Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/D_lQhUwE9XHh_k8oRWr93tD5Shc.roa
File: D_lQhUwE9XHh_k8oRWr93tD5Shc.roa (raw, json)
Hash identifier: ZS0o1AVqPyRUIGlOVGKAPZm9Zce5wsppyY9GRoE2nSw=
Subject key identifier: 0F:F9:50:85:4C:04:F5:71:E1:FE:4F:28:45:6A:FD:DE:D0:F9:4A:17
Certificate issuer: /CN=7b148db42f90e96447bd7f63edd8a7ccbeeaa842
Certificate serial: 018790DF5EE5AFE8FC5B73FF17E94E7D1FE9
Authority key identifier: 7B:14:8D:B4:2F:90:E9:64:47:BD:7F:63:ED:D8:A7:CC:BE:EA:A8:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/D_lQhUwE9XHh_k8oRWr93tD5Shc.roa
Signing time: Mon 17 Apr 2023 20:19:30 +0000
ROA not before: Mon 17 Apr 2023 20:19:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60501
IP address blocks: 185.187.62.0/24 maxlen: 24
193.43.208.0/24 maxlen: 24
194.156.180.0/22 maxlen: 22
185.30.64.0/22 maxlen: 22
185.109.24.0/22 maxlen: 22
185.109.24.0/24 maxlen: 24
185.109.25.0/24 maxlen: 24
185.109.26.0/24 maxlen: 24
185.109.27.0/24 maxlen: 24
185.253.53.0/24 maxlen: 24
2a00:ae20::/32 maxlen: 32
2a06:4dc0::/29 maxlen: 29
2a04:f440::/29 maxlen: 29
2a0d:cc0::/29 maxlen: 29
2a0f:ccc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 24 May 2023 12:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:df:5e:e5:af:e8:fc:5b:73:ff:17:e9:4e:7d:1f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b148db42f90e96447bd7f63edd8a7ccbeeaa842
Validity
Not Before: Apr 17 20:19:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ff950854c04f571e1fe4f28456afdded0f94a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:2a:d3:9f:e2:33:85:8c:5b:6e:50:52:b0:c4:
64:6a:c3:a2:74:99:11:c5:39:33:b6:39:ff:63:50:
7b:bb:6e:1f:41:37:49:c1:4e:aa:38:cd:db:70:4c:
7d:b6:fe:19:3f:ce:31:31:8a:10:3f:06:f5:07:89:
cc:21:ca:1e:56:7a:18:25:3f:d9:1f:61:1c:79:5b:
a3:0c:fa:d3:eb:6f:9b:c2:e6:c8:0b:9b:65:15:dc:
8e:81:a1:f2:44:cb:49:70:aa:2a:83:15:a9:c6:03:
fc:19:5f:fa:e5:b1:17:80:f2:76:ca:43:53:53:5d:
df:97:bd:52:3b:a8:58:0e:53:0b:63:33:41:e0:a4:
6e:b7:3f:6e:e3:a9:15:85:ac:4c:c3:54:6e:cd:7c:
62:7e:6a:ea:32:8b:0b:34:d0:19:39:0a:93:0f:fa:
65:9d:41:82:5b:bd:61:9f:71:3a:93:60:dd:c5:d1:
84:f0:70:1d:11:8b:f1:df:c4:89:6c:39:d6:5d:48:
db:60:39:bd:09:c3:bb:61:17:79:41:51:08:6c:b9:
bd:01:ab:b3:45:0e:d7:91:17:f6:f5:94:4d:8e:10:
82:d0:2d:b0:ad:40:3e:8e:7a:ca:58:57:ec:0d:ad:
a9:2e:7b:43:4c:23:9e:0f:aa:2e:07:45:8b:24:a3:
c0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F9:50:85:4C:04:F5:71:E1:FE:4F:28:45:6A:FD:DE:D0:F9:4A:17
X509v3 Authority Key Identifier:
keyid:7B:14:8D:B4:2F:90:E9:64:47:BD:7F:63:ED:D8:A7:CC:BE:EA:A8:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/exSNtC-Q6WRHvX9j7dinzL7qqEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/D_lQhUwE9XHh_k8oRWr93tD5Shc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f24885-a4db-4fa1-a72d-86d6c1305357/1/exSNtC-Q6WRHvX9j7dinzL7qqEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.64.0/22
