Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-zlbnUfr294YBn_4UwpfGiFvTlM.roa
File: 1-zlbnUfr294YBn_4UwpfGiFvTlM.roa (raw, json)
Hash identifier: P7OyfKs7769+cy9SHBiPzjQTe3Ve+cbVqoLmkrVC7Q8=
Subject key identifier: FB:39:5B:9D:47:EB:DB:DE:18:06:7F:F8:53:0A:5F:1A:21:6F:4E:53
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01911776C224F5D5619FC6598C221EA1649E
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-zlbnUfr294YBn_4UwpfGiFvTlM.roa
Signing time: Sat 03 Aug 2024 08:59:04 +0000
ROA not before: Sat 03 Aug 2024 08:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6762
IP address blocks: 107.150.168.0/24 maxlen: 24
107.150.172.0/24 maxlen: 24
162.218.176.0/24 maxlen: 24
162.218.179.0/24 maxlen: 24
167.160.0.0/24 maxlen: 24
167.160.3.0/24 maxlen: 24
185.192.212.0/24 maxlen: 24
185.192.215.0/24 maxlen: 24
185.203.148.0/24 maxlen: 24
185.203.151.0/24 maxlen: 24
185.212.172.0/24 maxlen: 24
185.212.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Sep 2024 07:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:76:c2:24:f5:d5:61:9f:c6:59:8c:22:1e:a1:64:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 3 08:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb395b9d47ebdbde18067ff8530a5f1a216f4e53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:65:ba:dd:d3:88:cb:dd:4c:5c:4d:a8:92:61:
04:19:a1:b1:3a:80:47:3a:6b:4d:52:93:c1:b2:ac:
b6:4e:3d:88:f8:71:83:e4:24:9b:74:68:94:6a:45:
89:88:60:b2:34:a6:ec:fb:4f:cf:a0:0c:5a:65:f8:
a2:e5:20:df:fa:07:fc:a2:99:31:d4:bc:ed:62:76:
b3:0b:70:66:6d:30:d0:c7:be:91:cf:b3:f4:77:3d:
b9:b6:12:da:f2:b7:3a:a1:fe:37:7e:62:75:01:1a:
3c:1a:87:84:43:bc:28:5e:26:fc:e5:c3:ce:40:f8:
e3:b4:c2:25:99:13:2a:4a:07:12:de:d3:b6:a5:51:
aa:d1:f4:e4:d9:a1:07:b4:89:79:03:16:46:1e:d3:
24:e5:aa:4f:80:49:06:11:9a:72:8d:32:1d:aa:3a:
f8:d3:11:c3:a2:d6:5d:27:5c:e0:0f:99:89:1d:19:
49:78:c0:4c:44:45:99:7e:2f:62:65:bc:31:17:15:
ad:b9:9f:6e:5d:2f:fb:21:d1:8a:5c:b4:57:6b:5c:
9e:1c:b7:26:df:51:2d:ab:f1:bb:c4:b7:bb:60:e8:
12:c6:7a:45:8d:00:18:b0:a7:84:89:c6:a5:03:4f:
0c:e3:fd:2c:4a:00:fd:16:03:ca:5e:7c:a4:9f:9d:
59:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:39:5B:9D:47:EB:DB:DE:18:06:7F:F8:53:0A:5F:1A:21:6F:4E:53
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/1-zlbnUfr294YBn_4UwpfGiFvTlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.168.0/24
107.150.172.0/24
162.218.176.0/24
162.218.179.0/24
167.160.0.0/24
167.160.3.0/24
185.192.212.0/24
185.192.215.0/24
185.203.148.0/24
