Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1CgZJOCWorYCPtkVIUHQva8ang8.roa
File: 1CgZJOCWorYCPtkVIUHQva8ang8.roa (raw, json)
Hash identifier: bqunAnFEB5PETy8mU4ka3Ts19LV5uFF1RRJjMkTz8Ig=
Subject key identifier: D4:28:19:24:E0:96:A2:B6:02:3E:D9:15:21:41:D0:BD:AF:1A:9E:0F
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018B81E69CC7156023F8A6E6ED2D4A9F3990
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1CgZJOCWorYCPtkVIUHQva8ang8.roa
Signing time: Mon 30 Oct 2023 18:44:16 +0000
ROA not before: Mon 30 Oct 2023 18:44:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50670
IP address blocks: 185.51.213.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
185.193.179.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.176.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.191.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
2a01:1d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:e6:9c:c7:15:60:23:f8:a6:e6:ed:2d:4a:9f:39:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Oct 30 18:44:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d4281924e096a2b6023ed9152141d0bdaf1a9e0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:63:33:83:38:a6:06:d9:e0:3b:d0:dd:0c:
b1:2a:38:57:28:92:e6:68:ba:b5:fc:a0:75:da:42:
00:2d:69:b5:1e:82:98:e3:e8:75:95:f2:11:a9:52:
fb:fe:09:e7:9f:64:17:6d:ad:75:a2:63:14:d8:e5:
4e:ed:52:db:f8:24:39:6a:aa:04:71:d0:9d:ec:f4:
91:86:da:69:98:ee:d2:f8:cd:36:63:96:50:8e:0d:
d7:65:22:95:c6:fa:9a:2f:cb:6d:d6:e2:ca:88:3e:
80:77:5a:7b:33:48:72:0a:80:65:ba:c9:b5:f3:d0:
6e:84:2d:ae:26:3b:91:99:ae:c9:f0:d8:67:d8:e2:
6a:9d:f7:1d:3b:15:66:27:20:7e:e5:cc:54:f0:34:
17:e1:59:00:10:2e:9f:98:a8:b0:fc:33:71:d5:b5:
44:da:5a:a5:31:89:7f:2f:e1:78:31:f7:39:42:19:
97:23:cb:4a:03:1b:49:2d:4f:b9:a6:f0:1f:c6:2e:
b3:8a:d1:f2:10:b2:8a:2a:64:bb:67:69:70:3d:f8:
ba:cd:04:97:db:b5:f2:72:02:e9:05:32:be:d7:e6:
76:90:40:27:6a:68:a6:89:d6:0f:ad:a9:5c:45:dc:
1c:56:01:a6:1c:17:10:09:0c:4c:b7:94:fe:29:5e:
25:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:28:19:24:E0:96:A2:B6:02:3E:D9:15:21:41:D0:BD:AF:1A:9E:0F
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/1CgZJOCWorYCPtkVIUHQva8ang8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
58:b3:8f:d8:0e:58:24:ff:85:3c:55:07:8b:bd:1a:f0:5e:a1:
43:e8:b3:5b:f5:14:80:31:3c:37:1a:9c:5d:89:52:29:03:a1:
78:05:55:0c:43:48:f4:d0:b9:f9:43:c5:7e:57:7c:8b:cb:9e:
ee:2f:df:e6:fa:f6:20:da:56:d3:52:dc:ea:2a:75:f0:e9:c9:
1f:66:82:14:47:ea:e3:d5:52:9b:d1:84:89:e1:fb:81:85:a0:
3f:ae:14:b7:fd:d2:68:28:dd:fa:4d:87:f9:8f:51:3d:c0:78:
24:24:a4:00:bd:d7:20:d6:ac:8b:09:f6:67:f4:5e:5a:47:95:
0e:96:50:38:5f:73:a6:89:7b:a4:d3:7e:19:5a:0b:c8:87:a4:
c6:0e:27:75:36:db:eb:ff:64:e4:56:83:bb:f7:55:48:f7:d4:
6c:ee:62:e2:75:a5:52:cf:af:7a:8f:af:7f:cb:3b:bc:d5:89:
7b:cb:e7:26:38:40:07:1b:6d:26:d0:8e:b6:ee:6f:15:2a:0b:
26:8d:2d:d9:da:d0:28:59:f0:d8:94:2e:be:13:51:23:0f:cd:
5e:7f:0e:ee:40:0f:2d:b0:0a:c5:00:08:b8:2b:d8:61:5e:10:
f8:f8:30:b4:4b:23:c0:f2:90:7b:46:67:97:c8:95:3a:5b:d9:
ae:d0:3f:04
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYuB5pzHFWAj+Kbm7S1KnzmQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjMxMDMwMTg0NDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDI4MTkyNGUwOTZhMmI2MDIzZWQ5MTUyMTQxZDBiZGFmMWE5ZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0ljM4M4pgbZ4DvQ3QyxKjhXKJLm
aLq1/KB12kIALWm1HoKY4+h1lfIRqVL7/gnnn2QXba11omMU2OVO7VLb+CQ5aqoE
cdCd7PSRhtppmO7S+M02Y5ZQjg3XZSKVxvqaL8tt1uLKiD6Ad1p7M0hyCoBlusm1
89BuhC2uJjuRma7J8Nhn2OJqnfcdOxVmJyB+5cxU8DQX4VkAEC6fmKiw/DNx1bVE
2lqlMYl/L+F4Mfc5QhmXI8tKAxtJLU+5pvAfxi6zitHyELKKKmS7Z2lwPfi6zQSX
27XycgLpBTK+1+Z2kEAnamimidYPralcRdwcVgGmHBcQCQxMt5T+KV4l5QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNQoGSTglqK2Aj7ZFSFB0L2vGp4PMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvMUNnWkpPQ1dvcllDUHRrVklVSFF2YThhbmc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEbe3AAwQD
sPFAAwQDshS4AwQCuTPUAwQCucGwMA0EAgACMAcDBQAqAQHQMA0GCSqGSIb3DQEB
CwUAA4IBAQBYs4/YDlgk/4U8VQeLvRrwXqFD6LNb9RSAMTw3GpxdiVIpA6F4BVUM
Q0j00Ln5Q8V+V3yLy57uL9/m+vYg2lbTUtzqKnXw6ckfZoIUR+rj1VKb0YSJ4fuB
haA/rhS3/dJoKN36TYf5j1E9wHgkJKQAvdcg1qyLCfZn9F5aR5UOllA4X3OmiXuk
034ZWgvIh6TGDid1Ntvr/2TkVoO791VI99Rs7mLidaVSz696j69/yzu81Yl7y+cm
OEAHG20m0I627m8VKgsmjS3Z2tAoWfDYlC6+E1EjD81efw7uQA8tsArFAAi4K9hh
XhD4+DC0SyPA8pB7RmeXyJU6W9mu0D8E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:53 2024 by rpki-client on console-fra.rpki-client.org