Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/1-XDJV5rVQtQPHQrP7prvAvUVHGA.roa
File: 1-XDJV5rVQtQPHQrP7prvAvUVHGA.roa (raw, json)
Hash identifier: Y2n5QqGfMezEDl5N357hJZ9rF72kr2R1c4GKyMIMAeg=
Subject key identifier: F9:70:C9:57:9A:D5:42:D4:0F:1D:0A:CF:EE:9A:EF:02:F5:15:1C:60
Certificate issuer: /CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Certificate serial: 018BA9BA4AD09E24F251A2E8001B61F999FC
Authority key identifier: 7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/1-XDJV5rVQtQPHQrP7prvAvUVHGA.roa
Signing time: Tue 07 Nov 2023 12:20:40 +0000
ROA not before: Tue 07 Nov 2023 12:20:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198482
IP address blocks: 151.237.1.0/24 maxlen: 24
151.237.2.0/24 maxlen: 24
151.237.3.0/24 maxlen: 24
151.237.4.0/24 maxlen: 24
151.237.0.0/24 maxlen: 24
151.237.10.0/24 maxlen: 24
151.237.5.0/24 maxlen: 24
151.237.6.0/24 maxlen: 24
85.187.208.0/24 maxlen: 24
85.187.209.0/24 maxlen: 24
85.187.210.0/24 maxlen: 24
85.187.211.0/24 maxlen: 24
85.187.212.0/24 maxlen: 24
85.187.221.0/24 maxlen: 24
85.187.220.0/24 maxlen: 24
151.237.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:ba:4a:d0:9e:24:f2:51:a2:e8:00:1b:61:f9:99:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d7b4bcabeb29605ea511de973e4675c4b8a29df
Validity
Not Before: Nov 7 12:20:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f970c9579ad542d40f1d0acfee9aef02f5151c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9d:d4:c2:af:bb:62:c3:ed:c5:3d:f7:32:f0:
31:cb:f2:a1:9f:8c:eb:17:69:a7:ac:e9:b2:0e:22:
5c:0e:83:89:62:50:00:42:f4:bc:93:3c:07:c2:b0:
6b:26:22:5d:ef:18:d8:7f:2b:d0:8e:e8:3d:c8:5d:
65:bf:ba:1f:4a:a2:44:d8:93:c4:b0:4b:91:81:dd:
4e:ce:51:63:41:ba:4a:97:fe:15:50:6e:7e:a3:83:
31:ce:c8:e3:97:53:bb:24:67:4a:7d:7e:98:16:32:
80:22:89:fa:e9:e8:34:fc:c2:12:a5:f3:af:31:ad:
f4:a0:41:4c:8c:21:ca:1e:ff:93:38:18:37:30:dd:
7a:67:8e:1c:33:00:b5:b5:7c:5e:ef:81:44:17:d4:
09:62:5a:79:b7:3d:3d:a9:83:fd:6a:d8:63:41:b3:
2c:b4:0b:e7:81:a9:d6:df:2f:6e:12:26:99:34:0a:
72:fd:2e:30:16:c4:80:82:43:02:85:0b:84:27:e0:
8b:27:76:ae:e4:27:0d:a1:e8:b9:d1:f9:c4:a0:3a:
1e:55:e9:2b:8d:8e:b9:ee:a2:ba:7c:9d:0a:80:8e:
0d:69:9c:c5:d8:1b:31:e2:ec:3c:02:65:08:45:fa:
5f:cc:45:11:2b:cf:1f:3e:d8:4b:cf:af:fb:80:c0:
bb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:70:C9:57:9A:D5:42:D4:0F:1D:0A:CF:EE:9A:EF:02:F5:15:1C:60
X509v3 Authority Key Identifier:
keyid:7D:7B:4B:CA:BE:B2:96:05:EA:51:1D:E9:73:E4:67:5C:4B:8A:29:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXtLyr6ylgXqUR3pc-RnXEuKKd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/1-XDJV5rVQtQPHQrP7prvAvUVHGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/8897fd-1862-4393-aa4b-447617a4a744/1/fXtLyr6ylgXqUR3pc-RnXEuKKd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.208.0-85.187.212.255
