Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/IYxcaiJAyZmZCMa5BMah6nBycPA.roa
File: IYxcaiJAyZmZCMa5BMah6nBycPA.roa (raw, json)
Hash identifier: n1v1Fg/tiWkwk5sBnKnyooVfWaQQRZUPJkbNuQ0eG6w=
Subject key identifier: 21:8C:5C:6A:22:40:C9:99:99:08:C6:B9:04:C6:A1:EA:70:72:70:F0
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 018CC801853DF5CAEDAAC7473FA25DF65C14
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/IYxcaiJAyZmZCMa5BMah6nBycPA.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57391
IP address blocks: 185.67.101.0/24 maxlen: 24
185.132.82.0/24 maxlen: 24
185.132.80.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.42.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.40.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
88.135.46.0/24 maxlen: 24
88.135.46.0/23 maxlen: 23
88.135.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 12:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:85:3d:f5:ca:ed:aa:c7:47:3f:a2:5d:f6:5c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=218c5c6a2240c9999908c6b904c6a1ea707270f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bb:64:2d:08:32:88:23:67:2d:54:5f:b4:e0:
dd:44:70:8f:ef:4d:cf:4b:02:c1:fc:40:a6:0b:c3:
87:a0:83:a1:75:6e:65:ac:46:d8:7e:ab:92:b7:b6:
4a:bc:09:1b:08:ce:33:7e:43:a4:f6:85:01:dc:9c:
b4:3c:6a:f0:b3:9a:9c:1b:b1:b1:51:1d:9d:e5:56:
74:73:ed:a6:82:6e:da:ce:df:08:4b:66:c6:c2:b7:
c7:2e:81:1c:f3:6c:82:50:9e:6b:c9:6e:bb:bd:90:
17:32:12:a4:75:29:f2:4f:d6:f4:ff:a1:3a:af:7a:
33:e0:78:c0:b9:fb:08:ce:f2:db:c4:ad:9f:92:de:
7b:93:cc:01:ae:59:4d:7f:b6:31:2d:41:11:29:f3:
56:12:85:e5:94:d9:61:b6:4f:4e:b4:78:34:d3:11:
79:9b:56:08:d7:d8:c6:56:38:2d:c0:18:63:f1:15:
46:01:20:fb:17:df:8e:76:26:a4:0e:e9:c6:ac:58:
87:88:a7:0a:df:96:27:d4:96:53:ea:75:56:c1:e2:
c9:54:55:18:08:69:29:63:e7:f3:dd:b9:de:65:54:
8b:52:2d:de:21:79:a5:86:d6:f0:3b:61:da:fd:6c:
45:3d:9b:05:af:a8:f2:1d:ed:6f:1d:06:2b:44:bf:
30:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:5C:6A:22:40:C9:99:99:08:C6:B9:04:C6:A1:EA:70:72:70:F0
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/IYxcaiJAyZmZCMa5BMah6nBycPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0/21
185.67.101.0/24
185.132.80.0/24
185.132.82.0/24
185.233.13.0-185.233.14.255
Signature Algorithm: sha256WithRSAEncryption
02:0d:92:65:9a:cc:5c:9f:33:bc:ba:0f:9f:38:0d:84:44:3d:
9c:16:39:e6:ce:d9:45:92:04:c4:cc:bd:1c:40:44:4d:f4:c6:
34:3a:21:d5:d6:8b:2f:4f:46:66:b5:af:c5:c5:b0:cc:e4:ea:
fc:cc:12:e4:5c:2a:e3:96:16:f5:76:cf:68:67:f2:12:3d:d7:
34:b3:ea:46:be:2a:b8:a1:b5:d7:89:7a:bb:a6:57:fb:2a:f8:
31:0f:19:df:e2:25:16:8e:65:0f:66:81:58:83:ee:58:a3:6c:
ac:58:28:d3:d1:3f:6f:ad:15:01:26:4f:9f:e8:e0:58:86:0b:
63:c6:71:a0:39:dd:73:e2:15:93:80:56:fb:88:2c:d7:2c:8f:
f4:05:4c:10:ba:f0:fc:99:77:ed:30:d3:b0:af:f2:96:a7:47:
37:03:50:22:75:96:01:f2:29:ad:7e:66:79:65:fa:d2:42:91:
c5:be:c0:c5:86:6a:da:c6:70:2f:24:1f:1b:1f:7d:7b:20:a4:
d4:19:ef:83:28:ff:3f:6f:fb:6c:d9:d9:24:88:01:1f:51:ac:
62:0a:b3:39:09:47:c0:16:ef:96:1d:27:04:ce:77:fb:03:93:
af:14:a9:0d:81:9c:fd:72:87:65:93:28:fc:22:e9:e8:bf:62:
ee:de:0e:64
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIAYU99crtqsdHP6Jd9lwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjNWM2YTIyNDBjOTk5OTkwOGM2YjkwNGM2YTFlYTcwNzI3MGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrtkLQgyiCNnLVRftODdRHCP703P
SwLB/ECmC8OHoIOhdW5lrEbYfquSt7ZKvAkbCM4zfkOk9oUB3Jy0PGrws5qcG7Gx
UR2d5VZ0c+2mgm7azt8IS2bGwrfHLoEc82yCUJ5ryW67vZAXMhKkdSnyT9b0/6E6
r3oz4HjAufsIzvLbxK2fkt57k8wBrllNf7YxLUERKfNWEoXllNlhtk9OtHg00xF5
m1YI19jGVjgtwBhj8RVGASD7F9+OdiakDunGrFiHiKcK35Yn1JZT6nVWweLJVFUY
CGkpY+fz3bneZVSLUi3eIXmlhtbwO2Ha/WxFPZsFr6jyHe1vHQYrRL8w7wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCGMXGoiQMmZmQjGuQTGoepwcnDwMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvSVl4Y2FpSkF5Wm1aQ01hNUJNYWg2bkJ5Y1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDWIcoAwQA
uUNlAwQAuYRQAwQAuYRSMAwDBAC56Q0DBAC56Q4wDQYJKoZIhvcNAQELBQADggEB
AAINkmWazFyfM7y6D584DYREPZwWOebO2UWSBMTMvRxARE30xjQ6IdXWiy9PRma1
r8XFsMzk6vzMEuRcKuOWFvV2z2hn8hI91zSz6ka+KrihtdeJerumV/sq+DEPGd/i
JRaOZQ9mgViD7lijbKxYKNPRP2+tFQEmT5/o4FiGC2PGcaA53XPiFZOAVvuILNcs
j/QFTBC68PyZd+0w07Cv8panRzcDUCJ1lgHyKa1+Znll+tJCkcW+wMWGatrGcC8k
HxsffXsgpNQZ74Mo/z9v+2zZ2SSIAR9RrGIKszkJR8AW75YdJwTOd/sDk68UqQ2B
nP1yh2WTKPwi6ei/Yu7eDmQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:23 2024 by rpki-client on console-fra.rpki-client.org