Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n4TULZcCQWSqK61WqDZAvTU1Dlc.roa
File: n4TULZcCQWSqK61WqDZAvTU1Dlc.roa (raw, json)
Hash identifier: 8bYrM1aa9v/wMgwB7OjDOYS/9DI5f0gzrBjGSzV4O9g=
Subject key identifier: 9F:84:D4:2D:97:02:41:64:AA:2B:AD:56:A8:36:40:BD:35:35:0E:57
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D7A8AD5C1855E9CB22A266256C4A7D22D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n4TULZcCQWSqK61WqDZAvTU1Dlc.roa
Signing time: Mon 05 Feb 2024 18:32:15 +0000
ROA not before: Mon 05 Feb 2024 18:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 15:28:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:8a:d5:c1:85:5e:9c:b2:2a:26:62:56:c4:a7:d2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 5 18:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f84d42d97024164aa2bad56a83640bd35350e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8f:0a:a3:9b:8a:41:3d:22:49:cb:f5:de:ba:
04:15:58:cf:00:a2:b5:79:ec:c3:8c:08:4a:e8:56:
f9:b5:4a:13:4e:8f:33:09:b2:8f:f1:56:8b:c4:20:
cd:35:28:6d:7a:48:98:44:e6:70:e1:89:6c:a4:54:
11:94:48:0d:ed:a0:99:9c:6a:bf:e3:d3:7d:4e:53:
56:4c:fe:e7:06:4d:fc:54:ef:71:e3:d9:88:fb:2d:
86:e0:73:01:15:ae:5f:b8:53:14:16:33:33:12:b8:
8b:20:c9:31:e4:ad:1d:d4:8c:0b:6c:e5:a1:42:0d:
73:04:e4:37:80:39:42:31:56:8c:1d:54:7e:9c:9e:
19:cf:3b:a7:0a:e0:a1:4e:5a:6f:74:c2:45:c7:26:
e1:22:e2:b8:5d:3e:64:5c:6d:d8:e2:06:c2:1a:07:
48:7e:b2:bc:9a:d6:d0:29:10:12:27:d8:c0:d6:2f:
8c:35:af:39:65:f3:0f:3f:3b:58:c0:c0:a8:9e:f8:
1e:ff:1b:30:8d:96:c3:26:f8:74:68:a3:27:0f:36:
0f:ed:81:97:16:41:9c:60:a7:66:57:40:9a:ff:0d:
ed:98:06:d2:bd:2a:a2:85:72:1c:5d:9d:53:7d:75:
2a:79:ed:ed:1b:15:94:d2:3e:0d:72:aa:6b:d3:8b:
5a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:84:D4:2D:97:02:41:64:AA:2B:AD:56:A8:36:40:BD:35:35:0E:57
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/n4TULZcCQWSqK61WqDZAvTU1Dlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.164.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:bd:2c:82:e7:4e:f0:49:c4:34:a9:8c:80:0f:79:c7:89:67:
b0:eb:4c:77:72:6b:a3:08:90:cf:62:4c:66:af:4d:41:14:a4:
82:aa:1d:c1:ea:06:99:44:df:76:32:e0:93:3c:66:f2:79:b3:
ea:c6:3e:d1:4f:f0:30:9c:6d:39:ce:e7:92:29:ec:81:38:cf:
a0:27:e5:8f:02:8b:0b:a6:62:a7:03:50:5a:e1:ce:21:5c:96:
72:75:29:8a:a9:c6:b5:52:69:29:fb:55:eb:00:47:c0:dc:08:
f3:67:81:91:d1:18:eb:54:a8:bd:d2:67:c8:39:c5:49:d4:66:
19:eb:6b:08:9c:6e:83:19:8b:31:16:ca:be:7d:6a:fe:23:e3:
fb:93:65:42:27:78:7d:7b:ca:8c:d3:1b:e5:8d:a9:50:9f:30:
47:a9:72:4f:3c:07:9f:66:f0:57:97:35:76:12:05:8f:63:fd:
10:d7:15:e7:72:53:f4:2b:13:bd:b5:7a:f1:c4:0f:1d:dc:de:
d2:82:ae:a2:0e:ca:8b:48:39:ae:54:4a:59:8c:78:1d:b4:3f:
47:51:4d:f5:3e:40:88:03:4d:30:e0:16:ea:f6:0c:03:69:6d:
7b:85:12:6a:f2:06:48:05:b0:2a:0d:1f:fc:e8:20:eb:ac:16:
3f:dd:78:f2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY16itXBhV6csiomYlbEp9ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMjA1MTgzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg0ZDQyZDk3MDI0MTY0YWEyYmFkNTZhODM2NDBiZDM1MzUwZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn48Ko5uKQT0iScv13roEFVjPAKK1
eezDjAhK6Fb5tUoTTo8zCbKP8VaLxCDNNShtekiYROZw4YlspFQRlEgN7aCZnGq/
49N9TlNWTP7nBk38VO9x49mI+y2G4HMBFa5fuFMUFjMzEriLIMkx5K0d1IwLbOWh
Qg1zBOQ3gDlCMVaMHVR+nJ4ZzzunCuChTlpvdMJFxybhIuK4XT5kXG3Y4gbCGgdI
frK8mtbQKRASJ9jA1i+MNa85ZfMPPztYwMConvge/xswjZbDJvh0aKMnDzYP7YGX
FkGcYKdmV0Ca/w3tmAbSvSqihXIcXZ1TfXUqee3tGxWU0j4Ncqpr04ta1QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ+E1C2XAkFkqiutVqg2QL01NQ5XMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbjRUVUxaY0NRV1NxSzYxV3FEWkF2VFUxRGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuWdkAwQB
welKAwQAwelQAwQAwemkAwQBwen8MA0GCSqGSIb3DQEBCwUAA4IBAQB6vSyC507w
ScQ0qYyAD3nHiWew60x3cmujCJDPYkxmr01BFKSCqh3B6gaZRN92MuCTPGbyebPq
xj7RT/AwnG05zueSKeyBOM+gJ+WPAosLpmKnA1Ba4c4hXJZydSmKqca1Umkp+1Xr
AEfA3AjzZ4GR0RjrVKi90mfIOcVJ1GYZ62sInG6DGYsxFsq+fWr+I+P7k2VCJ3h9
e8qM0xvljalQnzBHqXJPPAefZvBXlzV2EgWPY/0Q1xXnclP0KxO9tXrxxA8d3N7S
gq6iDsqLSDmuVEpZjHgdtD9HUU31PkCIA00w4Bbq9gwDaW17hRJq8gZIBbAqDR/8
6CDrrBY/3Xjy
-----END CERTIFICATE-----
Generated at Sat Feb 10 18:06:03 2024 by rpki-client on console-fra.rpki-client.org