Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/IQFBIyDQhjcdAX7oWOl51tSPMAI.roa
File: IQFBIyDQhjcdAX7oWOl51tSPMAI.roa (raw, json)
Hash identifier: dhvt6r6tHI+ev9YhcpIchoRZ9TvGw3kQABERvYGruz4=
Subject key identifier: 21:01:41:23:20:D0:86:37:1D:01:7E:E8:58:E9:79:D6:D4:8F:30:02
Certificate issuer: /CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Certificate serial: 01917549E5B57C27E5F04CD0CBD51CD7E37B
Authority key identifier: 1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/IQFBIyDQhjcdAX7oWOl51tSPMAI.roa
Signing time: Wed 21 Aug 2024 14:14:22 +0000
ROA not before: Wed 21 Aug 2024 14:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12350
IP address blocks: 185.133.28.0/22 maxlen: 22
194.38.64.0/19 maxlen: 19
194.38.160.0/19 maxlen: 19
194.148.4.0/22 maxlen: 22
194.148.8.0/21 maxlen: 21
194.148.16.0/20 maxlen: 20
194.148.32.0/19 maxlen: 20
194.148.48.0/22 maxlen: 22
194.148.60.0/22 maxlen: 22
194.148.96.0/19 maxlen: 19
195.15.0.0/17 maxlen: 17
212.28.128.0/19 maxlen: 19
212.40.0.0/19 maxlen: 19
212.109.64.0/19 maxlen: 19
212.147.0.0/17 maxlen: 17
212.147.79.0/24 maxlen: 24
212.232.128.0/17 maxlen: 17
212.254.0.0/16 maxlen: 16
213.5.152.0/21 maxlen: 21
213.162.0.0/19 maxlen: 19
2001:4c78::/32 maxlen: 32
2a03:a360::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 10:28:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:49:e5:b5:7c:27:e5:f0:4c:d0:cb:d5:1c:d7:e3:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f739d213a438f678b322a8f8f84e2d8c7814aca
Validity
Not Before: Aug 21 14:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2101412320d086371d017ee858e979d6d48f3002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:03:bf:d3:29:8b:ce:8d:68:42:13:ce:b0:be:
b3:25:80:d1:76:9c:cb:b0:49:44:db:83:37:db:af:
1a:04:67:a7:ef:5e:6b:5d:cb:1b:16:b0:e8:f2:6a:
97:37:e6:e1:44:99:f3:00:4c:e0:50:7e:7d:d0:7a:
e3:a3:fb:cf:f2:61:bf:51:34:8b:45:31:52:23:d6:
e3:37:55:98:5b:73:66:11:93:f5:98:72:0d:0e:19:
89:4a:ab:b0:1f:cb:cc:29:b4:c6:88:25:9b:f8:5f:
9c:ab:3a:18:4a:72:70:8e:a6:a4:17:30:99:ca:f4:
77:36:1f:8c:09:47:0a:12:d2:10:a0:31:17:85:57:
85:8f:f0:8f:f3:b6:ee:b5:75:60:6b:40:32:c4:6a:
00:93:fd:e7:a6:96:8a:16:34:ca:c7:70:92:c1:22:
eb:f5:ac:29:f4:a4:ce:65:19:2a:7b:3f:40:68:d1:
a8:4a:5b:7f:46:fb:08:08:ea:72:ae:d0:b9:b0:38:
cf:f4:33:f7:8d:b4:c5:e8:e1:9f:28:8b:67:4d:26:
8e:8a:8f:34:97:67:60:2f:bd:b0:ec:3a:89:36:e9:
2f:6b:6c:90:b6:b4:36:0f:63:28:3c:d8:d4:b0:d8:
45:c0:d2:c4:f7:48:de:07:90:ec:04:16:9f:9c:2d:
f2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:01:41:23:20:D0:86:37:1D:01:7E:E8:58:E9:79:D6:D4:8F:30:02
X509v3 Authority Key Identifier:
keyid:1F:73:9D:21:3A:43:8F:67:8B:32:2A:8F:8F:84:E2:D8:C7:81:4A:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3OdITpDj2eLMiqPj4Ti2MeBSso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/IQFBIyDQhjcdAX7oWOl51tSPMAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/81bc95-1444-408a-92f1-392e05a84277/1/H3OdITpDj2eLMiqPj4Ti2MeBSso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.28.0/22
