Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/1hCGbBdEzWh9NQSlJMyp5sk43TY.roa
File: 1hCGbBdEzWh9NQSlJMyp5sk43TY.roa (raw, json)
Hash identifier: Fo5nMolysky43DOfV36uwAlmyPOKINMT1grbdM/p+MA=
Subject key identifier: D6:10:86:6C:17:44:CD:68:7D:35:04:A5:24:CC:A9:E6:C9:38:DD:36
Certificate issuer: /CN=53585138107965c389f367b55abd792b531eb9ca
Certificate serial: 018AF4D2849D67175570797274C2E2C46353
Authority key identifier: 53:58:51:38:10:79:65:C3:89:F3:67:B5:5A:BD:79:2B:53:1E:B9:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1hROBB5ZcOJ82e1Wr15K1Meuco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/1hCGbBdEzWh9NQSlJMyp5sk43TY.roa
Signing time: Tue 03 Oct 2023 09:15:51 +0000
ROA not before: Tue 03 Oct 2023 09:15:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41369
IP address blocks: 94.199.112.0/21 maxlen: 24
93.191.120.0/21 maxlen: 24
195.60.252.0/22 maxlen: 24
80.242.16.0/20 maxlen: 24
185.87.244.0/22 maxlen: 24
185.145.172.0/22 maxlen: 24
77.240.16.0/23 maxlen: 24
89.250.48.0/20 maxlen: 24
79.171.224.0/21 maxlen: 24
77.240.24.0/21 maxlen: 24
5.250.160.0/21 maxlen: 24
2a00:f5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:d2:84:9d:67:17:55:70:79:72:74:c2:e2:c4:63:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53585138107965c389f367b55abd792b531eb9ca
Validity
Not Before: Oct 3 09:15:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d610866c1744cd687d3504a524cca9e6c938dd36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:34:bd:dc:75:b4:69:84:95:f3:34:89:48:73:
d6:f3:7c:2f:08:b8:6c:bc:64:27:65:17:7f:9f:5e:
88:4c:36:1e:6e:4e:cd:66:59:0b:08:7d:0a:37:f8:
3f:bd:8c:b7:d1:a3:f8:5a:5b:c6:ca:00:9f:b1:4e:
d4:e1:81:a3:c5:e1:f6:b9:4b:28:18:b7:07:af:2d:
1f:f4:1e:81:dc:81:b5:18:a1:76:51:87:b4:ee:2b:
58:24:a6:6e:36:5f:29:73:cf:cb:a8:10:22:9b:f5:
ff:1f:9f:9f:d0:37:fa:b4:56:35:0a:90:60:9d:9b:
33:2d:17:19:a6:f0:a6:de:dc:e0:22:90:79:15:87:
c1:4b:fd:01:47:9b:ff:01:ba:5f:6c:e0:00:7d:c4:
3e:9c:fa:dc:89:f8:56:8d:8b:17:36:91:45:23:60:
f5:0b:94:f6:9d:d8:4d:0e:c6:e8:83:90:da:e6:cf:
2e:c6:40:b8:f9:da:25:8c:88:3a:2e:c1:b9:00:62:
38:49:5c:e2:de:a4:c5:a9:fe:2e:22:f6:ac:71:93:
fc:aa:a0:f1:20:a8:77:5c:39:2c:f1:1d:f7:02:85:
35:00:92:34:49:64:c9:cd:0c:33:e2:20:93:2a:5a:
83:6f:f9:e0:55:2a:11:31:19:3c:7a:23:d7:5d:92:
e1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:10:86:6C:17:44:CD:68:7D:35:04:A5:24:CC:A9:E6:C9:38:DD:36
X509v3 Authority Key Identifier:
keyid:53:58:51:38:10:79:65:C3:89:F3:67:B5:5A:BD:79:2B:53:1E:B9:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1hROBB5ZcOJ82e1Wr15K1Meuco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/1hCGbBdEzWh9NQSlJMyp5sk43TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/U1hROBB5ZcOJ82e1Wr15K1Meuco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.160.0/21
77.240.16.0/23
77.240.24.0/21
