Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/u78rpWuxvD47BYhnqWk_HlgFcOE.roa
File: u78rpWuxvD47BYhnqWk_HlgFcOE.roa (raw, json)
Hash identifier: IUgfl2Ke79HA0ZYj4bIELjBh4f2qhpGyGila0Sp4pR8=
Subject key identifier: BB:BF:2B:A5:6B:B1:BC:3E:3B:05:88:67:A9:69:3F:1E:58:05:70:E1
Certificate issuer: /CN=0260b70a50adead39b709b590046c52e0cc6929b
Certificate serial: 0186A8A32CF1B6A5A72E5643D162B65BBECD
Authority key identifier: 02:60:B7:0A:50:AD:EA:D3:9B:70:9B:59:00:46:C5:2E:0C:C6:92:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AmC3ClCt6tObcJtZAEbFLgzGkps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/u78rpWuxvD47BYhnqWk_HlgFcOE.roa
Signing time: Fri 03 Mar 2023 18:01:51 +0000
ROA not before: Fri 03 Mar 2023 18:01:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200547
IP address blocks: 185.238.149.0/24 maxlen: 24
185.238.150.0/24 maxlen: 24
185.238.151.0/24 maxlen: 24
185.238.148.0/22 maxlen: 24
185.95.237.0/24 maxlen: 24
185.95.238.0/24 maxlen: 24
185.95.239.0/24 maxlen: 24
185.95.236.0/22 maxlen: 24
160.238.112.0/24 maxlen: 24
160.238.114.0/24 maxlen: 24
160.238.115.0/24 maxlen: 24
160.238.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Oct 2023 05:39:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a8:a3:2c:f1:b6:a5:a7:2e:56:43:d1:62:b6:5b:be:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0260b70a50adead39b709b590046c52e0cc6929b
Validity
Not Before: Mar 3 18:01:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbbf2ba56bb1bc3e3b058867a9693f1e580570e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:98:6f:b5:eb:6c:78:f1:4e:73:1f:9a:41:3f:
6a:e6:be:b4:ff:ff:47:0f:85:14:d5:86:a3:ba:9d:
96:3d:4f:37:ae:95:f3:6c:fd:c4:d4:70:b5:66:eb:
ce:2f:49:38:f0:ee:1b:aa:f7:86:80:d3:3c:16:80:
8d:49:61:38:76:ad:1d:91:98:55:c8:e9:f8:98:86:
16:33:4b:fa:64:72:a3:fc:33:6d:0e:82:b9:63:90:
35:6c:a4:b9:0b:5b:64:80:37:6c:34:be:3d:74:ea:
2e:a0:c0:2c:05:1c:ea:ff:f4:cc:a4:c9:af:4c:73:
26:54:e5:eb:e1:de:6e:95:52:cd:f1:78:e1:8c:3b:
69:68:d3:09:3a:27:f0:89:91:95:c9:47:6f:06:94:
7d:3f:e8:48:a3:db:a3:21:80:22:cd:85:fc:ed:f5:
08:58:f8:2b:6c:3d:b3:ad:5e:30:37:cb:62:e3:d1:
77:74:69:a4:a4:29:9f:c4:45:e5:4a:c7:56:f1:b3:
e8:e9:5b:b6:8d:58:31:d9:26:99:23:66:08:a8:4d:
75:97:cb:9f:28:2f:22:86:88:e8:b3:6b:9e:77:a7:
3a:18:75:28:f7:4e:ca:b1:18:19:6d:31:2e:fb:49:
2c:5f:0a:2d:0e:7d:6f:9c:09:03:3b:ed:7f:ec:74:
c2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:BF:2B:A5:6B:B1:BC:3E:3B:05:88:67:A9:69:3F:1E:58:05:70:E1
X509v3 Authority Key Identifier:
keyid:02:60:B7:0A:50:AD:EA:D3:9B:70:9B:59:00:46:C5:2E:0C:C6:92:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AmC3ClCt6tObcJtZAEbFLgzGkps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/u78rpWuxvD47BYhnqWk_HlgFcOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/AmC3ClCt6tObcJtZAEbFLgzGkps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.238.112.0/22