85.187.220.0/23
151.237.0.0-151.237.6.255
151.237.10.0/24
151.237.94.0/24
Signature Algorithm: sha256WithRSAEncryption
85:55:44:57:1a:9b:8d:12:81:6e:de:c9:ac:80:11:f4:16:f4:
f4:cd:96:fb:17:9b:f7:eb:43:63:f1:b9:08:71:fa:e8:ca:1d:
22:20:7e:15:62:5c:e0:fb:b3:74:8d:d4:18:7f:3a:ca:2c:ea:
37:73:d9:a0:1d:15:64:d6:98:18:0e:92:3c:b2:0a:00:d3:8a:
bb:a4:1b:0e:69:43:9d:af:79:85:37:2a:69:7b:a0:0c:49:c0:
a8:a4:9c:2e:17:dd:a8:2e:d8:d1:42:fe:56:71:72:d3:67:8e:
59:b9:83:b2:f2:2a:c4:c4:51:a6:00:32:da:37:ff:ad:b8:36:
3e:cc:c7:3b:04:64:c0:fd:00:1f:1b:1f:cf:e3:aa:e0:76:96:
73:86:eb:ab:cc:09:fb:85:dd:dd:5f:2f:9c:e4:e1:76:68:a3:
94:45:55:d0:18:a2:4f:fc:2b:e0:da:04:8f:bf:30:12:6a:a6:
23:c1:a0:68:b8:a0:4d:ba:91:9c:09:da:e9:0f:00:05:88:72:
cd:81:76:8d:88:3a:cc:01:65:c5:47:34:dc:c6:7e:e9:dc:a3:
7a:28:75:8e:60:80:b4:1e:2a:5e:ce:42:88:3a:c7:0c:a4:54:
b2:22:73:27:af:4a:5c:be:45:5c:ca:81:ce:f1:eb:6b:b3:1e:
26:0d:e1:e3
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYupukrQniTyUaLoABth+Zn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2I0YmNhYmViMjk2MDVlYTUxMWRlOTczZTQ2NzVjNGI4
YTI5ZGYwHhcNMjMxMTA3MTIyMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcwYzk1NzlhZDU0MmQ0MGYxZDBhY2ZlZTlhZWYwMmY1MTUxYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ3Uwq+7YsPtxT33MvAxy/Khn4zr
F2mnrOmyDiJcDoOJYlAAQvS8kzwHwrBrJiJd7xjYfyvQjug9yF1lv7ofSqJE2JPE
sEuRgd1OzlFjQbpKl/4VUG5+o4Mxzsjjl1O7JGdKfX6YFjKAIon66eg0/MISpfOv
Ma30oEFMjCHKHv+TOBg3MN16Z44cMwC1tXxe74FEF9QJYlp5tz09qYP9athjQbMs
tAvnganW3y9uEiaZNApy/S4wFsSAgkMChQuEJ+CLJ3au5CcNoei50fnEoDoeVekr
jY657qK6fJ0KgI4NaZzF2Bsx4uw8AmUIRfpfzEURK88fPthLz6/7gMC7+QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPlwyVea1ULUDx0Kz+6a7wL1FRxgMB8GA1UdIwQY
MBaAFH17S8q+spYF6lEd6XPkZ1xLiinfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlh0THlyNnlsZ1hxVVIzcGMtUm5YRXVLS2Q4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84ODk3ZmQtMTg2Mi00MzkzLWFhNGIt
NDQ3NjE3YTRhNzQ0LzEvMS1YREpWNXJWUXRRUEhRclA3cHJ2QXZVVkhHQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvODg5N2ZkLTE4NjItNDM5My1hYTRiLTQ0NzYxN2E0YTc0
NC8xL2ZYdEx5cjZ5bGdYcVVSM3BjLVJuWEV1S0tkOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBGBggrBgEFBQcBBwEB/wQ3MDUwMwQCAAEwLTAMAwQEVbvQ
AwQAVbvUAwQBVbvcMAsDAwCX7QMEAJftBgMEAJftCgMEAJftXjANBgkqhkiG9w0B
AQsFAAOCAQEAhVVEVxqbjRKBbt7JrIAR9Bb09M2W+xeb9+tDY/G5CHH66ModIiB+
FWJc4PuzdI3UGH86yizqN3PZoB0VZNaYGA6SPLIKANOKu6QbDmlDna95hTcqaXug
DEnAqKScLhfdqC7Y0UL+VnFy02eOWbmDsvIqxMRRpgAy2jf/rbg2PszHOwRkwP0A
Hxsfz+Oq4HaWc4brq8wJ+4Xd3V8vnOThdmijlEVV0BiiT/wr4NoEj78wEmqmI8Gg
aLigTbqRnAna6Q8ABYhyzYF2jYg6zAFlxUc03MZ+6dyjeih1jmCAtB4qXs5CiDrH
DKRUsiJzJ69KXL5FXMqBzvHra7MeJg3h4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:31 2024 by rpki-client on console-fra.rpki-client.org