Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/151HASU7eBOD3NKU4PjeDQrUMU4.roa
File: 151HASU7eBOD3NKU4PjeDQrUMU4.roa (raw, json)
Hash identifier: rKrOW6h+iGMmHy9fjTjMvbtUtbc3rFSLXrwdgaqNSQ8=
Subject key identifier: D7:9D:47:01:25:3B:78:13:83:DC:D2:94:E0:F8:DE:0D:0A:D4:31:4E
Certificate issuer: /CN=b43b97a1d21f637b549130f0857a681cc7f6884c
Certificate serial: 0186C7DB250E3FD23F94330FC0973C3A2FD2
Authority key identifier: B4:3B:97:A1:D2:1F:63:7B:54:91:30:F0:85:7A:68:1C:C7:F6:88:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/151HASU7eBOD3NKU4PjeDQrUMU4.roa
Signing time: Thu 09 Mar 2023 19:31:13 +0000
ROA not before: Thu 09 Mar 2023 19:31:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48579
IP address blocks: 88.80.8.0/22 maxlen: 24
185.141.30.0/23 maxlen: 24
88.80.12.0/22 maxlen: 24
217.61.244.0/22 maxlen: 24
185.24.132.0/22 maxlen: 24
212.237.144.0/22 maxlen: 24
91.197.40.0/22 maxlen: 24
212.237.148.0/22 maxlen: 24
2a07:2180::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c7:db:25:0e:3f:d2:3f:94:33:0f:c0:97:3c:3a:2f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b43b97a1d21f637b549130f0857a681cc7f6884c
Validity
Not Before: Mar 9 19:31:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d79d4701253b781383dcd294e0f8de0d0ad4314e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:3d:6f:dc:e7:d1:66:a1:7e:4f:69:30:d5:97:
ec:db:24:e3:72:99:2b:4a:da:c6:93:e6:d3:a9:09:
1c:80:fc:2e:44:1c:71:1f:6e:ff:a5:f1:0d:bd:89:
b0:61:d6:1c:b9:a9:6c:d3:b4:7f:ca:58:4e:62:12:
9b:12:8a:4f:0f:02:6c:e1:3a:d4:79:86:f8:9c:2f:
10:5a:39:3e:11:27:eb:b3:8d:7b:c1:6b:7e:02:90:
3d:15:38:01:03:c9:f5:dd:34:d5:e6:a7:87:93:55:
61:dd:de:f4:7b:ce:e9:a0:ef:e4:dd:e7:f4:04:47:
b0:be:2a:a6:cd:4d:b6:c0:67:0c:52:74:2a:e9:90:
eb:2b:52:6d:5e:e5:28:0d:96:51:6f:da:d8:fa:37:
29:dd:4a:4f:56:27:c7:30:23:11:fb:d7:11:79:2b:
e2:11:39:b1:d4:8d:93:e7:7a:41:52:78:45:df:b3:
13:cc:30:ad:94:71:81:22:94:72:87:26:83:9f:1f:
1e:31:fa:c2:7c:a4:4a:5a:67:25:ed:5c:86:49:ed:
69:7e:df:9b:b7:7b:3b:3b:b2:34:4c:a1:39:ca:fa:
55:67:25:b9:f4:17:70:78:07:58:dc:76:a6:6a:fc:
8f:80:19:86:f2:25:45:c7:e8:ae:98:d3:d7:20:38:
e3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9D:47:01:25:3B:78:13:83:DC:D2:94:E0:F8:DE:0D:0A:D4:31:4E
X509v3 Authority Key Identifier:
keyid:B4:3B:97:A1:D2:1F:63:7B:54:91:30:F0:85:7A:68:1C:C7:F6:88:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/151HASU7eBOD3NKU4PjeDQrUMU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.8.0/21
91.197.40.0/22
185.24.132.0/22
185.141.30.0/23
212.237.144.0/21