185.109.24.0/22
185.187.62.0/24
185.253.53.0/24
193.43.208.0/24
194.156.180.0/22
IPv6:
2a00:ae20::/32
2a04:f440::/29
2a06:4dc0::/29
2a0d:cc0::/29
2a0f:ccc0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:a5:ed:68:8c:e9:5e:3e:d1:0a:16:fd:09:2e:b2:ae:08:39:
ea:bd:13:af:85:21:20:95:2c:b8:ff:95:c3:37:77:0c:3d:51:
fb:45:a6:ed:93:58:f7:91:d3:88:b9:d7:18:66:41:3a:2b:8b:
0e:e3:4c:98:d2:7d:ec:10:d5:b7:fe:60:71:1e:18:18:08:55:
77:55:92:49:23:bf:bf:67:4d:a4:e4:03:06:4b:6d:8a:2f:6f:
d9:6a:a4:48:fc:a5:b5:14:fc:72:38:0e:58:9c:a9:47:01:a5:
aa:d6:57:78:c2:3a:e3:62:ce:cd:2e:d9:b1:4f:1b:f2:10:00:
78:dd:ff:3b:c3:d7:08:f2:4a:8f:8a:de:10:3f:81:05:46:41:
8a:fe:fc:69:59:ae:68:b6:8d:4a:c9:2b:01:a9:22:b1:7b:56:
04:05:13:cb:60:e4:86:1e:b5:ac:9a:9d:6b:dc:4d:05:07:18:
52:7e:42:6d:de:e1:3a:22:9e:0b:db:f4:22:ec:12:f0:1e:92:
d7:12:a1:89:3c:7b:f3:26:3e:8f:4c:e1:1c:ba:73:2d:f3:99:
5e:6c:03:e7:b1:dd:d2:dc:ca:e4:a6:c0:32:c9:6f:02:3a:34:
4f:f5:5f:55:a2:d6:09:dc:4c:26:e3:5c:9a:e8:7c:72:39:19:
59:ce:bb:43
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYeQ317lr+j8W3P/F+lOfR/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMTQ4ZGI0MmY5MGU5NjQ0N2JkN2Y2M2VkZDhhN2NjYmVl
YWE4NDIwHhcNMjMwNDE3MjAxOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmY5NTA4NTRjMDRmNTcxZTFmZTRmMjg0NTZhZmRkZWQwZjk0YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSrTn+IzhYxbblBSsMRkasOidJkR
xTkztjn/Y1B7u24fQTdJwU6qOM3bcEx9tv4ZP84xMYoQPwb1B4nMIcoeVnoYJT/Z
H2EceVujDPrT62+bwubIC5tlFdyOgaHyRMtJcKoqgxWpxgP8GV/65bEXgPJ2ykNT
U13fl71SO6hYDlMLYzNB4KRutz9u46kVhaxMw1RuzXxifmrqMosLNNAZOQqTD/pl
nUGCW71hn3E6k2DdxdGE8HAdEYvx38SJbDnWXUjbYDm9CcO7YRd5QVEIbLm9Aauz
RQ7XkRf29ZRNjhCC0C2wrUA+jnrKWFfsDa2pLntDTCOeD6ouB0WLJKPAAwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFA/5UIVMBPVx4f5PKEVq/d7Q+UoXMB8GA1UdIwQY
MBaAFHsUjbQvkOlkR71/Y+3Yp8y+6qhCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXhTTnRDLVE2V1JIdlg5ajdkaW56TDdxcUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mMjQ4ODUtYTRkYi00ZmExLWE3MmQt
ODZkNmMxMzA1MzU3LzEvRF9sUWhVd0U5WEhoX2s4b1JXcjkzdEQ1U2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mMjQ4ODUtYTRkYi00ZmExLWE3MmQtODZkNmMxMzA1MzU3
LzEvZXhTTnRDLVE2V1JIdlg5ajdkaW56TDdxcUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAqBAIAATAkAwQCuR5AAwQC
uW0YAwQAubs+AwQAuf01AwQAwSvQAwQCwpy0MCkEAgACMCMDBQAqAK4gAwUDKgT0
QAMFAyoGTcADBQMqDQzAAwUDKg/MwDANBgkqhkiG9w0BAQsFAAOCAQEAoaXtaIzp
Xj7RChb9CS6yrgg56r0Tr4UhIJUsuP+Vwzd3DD1R+0Wm7ZNY95HTiLnXGGZBOiuL
DuNMmNJ97BDVt/5gcR4YGAhVd1WSSSO/v2dNpOQDBkttii9v2WqkSPyltRT8cjgO
WJypRwGlqtZXeMI642LOzS7ZsU8b8hAAeN3/O8PXCPJKj4reED+BBUZBiv78aVmu
aLaNSskrAakisXtWBAUTy2Dkhh61rJqda9xNBQcYUn5Cbd7hOiKeC9v0IuwS8B6S
1xKhiTx78yY+j0zhHLpzLfOZXmwD57Hd0tzK5KbAMslvAjo0T/VfVaLWCdxMJuNc
muh8cjkZWc67Qw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:03 2024 by rpki-client on console-fra.rpki-client.org