Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/_C_2Y_-sXfgdZdGsvZdiE6iUfcQ.roa
File: _C_2Y_-sXfgdZdGsvZdiE6iUfcQ.roa (raw, json)
Hash identifier: 8onQvwIAyOjp/P2tOxHwBtdFuCv3c4e2Ok1XefkDq1g=
Subject key identifier: FC:2F:F6:63:FF:AC:5D:F8:1D:65:D1:AC:BD:97:62:13:A8:94:7D:C4
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 01856D0A81620E2D261AB050B5D6DDC4856D
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/_C_2Y_-sXfgdZdGsvZdiE6iUfcQ.roa
Signing time: Sun 01 Jan 2023 11:14:42 +0000
ROA not before: Sun 01 Jan 2023 11:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20552
IP address blocks: 185.119.15.0/24 maxlen: 24
185.119.12.0/24 maxlen: 24
185.119.12.0/22 maxlen: 22
185.119.14.0/24 maxlen: 24
185.119.13.0/24 maxlen: 24
185.24.200.0/22 maxlen: 22
217.168.128.0/20 maxlen: 20
217.168.129.0/24 maxlen: 24
217.168.141.0/24 maxlen: 24
185.52.171.0/24 maxlen: 24
185.52.168.0/22 maxlen: 24
185.52.170.0/24 maxlen: 24
185.52.169.0/24 maxlen: 24
164.40.240.0/24 maxlen: 24
164.40.241.0/24 maxlen: 24
164.40.240.0/21 maxlen: 21
164.40.246.0/24 maxlen: 24
91.216.30.0/24 maxlen: 24
164.40.245.0/24 maxlen: 24
164.40.243.0/24 maxlen: 24
164.40.242.0/24 maxlen: 24
164.40.244.0/24 maxlen: 24
164.40.247.0/24 maxlen: 24
2a02:d88::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:81:62:0e:2d:26:1a:b0:50:b5:d6:dd:c4:85:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 11:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc2ff663ffac5df81d65d1acbd976213a8947dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3b:20:c4:09:9b:db:0d:e0:cc:a7:8c:67:ee:
20:4f:93:d4:fc:9b:11:8c:f9:66:b4:08:0b:48:cc:
a0:ce:da:7c:a3:e9:13:3a:6a:b9:c0:63:84:06:83:
79:4c:87:55:38:37:4d:e7:b9:bb:25:0c:07:64:2f:
38:5f:2c:f2:95:78:12:ca:f1:8a:b2:17:d7:df:55:
25:a4:ae:85:05:aa:b9:3c:f7:23:48:36:10:60:0a:
db:ee:a3:f6:4a:ee:40:e9:60:6e:cb:1f:88:f3:88:
8a:cb:5d:8a:50:2b:00:36:d4:96:3f:8e:f7:63:14:
b5:7e:37:48:23:d0:f3:06:f5:15:ba:e4:36:56:bb:
e7:4f:76:09:a0:85:44:4e:b6:cd:7d:6a:8b:b5:b0:
3c:ab:ce:d4:0f:bc:5b:9d:83:67:c7:ff:3c:10:b8:
06:b5:6e:b7:37:a7:cf:d3:83:97:0f:7a:96:b3:0b:
32:f3:76:a3:00:47:2f:2b:70:77:ae:0d:04:ee:70:
03:d1:0b:46:9f:38:40:97:95:31:66:d5:56:a6:29:
18:58:32:24:be:5d:e5:ba:55:8c:b2:4c:bb:2e:18:
6a:d4:08:e6:c8:34:e0:55:c9:98:ba:7c:b5:9c:01:
3e:7c:e3:64:8b:3b:8c:51:04:62:e6:0c:0e:04:09:
c6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2F:F6:63:FF:AC:5D:F8:1D:65:D1:AC:BD:97:62:13:A8:94:7D:C4