217.61.244.0/22
IPv6:
2a07:2180::/32
Signature Algorithm: sha256WithRSAEncryption
51:c9:64:39:d1:27:13:72:fe:c8:c4:49:c8:ea:0a:3b:6c:c1:
59:dd:ba:21:a4:67:ef:ba:34:e7:cd:b6:09:b1:93:dd:e5:50:
91:6a:23:f1:ca:d0:e6:82:4e:65:ba:19:a7:e6:79:68:88:cc:
75:de:a6:95:a1:77:35:78:9b:ef:4b:8d:ea:cc:ab:ac:c7:5e:
3d:e3:e4:5d:88:fc:30:44:13:c1:88:4d:da:61:d9:5c:f9:19:
ae:69:3b:a5:0a:51:16:42:c6:51:d7:da:2e:a1:be:4e:ad:92:
07:7e:de:4f:72:25:6a:0a:ef:60:01:f1:bc:c4:f4:b3:61:16:
1c:d4:b5:db:2c:a2:f6:7f:f7:42:88:2c:bb:a3:43:4d:0a:97:
95:dd:99:cd:79:87:2f:d4:68:7f:b3:31:65:b7:ac:4a:da:fb:
24:60:55:c0:bd:e1:ee:c0:13:c0:03:b4:6e:c6:00:ae:94:51:
8b:eb:45:ff:dc:d4:3b:30:5a:14:77:8a:69:5b:3e:29:fe:01:
74:86:35:a2:a7:ef:c3:fd:b8:38:88:4f:f4:80:50:a3:64:87:
91:4d:fa:2d:22:e7:4f:51:18:6b:97:12:61:68:d0:64:a0:d3:
29:99:1b:a7:8b:68:85:cb:4b:21:0e:11:88:66:2b:3d:0d:58:
6d:61:eb:a2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYbH2yUOP9I/lDMPwJc8Oi/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0M2I5N2ExZDIxZjYzN2I1NDkxMzBmMDg1N2E2ODFjYzdm
Njg4NGMwHhcNMjMwMzA5MTkzMTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlkNDcwMTI1M2I3ODEzODNkY2QyOTRlMGY4ZGUwZDBhZDQzMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhT1v3OfRZqF+T2kw1Zfs2yTjcpkr
StrGk+bTqQkcgPwuRBxxH27/pfENvYmwYdYcuals07R/ylhOYhKbEopPDwJs4TrU
eYb4nC8QWjk+ESfrs417wWt+ApA9FTgBA8n13TTV5qeHk1Vh3d70e87poO/k3ef0
BEewviqmzU22wGcMUnQq6ZDrK1JtXuUoDZZRb9rY+jcp3UpPVifHMCMR+9cReSvi
ETmx1I2T53pBUnhF37MTzDCtlHGBIpRyhyaDnx8eMfrCfKRKWmcl7VyGSe1pft+b
t3s7O7I0TKE5yvpVZyW59BdweAdY3HamavyPgBmG8iVFx+iumNPXIDjjMwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNedRwElO3gTg9zSlOD43g0K1DFOMB8GA1UdIwQY
MBaAFLQ7l6HSH2N7VJEw8IV6aBzH9ohMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NDU0YWQtNmNmMy00ZWU1LWE0Yjkt
MDQ2NGU5NDVmMWNjLzEvMTUxSEFTVTdlQk9EM05LVTRQamVEUXJVTVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS81NDU0YWQtNmNmMy00ZWU1LWE0YjktMDQ2NGU5NDVmMWNj
LzEvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDWFAIAwQC
W8UoAwQCuRiEAwQBuY0eAwQD1O2QAwQC2T30MA0EAgACMAcDBQAqByGAMA0GCSqG
SIb3DQEBCwUAA4IBAQBRyWQ50ScTcv7IxEnI6go7bMFZ3bohpGfvujTnzbYJsZPd
5VCRaiPxytDmgk5luhmn5nloiMx13qaVoXc1eJvvS43qzKusx1494+RdiPwwRBPB
iE3aYdlc+RmuaTulClEWQsZR19ouob5OrZIHft5PciVqCu9gAfG8xPSzYRYc1LXb
LKL2f/dCiCy7o0NNCpeV3ZnNeYcv1Gh/szFlt6xK2vskYFXAveHuwBPAA7RuxgCu
lFGL60X/3NQ7MFoUd4ppWz4p/gF0hjWip+/D/bg4iE/0gFCjZIeRTfotIudPURhr
lxJhaNBkoNMpmRuni2iFy0shDhGIZis9DVhtYeui
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:54 2024 by rpki-client on console-ams.rpki-client.org