185.95.236.0/22
185.238.148.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:87:c7:36:24:5c:5b:12:82:23:84:b6:01:43:a3:7f:eb:ae:
ae:a1:4f:73:83:c9:72:bb:9e:43:95:82:65:99:ca:e2:21:d5:
da:66:f4:9c:59:92:1c:4d:ab:0f:b4:62:9c:28:e5:ae:c3:73:
cd:4a:c3:f9:0f:2a:82:54:9a:c9:ef:d3:bb:b7:4d:85:a1:d2:
7a:9a:af:7e:14:77:73:cc:f5:82:1c:ae:e9:16:cb:ad:14:1c:
0a:63:db:05:ad:4f:34:e9:93:bf:ab:b9:a8:ca:f1:97:89:3d:
da:17:07:f2:c6:e8:e8:5b:fd:dd:92:61:d0:be:26:1b:a3:ab:
53:84:6c:08:2d:d9:e5:53:38:92:35:7e:55:2e:11:90:3b:08:
fa:5b:c9:1e:c3:0b:89:ff:24:20:7c:88:3d:74:e7:7a:52:ab:
11:79:12:c9:63:a2:f8:4a:2f:0c:ad:e6:94:ae:91:d6:4c:f2:
7a:c7:f7:88:9f:f4:db:8a:cb:a8:5c:31:17:ac:8a:3f:10:37:
53:1d:99:c8:de:0d:b2:31:38:f0:f6:c4:be:11:bd:f5:6d:46:
d8:1e:5f:52:f0:1d:af:07:32:08:5f:6b:95:bb:00:ec:ee:c0:
22:62:f8:1f:c9:cc:b1:5e:50:46:26:b2:59:8c:ea:21:4f:f0:
c2:1e:dd:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaooyzxtqWnLlZD0WK2W77NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNjBiNzBhNTBhZGVhZDM5YjcwOWI1OTAwNDZjNTJlMGNj
NjkyOWIwHhcNMjMwMzAzMTgwMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJmMmJhNTZiYjFiYzNlM2IwNTg4NjdhOTY5M2YxZTU4MDU3MGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5hvtetsePFOcx+aQT9q5r60//9H
D4UU1Yajup2WPU83rpXzbP3E1HC1ZuvOL0k48O4bqveGgNM8FoCNSWE4dq0dkZhV
yOn4mIYWM0v6ZHKj/DNtDoK5Y5A1bKS5C1tkgDdsNL49dOouoMAsBRzq//TMpMmv
THMmVOXr4d5ulVLN8XjhjDtpaNMJOifwiZGVyUdvBpR9P+hIo9ujIYAizYX87fUI
WPgrbD2zrV4wN8ti49F3dGmkpCmfxEXlSsdW8bPo6Vu2jVgx2SaZI2YIqE11l8uf
KC8ihojos2ued6c6GHUo907KsRgZbTEu+0ksXwotDn1vnAkDO+1/7HTC9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLu/K6Vrsbw+OwWIZ6lpPx5YBXDhMB8GA1UdIwQY
MBaAFAJgtwpQrerTm3CbWQBGxS4MxpKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW1DM0NsQ3Q2dE9iY0p0WkFFYkZMZ3pHa3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81ZWIxMzAtYTBmNy00OWFmLWEyNzEt
ZWJlYzJhNDJlNjBkLzEvdTc4cnBXdXh2RDQ3QllobnFXa19IbGdGY09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81ZWIxMzAtYTBmNy00OWFmLWEyNzEtZWJlYzJhNDJlNjBk
LzEvQW1DM0NsQ3Q2dE9iY0p0WkFFYkZMZ3pHa3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCoO5wAwQC
uV/sAwQCue6UMA0GCSqGSIb3DQEBCwUAA4IBAQA9h8c2JFxbEoIjhLYBQ6N/666u
oU9zg8lyu55DlYJlmcriIdXaZvScWZIcTasPtGKcKOWuw3PNSsP5DyqCVJrJ79O7
t02FodJ6mq9+FHdzzPWCHK7pFsutFBwKY9sFrU806ZO/q7moyvGXiT3aFwfyxujo
W/3dkmHQviYbo6tThGwILdnlUziSNX5VLhGQOwj6W8kewwuJ/yQgfIg9dOd6UqsR
eRLJY6L4Si8MreaUrpHWTPJ6x/eIn/TbisuoXDEXrIo/EDdTHZnI3g2yMTjw9sS+
Eb31bUbYHl9S8B2vBzIIX2uVuwDs7sAiYvgfycyxXlBGJrJZjOohT/DCHt20
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:32 2024 by rpki-client on console-fra.rpki-client.org