185.203.151.0/24
185.212.172.0/24
185.212.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:ec:4a:06:66:ba:02:70:91:cc:df:bb:ed:d8:a6:b3:d3:87:
d2:4d:fe:10:d5:9e:e8:af:5d:73:68:50:4f:5b:9b:c9:c6:58:
fb:61:aa:bf:4c:b8:af:fe:45:3e:34:00:59:51:eb:1e:15:35:
49:25:6a:b7:aa:5d:42:dd:f9:a1:07:9c:2d:e1:9b:66:cd:4f:
bd:15:d0:4c:54:d1:50:97:7b:ed:c2:ca:d3:7e:0f:d3:3a:ee:
e8:0d:b4:3b:e4:48:fe:e3:d0:7c:e1:fa:96:d5:1d:35:25:ab:
37:cb:c6:a5:3f:f0:04:49:7d:01:3c:93:1f:94:0b:49:96:3c:
59:f5:1f:14:f1:85:56:2e:b2:ca:de:de:f0:00:15:5c:e5:0e:
1b:9c:be:16:57:36:d3:07:64:2c:49:fe:27:d3:58:98:bf:4a:
f8:e8:94:fb:41:82:79:51:ee:33:f1:51:f2:7f:49:ce:64:d8:
f3:dc:75:ee:75:11:7d:d6:be:64:29:bb:d1:09:92:e1:fa:07:
8d:4f:0c:33:78:15:71:99:1e:0a:ee:43:cb:a7:c8:da:27:2d:
f9:df:86:d0:6c:99:a0:76:3a:1f:9e:6c:30:01:bc:97:dc:c8:
cc:8d:f9:25:2f:ac:9c:f7:48:05:13:d5:54:f9:8c:db:30:51:
61:39:fc:35
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZEXdsIk9dVhn8ZZjCIeoWSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwODAzMDg1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjM5NWI5ZDQ3ZWJkYmRlMTgwNjdmZjg1MzBhNWYxYTIxNmY0ZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGW63dOIy91MXE2okmEEGaGxOoBH
OmtNUpPBsqy2Tj2I+HGD5CSbdGiUakWJiGCyNKbs+0/PoAxaZfii5SDf+gf8opkx
1LztYnazC3BmbTDQx76Rz7P0dz25thLa8rc6of43fmJ1ARo8GoeEQ7woXib85cPO
QPjjtMIlmRMqSgcS3tO2pVGq0fTk2aEHtIl5AxZGHtMk5apPgEkGEZpyjTIdqjr4
0xHDotZdJ1zgD5mJHRlJeMBMREWZfi9iZbwxFxWtuZ9uXS/7IdGKXLRXa1yeHLcm
31Etq/G7xLe7YOgSxnpFjQAYsKeEicalA08M4/0sSgD9FgPKXnykn51ZZQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPs5W51H69veGAZ/+FMKXxohb05TMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMS16bGJuVWZyMjk0WUJuXzRVd3BmR2lGdlRsTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjYvMmJhOTdlLTU5OGItNDhkZC04ZDU2LWY1ZmI3MWI5YTUx
Zi8xLzhFcFlCSDgzdThCWGxFdV9qSzJIUW9lVmt0by5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAGuWqAME
AGuWrAMEAKLasAMEAKLaswMEAKegAAMEAKegAwMEALnA1AMEALnA1wMEALnLlAME
ALnLlwMEALnUrAMEALnUrzANBgkqhkiG9w0BAQsFAAOCAQEATOxKBma6AnCRzN+7
7dims9OH0k3+ENWe6K9dc2hQT1ubycZY+2Gqv0y4r/5FPjQAWVHrHhU1SSVqt6pd
Qt35oQecLeGbZs1PvRXQTFTRUJd77cLK034P0zru6A20O+RI/uPQfOH6ltUdNSWr
N8vGpT/wBEl9ATyTH5QLSZY8WfUfFPGFVi6yyt7e8AAVXOUOG5y+Flc20wdkLEn+
J9NYmL9K+OiU+0GCeVHuM/FR8n9JzmTY89x17nURfda+ZCm70QmS4foHjU8MM3gV
cZkeCu5Dy6fI2ict+d+G0GyZoHY6H55sMAG8l9zIzI35JS+snPdIBRPVVPmM2zBR
YTn8NQ==
-----END CERTIFICATE-----
Generated at Sat Sep 21 09:13:57 2024 by rpki-client on console-fra.rpki-client.org