79.171.224.0/21
80.242.16.0/20
89.250.48.0/20
93.191.120.0/21
94.199.112.0/21
185.87.244.0/22
185.145.172.0/22
195.60.252.0/22
IPv6:
2a00:f5c0::/32
Signature Algorithm: sha256WithRSAEncryption
3b:f3:8b:17:bf:2b:71:63:93:3c:2a:ff:8f:71:97:d8:4e:f4:
2e:37:28:05:54:16:1c:ea:be:fd:b6:04:06:65:bc:10:8d:2d:
0e:c2:e3:97:05:dc:8c:23:fd:47:cf:b1:00:6f:71:ff:7f:87:
9c:cf:86:f3:e0:56:6a:20:f0:c9:2c:aa:59:34:0c:f1:2b:79:
c2:c4:fd:33:26:46:d1:db:a4:59:b5:60:e7:83:51:5b:e0:42:
26:9d:f0:8d:47:46:b7:60:9b:0d:d5:86:79:82:0d:98:24:36:
7f:fa:90:b3:fa:f3:35:45:3e:a8:d2:2b:59:65:2a:3d:df:f8:
19:28:f2:46:94:a1:08:55:59:31:c6:cd:42:16:5f:b4:e1:06:
dc:8a:09:d0:1c:16:68:48:b0:67:8f:7c:9a:e9:da:88:90:e6:
c2:13:49:4d:c2:0d:db:14:01:65:8b:ec:bf:61:56:34:77:ce:
13:ec:c8:2a:2c:01:1b:ee:c4:81:35:0c:2f:11:59:c2:02:3b:
19:b4:f9:36:91:f9:dc:4a:f2:7c:52:46:27:25:09:af:18:ac:
12:ce:a9:72:88:fc:a9:fd:22:47:2b:1d:eb:f7:2c:f5:ad:3e:
bf:9e:b1:30:f9:89:c5:ff:ed:a3:15:d2:2f:6f:20:ae:c7:88:
38:fd:b6:90
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYr00oSdZxdVcHlydMLixGNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTg1MTM4MTA3OTY1YzM4OWYzNjdiNTVhYmQ3OTJiNTMx
ZWI5Y2EwHhcNMjMxMDAzMDkxNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjEwODY2YzE3NDRjZDY4N2QzNTA0YTUyNGNjYTllNmM5MzhkZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDS93HW0aYSV8zSJSHPW83wvCLhs
vGQnZRd/n16ITDYebk7NZlkLCH0KN/g/vYy30aP4WlvGygCfsU7U4YGjxeH2uUso
GLcHry0f9B6B3IG1GKF2UYe07itYJKZuNl8pc8/LqBAim/X/H5+f0Df6tFY1CpBg
nZszLRcZpvCm3tzgIpB5FYfBS/0BR5v/AbpfbOAAfcQ+nPrcifhWjYsXNpFFI2D1
C5T2ndhNDsbog5Da5s8uxkC4+doljIg6LsG5AGI4SVzi3qTFqf4uIvascZP8qqDx
IKh3XDks8R33AoU1AJI0SWTJzQwz4iCTKlqDb/ngVSoRMRk8eiPXXZLhcQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFNYQhmwXRM1ofTUEpSTMqebJON02MB8GA1UdIwQY
MBaAFFNYUTgQeWXDifNntVq9eStTHrnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFoUk9CQjVaY09KODJlMVdyMTVLMU1ldWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NzY0NWYtM2NkMC00YjM2LThjNTMt
MTg1MGZmZjA0NDI1LzEvMWhDR2JCZEV6V2g5TlFTbEpNeXA1c2s0M1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NzY0NWYtM2NkMC00YjM2LThjNTMtMTg1MGZmZjA0NDI1
LzEvVTFoUk9CQjVaY09KODJlMVdyMTVLMU1ldWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBfqgAwQB
TfAQAwQDTfAYAwQDT6vgAwQEUPIQAwQEWfowAwQDXb94AwQDXsdwAwQCuVf0AwQC
uZGsAwQCwzz8MA0EAgACMAcDBQAqAPXAMA0GCSqGSIb3DQEBCwUAA4IBAQA784sX
vytxY5M8Kv+PcZfYTvQuNygFVBYc6r79tgQGZbwQjS0OwuOXBdyMI/1Hz7EAb3H/
f4ecz4bz4FZqIPDJLKpZNAzxK3nCxP0zJkbR26RZtWDng1Fb4EImnfCNR0a3YJsN
1YZ5gg2YJDZ/+pCz+vM1RT6o0itZZSo93/gZKPJGlKEIVVkxxs1CFl+04QbcignQ
HBZoSLBnj3ya6dqIkObCE0lNwg3bFAFli+y/YVY0d84T7MgqLAEb7sSBNQwvEVnC
AjsZtPk2kfncSvJ8UkYnJQmvGKwSzqlyiPyp/SJHKx3r9yz1rT6/nrEw+YnF/+2j
FdIvbyCux4g4/baQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:30 2024 by rpki-client on console-fra.rpki-client.org