194.38.64.0/19
194.38.160.0/19
194.148.4.0-194.148.63.255
194.148.96.0/19
195.15.0.0/17
212.28.128.0/19
212.40.0.0/19
212.109.64.0/19
212.147.0.0/17
212.232.128.0/17
212.254.0.0/16
213.5.152.0/21
213.162.0.0/19
IPv6:
2001:4c78::/32
2a03:a360::/32
Signature Algorithm: sha256WithRSAEncryption
a2:d2:4d:ee:a1:c7:57:bf:18:1b:94:ea:c7:83:66:e3:71:5b:
ff:70:d6:2e:07:89:15:75:a5:0a:6c:73:66:bd:11:87:16:22:
d5:e5:41:7e:d2:51:1a:d7:d1:43:10:93:c1:b8:83:4a:25:79:
05:f5:1a:12:fe:71:8d:30:a6:95:f7:36:52:78:a2:e3:3d:ca:
f2:c1:8c:01:51:ee:a0:9d:7b:e0:16:0d:a2:d2:f9:34:77:f0:
0e:f1:44:48:2c:08:a1:43:8d:fd:c6:d1:b2:27:0e:be:f7:54:
ec:9b:76:f6:23:40:98:54:71:6c:32:0d:ec:3d:75:4a:90:ff:
8b:95:6d:d1:8f:21:04:50:e4:73:b9:3e:a0:37:c2:0a:f1:cb:
76:02:a9:dd:8a:6e:1a:0e:22:90:2b:c2:0d:97:2f:9b:6d:23:
c4:6d:ac:8e:3a:8d:48:00:15:46:a6:e0:96:bb:bf:f5:ef:7c:
5b:c0:d5:55:66:3e:14:f1:db:ac:5c:4b:e7:5e:26:c9:86:d8:
54:64:1d:c2:ea:da:88:28:4a:a2:c8:a6:1e:a2:d0:b9:ed:da:
9c:51:0e:b4:7b:e0:b4:c7:b0:0f:95:a3:96:27:d1:b9:84:23:
4d:14:7a:ec:f7:c3:c2:25:c4:05:72:d8:c3:90:30:38:f9:15:
51:d1:d6:01
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZF1SeW1fCfl8EzQy9Uc1+N7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzM5ZDIxM2E0MzhmNjc4YjMyMmE4ZjhmODRlMmQ4Yzc4
MTRhY2EwHhcNMjQwODIxMTQxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTAxNDEyMzIwZDA4NjM3MWQwMTdlZTg1OGU5NzlkNmQ0OGYzMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgO/0ymLzo1oQhPOsL6zJYDRdpzL
sElE24M3268aBGen715rXcsbFrDo8mqXN+bhRJnzAEzgUH590Hrjo/vP8mG/UTSL
RTFSI9bjN1WYW3NmEZP1mHINDhmJSquwH8vMKbTGiCWb+F+cqzoYSnJwjqakFzCZ
yvR3Nh+MCUcKEtIQoDEXhVeFj/CP87butXVga0AyxGoAk/3nppaKFjTKx3CSwSLr
9awp9KTOZRkqez9AaNGoSlt/RvsICOpyrtC5sDjP9DP3jbTF6OGfKItnTSaOio80
l2dgL72w7DqJNukva2yQtrQ2D2MoPNjUsNhFwNLE90jeB5DsBBafnC3ydQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFCEBQSMg0IY3HQF+6FjpedbUjzACMB8GA1UdIwQY
MBaAFB9znSE6Q49nizIqj4+E4tjHgUrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEt
MzkyZTA1YTg0Mjc3LzEvSVFGQkl5RFFoamNkQVg3b1dPbDUxdFNQTUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84MWJjOTUtMTQ0NC00MDhhLTkyZjEtMzkyZTA1YTg0Mjc3
LzEvSDNPZElUcERqMmVMTWlxUGo0VGkyTWVCU3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwYQQCAAEwWwMEArmFHAME
BcImQAMEBcImoDAMAwQCwpQEAwQGwpQAAwQFwpRgAwQHww8AAwQF1ByAAwQF1CgA
AwQF1G1AAwQH1JMAAwQH1OiAAwMA1P4DBAPVBZgDBAXVogAwFAQCAAIwDgMFACAB
THgDBQAqA6NgMA0GCSqGSIb3DQEBCwUAA4IBAQCi0k3uocdXvxgblOrHg2bjcVv/
cNYuB4kVdaUKbHNmvRGHFiLV5UF+0lEa19FDEJPBuINKJXkF9RoS/nGNMKaV9zZS
eKLjPcrywYwBUe6gnXvgFg2i0vk0d/AO8URILAihQ439xtGyJw6+91Tsm3b2I0CY
VHFsMg3sPXVKkP+LlW3RjyEEUORzuT6gN8IK8ct2Aqndim4aDiKQK8INly+bbSPE
bayOOo1IABVGpuCWu7/173xbwNVVZj4U8dusXEvnXibJhthUZB3C6tqIKEqiyKYe
otC57dqcUQ60e+C0x7APlaOWJ9G5hCNNFHrs98PCJcQFctjDkDA4+RVR0dYB
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:33:53 2024 by rpki-client on console-ams.rpki-client.org