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/_C_2Y_-sXfgdZdGsvZdiE6iUfcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.30.0/24
164.40.240.0/21
185.24.200.0/22
185.52.168.0/22
185.119.12.0/22
217.168.128.0/20
IPv6:
2a02:d88::/32
Signature Algorithm: sha256WithRSAEncryption
2f:f5:4c:d8:69:33:6c:46:c8:b8:14:12:c7:b2:5f:fb:ed:20:
46:2d:7f:d4:93:37:8f:dd:70:bd:38:4a:4e:8f:2f:bb:6a:13:
5e:7a:31:c1:5d:02:ce:05:5d:eb:34:27:c9:e2:65:06:55:64:
8f:a1:27:6b:76:28:f6:c0:bc:86:91:64:b4:ec:d7:ed:24:05:
b0:82:e5:2c:cd:53:1b:fc:51:09:4c:98:7e:c6:57:04:77:af:
0d:92:2b:90:a0:82:9e:58:94:9e:36:89:79:4f:28:db:2d:3d:
8f:af:0b:13:b1:ad:b4:c2:14:7f:e0:c4:6f:68:c7:b3:ed:30:
8a:46:59:ba:3d:6f:85:2a:c2:75:a7:2c:06:42:95:e0:32:b6:
54:34:b2:ca:4c:df:c2:7d:2d:c0:ad:dc:be:8a:c6:1d:1f:a6:
d0:7f:94:6d:49:d5:c9:85:67:09:4b:2d:04:cb:d5:4a:55:b2:
46:36:4b:1e:21:25:7c:fc:1c:5f:a0:51:e6:91:56:5e:d0:1e:
e9:4b:91:80:ad:65:23:78:50:ac:c9:33:54:0f:85:68:e8:d2:
ba:45:91:b2:7f:fc:b1:0c:9c:0f:b4:13:bf:da:07:5d:aa:2c:
a6:f9:e9:ac:00:a1:7b:25:6f:b9:9e:f5:79:de:ee:67:6d:00:
f7:63:18:1a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVtCoFiDi0mGrBQtdbdxIVtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjMwMTAxMTExNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzJmZjY2M2ZmYWM1ZGY4MWQ2NWQxYWNiZDk3NjIxM2E4OTQ3ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTsgxAmb2w3gzKeMZ+4gT5PU/JsR
jPlmtAgLSMygztp8o+kTOmq5wGOEBoN5TIdVODdN57m7JQwHZC84XyzylXgSyvGK
shfX31UlpK6FBaq5PPcjSDYQYArb7qP2Su5A6WBuyx+I84iKy12KUCsANtSWP473
YxS1fjdII9DzBvUVuuQ2VrvnT3YJoIVETrbNfWqLtbA8q87UD7xbnYNnx/88ELgG
tW63N6fP04OXD3qWswsy83ajAEcvK3B3rg0E7nAD0QtGnzhAl5UxZtVWpikYWDIk
vl3lulWMsky7Lhhq1AjmyDTgVcmYuny1nAE+fONkizuMUQRi5gwOBAnGvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFPwv9mP/rF34HWXRrL2XYhOolH3EMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvX0NfMllfLXNYZmdkWmRHc3ZaZGlFNmlVZmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9geAwQD
pCjwAwQCuRjIAwQCuTSoAwQCuXcMAwQE2aiAMA0EAgACMAcDBQAqAg2IMA0GCSqG
SIb3DQEBCwUAA4IBAQAv9UzYaTNsRsi4FBLHsl/77SBGLX/UkzeP3XC9OEpOjy+7
ahNeejHBXQLOBV3rNCfJ4mUGVWSPoSdrdij2wLyGkWS07NftJAWwguUszVMb/FEJ
TJh+xlcEd68NkiuQoIKeWJSeNol5TyjbLT2PrwsTsa20whR/4MRvaMez7TCKRlm6
PW+FKsJ1pywGQpXgMrZUNLLKTN/CfS3Ardy+isYdH6bQf5RtSdXJhWcJSy0Ey9VK
VbJGNkseISV8/BxfoFHmkVZe0B7pS5GArWUjeFCsyTNUD4Vo6NK6RZGyf/yxDJwP
tBO/2gddqiym+emsAKF7JW+5nvV53u5nbQD3Yxga
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:52 2024 by rpki-client on console-fra.rpki-client.org