Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/SFxXDpApobZK0M35kKShiJjkSec.roa
File: SFxXDpApobZK0M35kKShiJjkSec.roa (raw, json)
Hash identifier: 8/JcThHtvNMZRsG2HtBtqDkX9aasBxfiMo9FtIx9CQQ=
Subject key identifier: 48:5C:57:0E:90:29:A1:B6:4A:D0:CD:F9:90:A4:A1:88:98:E4:49:E7
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 018CC6B7A0428A29E1C2EAAB105D37E4FDB2
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/SFxXDpApobZK0M35kKShiJjkSec.roa
Signing time: Mon 01 Jan 2024 20:29:31 +0000
ROA not before: Mon 01 Jan 2024 20:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50670
IP address blocks: 185.51.213.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
185.193.179.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.176.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.191.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
2a01:1d0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 07 Mar 2024 22:43:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a0:42:8a:29:e1:c2:ea:ab:10:5d:37:e4:fd:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jan 1 20:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=485c570e9029a1b64ad0cdf990a4a18898e449e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f1:d1:9c:98:e7:02:74:ed:b0:ec:e1:b9:c0:
7d:db:9e:d8:12:8c:23:ef:7d:13:8e:23:07:1c:12:
07:5b:17:d8:76:f9:17:e0:15:59:d2:58:f7:a1:29:
7f:81:2f:3f:d9:47:63:a7:68:de:72:da:63:46:64:
25:33:c2:9e:4c:ea:44:4a:f5:aa:93:d4:0c:0b:8a:
5c:b5:77:8a:4f:3b:54:e6:7d:71:51:de:f8:be:6c:
56:4c:0b:d3:8f:20:8b:19:64:27:f2:62:1a:e5:49:
53:3b:c4:42:58:97:57:8d:27:89:55:89:b3:f4:04:
c0:84:0c:59:fa:bb:3a:b8:8e:b3:91:21:77:ad:e6:
5b:b0:e8:2f:39:93:ff:16:4a:1b:01:89:d6:c5:3e:
6d:5b:56:68:87:df:ab:c8:8e:8c:b9:a8:29:fd:6d:
ac:69:3f:6e:f5:c4:b7:92:0d:19:d9:8b:7f:09:47:
a4:54:4a:df:cb:37:e4:6c:f9:da:cb:18:1d:56:42:
31:7c:49:a6:bd:de:5a:09:dd:1e:43:36:7e:55:2d:
fb:fc:b3:4c:55:a9:51:81:67:86:0e:47:02:63:eb:
2f:40:3a:92:1b:69:5e:04:cc:c3:c6:f8:95:1e:e9:
54:8e:22:44:ff:93:ca:05:ed:d4:53:9b:df:45:85:
38:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:5C:57:0E:90:29:A1:B6:4A:D0:CD:F9:90:A4:A1:88:98:E4:49:E7
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/SFxXDpApobZK0M35kKShiJjkSec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/32
Signature Algorithm: sha256WithRSAEncryption
c4:13:4f:47:0e:79:be:b8:ac:ca:70:17:30:c8:ac:a5:47:c8:
bf:7c:2c:05:05:f7:62:32:3c:6b:d5:b6:6c:a0:00:ca:28:64:
1c:5f:4e:7d:0b:35:fe:d6:3f:56:62:7b:15:cc:aa:ac:ae:0b:
fc:69:bd:58:bf:4b:f8:0a:ab:1e:0b:76:91:96:2b:ee:2c:e3:
79:11:be:d8:1a:a1:e1:09:89:ee:08:dc:a4:a4:7d:a2:79:0f:
35:35:65:2f:d6:79:ac:fb:0c:d7:a5:1a:b3:3d:15:57:ce:d9:
01:0e:8d:1c:ee:20:a0:40:1b:22:cd:73:05:51:11:8a:1a:7e:
bb:b2:47:89:93:19:42:5a:63:f9:db:b5:0c:bf:94:be:23:cb:
1b:6f:b3:ec:82:c7:f9:0b:af:10:fe:c2:37:5c:65:97:31:c7:
f4:14:78:17:4e:b7:00:7b:c6:03:02:4c:21:bb:93:71:8b:e1:
76:e2:24:3e:69:e2:f2:ae:03:ad:a8:ae:45:49:72:0b:20:be:
e3:97:d5:8d:7a:54:ba:5b:a9:36:4f:34:15:a4:92:8e:13:f7:
e5:ac:17:2e:74:24:c1:70:fb:d3:4f:c0:ac:26:e2:8a:fb:49:
c7:96:81:ff:e9:8b:b1:49:89:01:00:f8:04:5c:e8:d0:25:fb:
d6:f8:53:e3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGt6BCiinhwuqrEF035P2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjQwMTAxMjAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODVjNTcwZTkwMjlhMWI2NGFkMGNkZjk5MGE0YTE4ODk4ZTQ0OWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfHRnJjnAnTtsOzhucB9257YEowj
730TjiMHHBIHWxfYdvkX4BVZ0lj3oSl/gS8/2Udjp2jectpjRmQlM8KeTOpESvWq
k9QMC4pctXeKTztU5n1xUd74vmxWTAvTjyCLGWQn8mIa5UlTO8RCWJdXjSeJVYmz
9ATAhAxZ+rs6uI6zkSF3reZbsOgvOZP/FkobAYnWxT5tW1Zoh9+ryI6Muagp/W2s
aT9u9cS3kg0Z2Yt/CUekVErfyzfkbPnayxgdVkIxfEmmvd5aCd0eQzZ+VS37/LNM
ValRgWeGDkcCY+svQDqSG2leBMzDxviVHulUjiJE/5PKBe3UU5vfRYU47wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEhcVw6QKaG2StDN+ZCkoYiY5EnnMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvU0Z4WERwQXBvYlpLME0zNWtLU2hpSmprU2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEbe3AAwQD
sPFAAwQDshS4AwQCuTPUAwQCucGwMA0EAgACMAcDBQAqAQHQMA0GCSqGSIb3DQEB
CwUAA4IBAQDEE09HDnm+uKzKcBcwyKylR8i/fCwFBfdiMjxr1bZsoADKKGQcX059
CzX+1j9WYnsVzKqsrgv8ab1Yv0v4CqseC3aRlivuLON5Eb7YGqHhCYnuCNykpH2i
eQ81NWUv1nms+wzXpRqzPRVXztkBDo0c7iCgQBsizXMFURGKGn67skeJkxlCWmP5
27UMv5S+I8sbb7Psgsf5C68Q/sI3XGWXMcf0FHgXTrcAe8YDAkwhu5Nxi+F24iQ+
aeLyrgOtqK5FSXILIL7jl9WNelS6W6k2TzQVpJKOE/flrBcudCTBcPvTT8CsJuKK
+0nHloH/6YuxSYkBAPgEXOjQJfvW+FPj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:54 2024 by rpki-client on console-fra.rpki-client.org