Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/t_tQUH_lHg-5pCproafS1JtnmHc.roa
File: t_tQUH_lHg-5pCproafS1JtnmHc.roa (raw, json)
Hash identifier: CaHIovQt8y2HwIDtBrL5ufPV0NoeK9rCPpwHAvw9EJI=
Subject key identifier: B7:FB:50:50:7F:E5:1E:0F:B9:A4:2A:6B:A1:A7:D2:D4:9B:67:98:77
Certificate issuer: /CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Certificate serial: 01858671F81C9ACC16B39C18C8FB21B0C45A
Authority key identifier: 2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/t_tQUH_lHg-5pCproafS1JtnmHc.roa
Signing time: Fri 06 Jan 2023 09:38:14 +0000
ROA not before: Fri 06 Jan 2023 09:38:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28787
IP address blocks: 188.253.224.0/21 maxlen: 21
194.135.152.0/23 maxlen: 23
188.253.128.0/19 maxlen: 19
194.135.154.0/23 maxlen: 23
194.135.166.0/23 maxlen: 23
194.135.168.0/23 maxlen: 23
194.135.170.0/24 maxlen: 24
194.135.171.0/24 maxlen: 24
194.135.172.0/24 maxlen: 24
194.135.173.0/24 maxlen: 24
194.135.174.0/24 maxlen: 24
194.135.176.0/24 maxlen: 24
194.135.177.0/24 maxlen: 24
194.135.178.0/24 maxlen: 24
194.135.179.0/24 maxlen: 24
188.253.232.0/21 maxlen: 21
188.253.254.0/24 maxlen: 24
188.253.255.0/24 maxlen: 24
37.61.0.0/17 maxlen: 17
185.30.88.0/23 maxlen: 23
185.30.90.0/23 maxlen: 23
217.64.16.0/20 maxlen: 20
217.64.16.0/24 maxlen: 24
37.61.77.0/24 maxlen: 24
213.154.0.0/19 maxlen: 19
81.17.80.0/20 maxlen: 20
81.17.82.0/24 maxlen: 24
37.61.56.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 24 Nov 2023 19:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:86:71:f8:1c:9a:cc:16:b3:9c:18:c8:fb:21:b0:c4:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b0be226230d4099ceea0a4a6cf4ed8b90201350
Validity
Not Before: Jan 6 09:38:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7fb50507fe51e0fb9a42a6ba1a7d2d49b679877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:55:6a:65:9e:24:35:85:79:04:b7:98:0d:a6:
7a:88:5b:c9:63:7b:9f:d2:93:1b:12:37:1c:6e:88:
2f:fb:16:25:b6:1d:22:60:f6:ec:62:dd:e8:19:ef:
bf:71:cb:d1:22:fb:68:e9:95:4d:4e:d8:da:45:10:
c0:8d:53:43:60:6d:d7:2e:fd:99:73:7a:c2:15:5d:
74:c1:b8:9a:2f:6d:5c:31:6c:f0:81:8f:0d:98:1f:
6d:20:a2:ca:f5:36:e6:0e:58:fe:a1:15:73:38:24:
93:79:ad:d4:5d:b7:60:f8:bb:9f:ba:34:26:02:cb:
dc:2e:72:81:18:c4:a9:50:ac:2e:ed:3f:f1:c5:3d:
fa:97:8d:79:d8:e8:77:82:bf:5f:a4:34:77:f3:5f:
88:cc:23:0f:f7:fb:b5:a5:d6:5f:3f:c6:e6:8f:df:
9e:52:df:cf:76:52:13:33:7f:1f:58:9d:4c:d0:75:
83:19:17:93:9f:de:54:83:38:2f:19:35:e0:8f:7c:
10:03:b8:ef:26:c5:22:3a:b7:5a:b5:29:f5:76:c8:
c7:bb:56:85:82:01:47:80:60:4a:e3:d4:db:17:df:
33:93:51:39:ff:bc:39:7b:48:8e:a3:c8:06:02:67:
2b:e5:27:3a:c8:cc:a0:6a:39:d9:a8:67:17:d9:7d:
f7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:FB:50:50:7F:E5:1E:0F:B9:A4:2A:6B:A1:A7:D2:D4:9B:67:98:77
X509v3 Authority Key Identifier:
keyid:2B:0B:E2:26:23:0D:40:99:CE:EA:0A:4A:6C:F4:ED:8B:90:20:13:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwviJiMNQJnO6gpKbPTti5AgE1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/t_tQUH_lHg-5pCproafS1JtnmHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/fce675-bf53-4787-93e7-81f566185b06/1/KwviJiMNQJnO6gpKbPTti5AgE1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.0.0/17
81.17.80.0/20
185.30.88.0/22
188.253.128.0/19
188.253.224.0/20
188.253.254.0/23
194.135.152.0/22
194.135.166.0-194.135.174.255
194.135.176.0/22
213.154.0.0/19
217.64.16.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:b2:fa:b2:38:c9:d5:18:31:2f:4d:e1:80:fa:ef:58:21:45:
12:fb:50:56:77:6f:49:ac:16:61:6c:a5:85:a2:cc:f0:3d:a3:
db:1a:27:65:b0:75:5f:19:74:ea:bb:be:8d:44:19:c9:6d:c3:
f1:86:f4:09:ef:99:df:8a:4b:16:df:d3:9a:01:19:03:fe:ab:
18:fa:c8:d0:1e:ba:d8:81:c3:6f:d5:f9:eb:6b:ea:8d:12:29:
ff:84:c7:31:96:d0:f1:1b:86:c2:0f:9c:5d:c0:e6:63:76:d0:
6a:9d:a4:7b:db:01:7a:af:a9:87:88:31:8a:20:e4:b0:cf:a2:
e0:3d:7e:94:5e:ba:f0:a7:ff:9e:87:13:1c:d9:32:e3:a7:81:
4b:93:e8:d3:56:8c:06:b2:3d:7b:9d:2b:59:50:14:20:ba:e1:
7e:9e:6c:8a:87:c2:72:5b:6c:bd:e1:39:24:6f:0a:4b:64:9e:
28:61:5e:ad:5c:75:25:a0:0d:af:1c:df:44:cb:1e:8f:04:8d:
cf:e6:9e:d1:12:12:9d:4c:84:db:2e:2b:ed:b5:2c:39:50:66:
d5:d8:6e:97:27:60:54:13:84:9e:e4:e6:e3:c8:90:79:d3:37:
18:27:25:a0:c6:4e:82:a3:18:f4:5d:91:2f:a3:4d:03:6a:20:
05:14:b4:d3
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYWGcfgcmswWs5wYyPshsMRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMGJlMjI2MjMwZDQwOTljZWVhMGE0YTZjZjRlZDhiOTAy
MDEzNTAwHhcNMjMwMTA2MDkzODE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2ZiNTA1MDdmZTUxZTBmYjlhNDJhNmJhMWE3ZDJkNDliNjc5ODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVVqZZ4kNYV5BLeYDaZ6iFvJY3uf
0pMbEjccbogv+xYlth0iYPbsYt3oGe+/ccvRIvto6ZVNTtjaRRDAjVNDYG3XLv2Z
c3rCFV10wbiaL21cMWzwgY8NmB9tIKLK9TbmDlj+oRVzOCSTea3UXbdg+LufujQm
AsvcLnKBGMSpUKwu7T/xxT36l4152Oh3gr9fpDR381+IzCMP9/u1pdZfP8bmj9+e
Ut/PdlITM38fWJ1M0HWDGReTn95UgzgvGTXgj3wQA7jvJsUiOrdatSn1dsjHu1aF
ggFHgGBK49TbF98zk1E5/7w5e0iOo8gGAmcr5Sc6yMygajnZqGcX2X330wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFLf7UFB/5R4PuaQqa6Gn0tSbZ5h3MB8GA1UdIwQY
MBaAFCsL4iYjDUCZzuoKSmz07YuQIBNQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTct
ODFmNTY2MTg1YjA2LzEvdF90UVVIX2xIZy01cENwcm9hZlMxSnRubUhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9mY2U2NzUtYmY1My00Nzg3LTkzZTctODFmNTY2MTg1YjA2
LzEvS3d2aUppTU5RSm5PNmdwS2JQVHRpNUFnRTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQHJT0AAwQE
URFQAwQCuR5YAwQFvP2AAwQEvP3gAwQBvP3+AwQCwoeYMAwDBAHCh6YDBADCh64D
BALCh7ADBAXVmgADBATZQBAwDQYJKoZIhvcNAQELBQADggEBAE6y+rI4ydUYMS9N
4YD671ghRRL7UFZ3b0msFmFspYWizPA9o9saJ2WwdV8ZdOq7vo1EGcltw/GG9Anv
md+KSxbf05oBGQP+qxj6yNAeutiBw2/V+etr6o0SKf+ExzGW0PEbhsIPnF3A5mN2
0GqdpHvbAXqvqYeIMYog5LDPouA9fpReuvCn/56HExzZMuOngUuT6NNWjAayPXud
K1lQFCC64X6ebIqHwnJbbL3hOSRvCktknihhXq1cdSWgDa8c30TLHo8Ejc/mntES
Ep1MhNsuK+21LDlQZtXYbpcnYFQThJ7k5uPIkHnTNxgnJaDGToKjGPRdkS+jTQNq
IAUUtNM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:11 2024 by rpki-client on console-ams.rpki-client.org