Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/l0EVsnZMvqBPaq60XdFP-t0CTL0.roa
File: l0EVsnZMvqBPaq60XdFP-t0CTL0.roa (raw, json)
Hash identifier: bFRTaHC62NP5tjrSjWL/D9xnEqGdzVzz9ggBXxvvV8I=
Subject key identifier: 97:41:15:B2:76:4C:BE:A0:4F:6A:AE:B4:5D:D1:4F:FA:DD:02:4C:BD
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 018CC7953BE8C5F96C03D2D14BD27B67CA4C
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/l0EVsnZMvqBPaq60XdFP-t0CTL0.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.62.136.0/22 maxlen: 24
185.160.65.0/24 maxlen: 24
185.160.66.0/23 maxlen: 24
185.141.188.0/22 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.52.148.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.168.108.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.148.44.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
85.187.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 14:50:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3b:e8:c5:f9:6c:03:d2:d1:4b:d2:7b:67:ca:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=974115b2764cbea04f6aaeb45dd14ffadd024cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:33:b1:2f:a4:6f:d7:a2:c8:8e:33:d5:21:95:
dc:fc:c8:c3:c5:4e:8c:e0:1d:12:9b:48:c7:05:4d:
12:d4:80:63:10:66:f4:c3:70:c0:db:72:2d:1a:e9:
ff:a1:e7:cc:a4:40:c7:ba:b5:5c:81:bb:eb:94:69:
6d:43:f9:60:88:4b:8f:15:f7:0e:81:05:7d:a9:f1:
fe:8d:15:90:a6:9a:7d:7b:6a:ad:e5:11:28:8f:cb:
f9:94:d3:c3:ba:6b:ed:2b:cb:35:a6:db:7d:71:0c:
e8:a7:a2:90:1a:2d:1d:22:75:cb:23:fa:df:da:ac:
14:39:ca:06:f7:ca:8a:9c:dd:d6:cc:2c:e8:d6:ba:
e8:51:ff:3a:ee:a2:c7:3b:0e:70:ee:12:1e:25:27:
bf:6d:0d:a3:70:27:92:42:8c:2f:0f:46:55:90:ef:
74:1f:86:37:1d:e1:cf:97:36:f2:37:d3:6b:e6:08:
d0:71:1a:01:91:e1:23:35:04:f0:05:fa:e2:d9:a7:
c2:80:88:ac:f1:73:63:f0:73:47:ee:2b:0a:89:c5:
50:f3:b0:60:6b:79:be:43:a2:2c:0c:7c:fe:25:ac:
73:71:53:e9:28:52:f8:8b:08:dd:fc:dd:0e:4b:a1:
40:08:b7:48:fc:49:12:61:3e:c4:8c:a2:87:90:bd:
c2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:41:15:B2:76:4C:BE:A0:4F:6A:AE:B4:5D:D1:4F:FA:DD:02:4C:BD
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/l0EVsnZMvqBPaq60XdFP-t0CTL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:0f:67:62:65:55:90:92:17:b0:0c:27:a6:3e:ac:78:81:df:
b2:8c:ee:8e:7d:3c:33:14:c3:59:43:ca:2f:99:9d:f5:eb:1d:
71:12:59:69:77:3a:cc:95:3f:fb:96:77:33:41:a5:52:2d:b6:
a9:88:2d:d6:71:10:c3:c6:35:ce:45:e5:64:b4:5c:30:e4:27:
f9:7a:7b:76:90:0a:11:57:e7:b6:82:37:99:94:e4:5c:9d:03:
6c:4e:b6:32:de:a5:00:22:1c:bb:6b:c1:6c:21:ac:50:c5:66:
5f:83:6b:8b:f8:0f:a2:77:6f:05:a3:a2:e6:64:3a:42:66:ab:
b1:32:19:c7:6d:dc:e8:84:e9:0b:c3:69:a6:c9:64:af:43:c5:
a3:3f:a9:f7:13:7d:6e:a9:bc:e4:94:0d:97:ee:cf:27:ff:72:
b9:1f:79:2e:a6:2f:7c:3f:2e:fb:ef:ab:9c:41:e4:96:7b:3f:
a0:77:ef:6b:81:08:73:03:a2:47:a5:bc:04:54:51:1e:df:86:
10:9c:5e:22:04:c3:bc:04:e8:e6:82:a0:25:9e:cb:90:c7:10:
3c:cc:9e:06:50:c0:c0:c8:14:4c:39:c0:13:54:87:c0:d0:3a:
74:80:54:45:86:89:60:e2:ca:b4:85:df:c0:ad:41:6b:21:e6:
fe:79:cd:ac
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAYzHlTvoxflsA9LRS9J7Z8pMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMTIxY2Q2ZTExZGEwOTVmODU2ZDc5ZGVlYzQ2OWQwYzYz
NTg0OTQwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQxMTViMjc2NGNiZWEwNGY2YWFlYjQ1ZGQxNGZmYWRkMDI0Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDOxL6Rv16LIjjPVIZXc/MjDxU6M
4B0Sm0jHBU0S1IBjEGb0w3DA23ItGun/oefMpEDHurVcgbvrlGltQ/lgiEuPFfcO
gQV9qfH+jRWQppp9e2qt5REoj8v5lNPDumvtK8s1ptt9cQzop6KQGi0dInXLI/rf
2qwUOcoG98qKnN3WzCzo1rroUf867qLHOw5w7hIeJSe/bQ2jcCeSQowvD0ZVkO90
H4Y3HeHPlzbyN9Nr5gjQcRoBkeEjNQTwBfri2afCgIis8XNj8HNH7isKicVQ87Bg
a3m+Q6IsDHz+JaxzcVPpKFL4iwjd/N0OS6FACLdI/EkSYT7EjKKHkL3CHwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJdBFbJ2TL6gT2qutF3RT/rdAky9MB8GA1UdIwQY
MBaAFK8SHNbhHaCV+FbXne7EadDGNYSUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEt
YWYzZjc5NGFlNjA3LzEvbDBFVnNuWk12cUJQYXE2MFhkRlAtdDBDVEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9mZDYwNjktNDE3OS00NWJlLWI4MmEtYWYzZjc5NGFlNjA3
LzEvcnhJYzF1RWRvSlg0VnRlZDdzUnAwTVkxaEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEBVW7gAME
Ark0lAMEArk+iAMEArmEBAMEArmFFAMEArmNvAMEArmPLAMEArmSFAMEArmSHAME
ArmULAMEArmUgAMEArmVcAMEArmXMDAMAwQAuaBBAwQCuaBAMAwDBAC5ppEDBAK5
ppADBAK5qGwwDQYJKoZIhvcNAQELBQADggEBAJoPZ2JlVZCSF7AMJ6Y+rHiB37KM
7o59PDMUw1lDyi+ZnfXrHXESWWl3OsyVP/uWdzNBpVIttqmILdZxEMPGNc5F5WS0
XDDkJ/l6e3aQChFX57aCN5mU5FydA2xOtjLepQAiHLtrwWwhrFDFZl+Da4v4D6J3
bwWjouZkOkJmq7EyGcdt3OiE6QvDaabJZK9DxaM/qfcTfW6pvOSUDZfuzyf/crkf
eS6mL3w/Lvvvq5xB5JZ7P6B372uBCHMDokelvARUUR7fhhCcXiIEw7wE6OaCoCWe
y5DHEDzMngZQwMDIFEw5wBNUh8DQOnSAVEWGiWDiyrSF38CtQWsh5v55zaw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org