kdfbu3Y7XSif+LCPEGSEyaeDgywNpSJ
nFntewKo4hkbuwhqd2gfr31ZFmvxeU9/lbiCuIMQyr5YSl5G5ngi3cpapVnvcOTT
ZCggd5bBmLXw407qx7Vx7gxBqaXFNQ1dFlsN6+S8debYsllDcsyeuSyyK8C/MvCi
Fr50xFE5p1NDmgot4/gkqB/8K/YdBskhcDeGaUWJ21bxOyCzJaFC22wF1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG0tHz4cGLr9BCzC0ffpVMHIX0uAMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYlMwZlBod1l1djBFTE1MUjktbFV3Y2hmUzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBky1CAwQC
uWdkAwQBwelKAwQAwelQAwQAwemkAwQBwen8MA0GCSqGSIb3DQEBCwUAA4IBAQBN
2p5g8yLQTgHQnlj8//ryNZBJGyGgej6qBYRemyHCFTJiAuW9ssd7AmFdcH7a4sjN
IVOdjr7gf8yLepdwe58rmtOFUFMdKPFl8xAtbHpBnC4VxVf+mRpEIk8vSnk1G3BU
YcOwDmhxfooA/rjdkY80ZKgFyTrzudLn51Vxc5dahW1KUB02VB+ThWEdehu/RRdT
pCtBTEPY4M3hteWyVAUuiEv4r9dnTVM7YzaHk2FFLa5S0wNtoXvL11wSmbEiuwvt
tydBRxyhx8vEWgsZmmMQyjCb11Sc+iE09Wsdw98TY+gIM1yks7jCRE+d87Z4F7ad
90B9YAsnbFX+xjecHY4S
-----END CERTIFICATE-----
Generated at Wed Apr 3 11:52:07 2024 by rpki-client on console-fra.rpki-client.org