Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/fjGr2ocKgMNI-k-RVrhcQFXOoAM.roa
File: fjGr2ocKgMNI-k-RVrhcQFXOoAM.roa (raw, json)
Hash identifier: rCxpbxj9Nk5c/6eLxlDKOAv1XP1vPugPh9VnYX7Ql3k=
Subject key identifier: 7E:31:AB:DA:87:0A:80:C3:48:FA:4F:91:56:B8:5C:40:55:CE:A0:03
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 01856C5CAABE8E3E4037204472A2E325BA33
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/fjGr2ocKgMNI-k-RVrhcQFXOoAM.roa
Signing time: Sun 01 Jan 2023 08:04:50 +0000
ROA not before: Sun 01 Jan 2023 08:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 157.167.226.0/24 maxlen: 24
157.167.225.0/24 maxlen: 24
157.167.224.0/24 maxlen: 24
157.167.228.0/24 maxlen: 24
157.167.227.0/24 maxlen: 24
157.167.232.0/24 maxlen: 24
157.167.231.0/24 maxlen: 24
157.167.230.0/24 maxlen: 24
157.167.229.0/24 maxlen: 24
157.167.233.0/24 maxlen: 24
157.167.152.0/24 maxlen: 24
157.167.156.0/24 maxlen: 24
157.167.155.0/24 maxlen: 24
157.167.153.0/24 maxlen: 24
157.167.184.0/21 maxlen: 21
157.167.134.0/24 maxlen: 24
157.167.135.0/24 maxlen: 24
157.167.136.0/21 maxlen: 21
157.167.144.0/21 maxlen: 21
85.115.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:aa:be:8e:3e:40:37:20:44:72:a2:e3:25:ba:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 1 08:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e31abda870a80c348fa4f9156b85c4055cea003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:67:70:79:33:22:6f:fc:d5:4d:e9:b8:83:cb:
90:60:d1:30:ac:26:21:e6:5b:ae:bb:f1:6a:59:91:
ad:11:57:da:e5:cf:53:ad:4b:ec:42:73:2a:be:23:
c6:6c:6e:22:de:ae:72:78:d5:17:f7:fd:eb:10:5e:
7a:17:87:c4:4c:bd:d0:5c:82:16:6c:67:c9:1c:7f:
3f:de:7c:ce:e3:f9:e9:a5:a4:3d:be:e9:15:61:f4:
41:49:b6:68:54:22:a1:4b:dd:56:5f:58:c7:4b:86:
e8:22:56:df:54:c5:36:2f:43:1a:95:7a:a8:ce:c3:
e4:76:7b:e1:db:70:a1:a0:eb:f9:ed:c7:5d:13:6b:
da:2a:f8:ba:15:e9:27:65:8f:32:60:61:c3:16:55:
19:e7:65:37:2b:a6:db:69:16:84:a9:ce:0f:38:a3:
89:e9:a0:03:bc:f5:77:29:fb:2d:9a:8e:5e:e9:f5:
97:b3:5d:29:21:8c:29:d0:cd:7a:26:4e:9b:58:12:
a1:79:b3:24:10:bf:8e:80:11:cb:04:09:9d:de:65:
1c:20:ed:20:a3:0e:f8:74:bc:80:e2:fe:03:d5:ea:
32:4f:df:b5:2d:e6:1d:f5:13:f2:db:97:a3:4b:0d:
8f:47:c7:1b:ea:df:0c:e7:f8:b2:68:a2:bb:51:52:
ed:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:31:AB:DA:87:0A:80:C3:48:FA:4F:91:56:B8:5C:40:55:CE:A0:03
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/fjGr2ocKgMNI-k-RVrhcQFXOoAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.38.0/24
157.167.134.0-157.167.153.255
157.167.155.0-157.167.156.255
157.167.184.0/21
157.167.224.0-157.167.233.255
Signature Algorithm: sha256WithRSAEncryption
40:dc:88:99:5c:d2:25:a3:f4:81:ec:0c:af:5d:03:ac:6d:67:
04:19:7c:80:78:c3:94:23:ce:52:c0:da:4c:63:79:6f:6d:cf:
94:22:fc:f9:73:14:88:1a:dd:d4:4f:7c:6a:87:e5:89:52:20:
f1:f4:d3:d3:05:ae:55:6b:07:02:ab:3d:56:19:cb:05:0e:0f:
6b:69:0c:52:60:48:f4:2b:79:ba:93:37:e3:4d:58:01:ef:e9:
bb:a5:a1:ae:5c:de:da:58:0e:a7:d2:25:3a:3a:9d:4c:8f:8f:
d6:52:01:5f:b9:be:dc:fc:86:f2:55:79:b0:f6:c5:19:6f:e6:
75:d4:b1:15:5a:53:2e:67:b1:31:d1:ea:3e:f1:13:a9:1b:7d:
ea:7b:42:47:2c:f7:cc:21:22:e9:59:59:b4:30:92:bd:5b:94:
ec:83:4d:cd:61:6f:63:11:64:1b:2e:84:33:75:73:ee:70:35:
d4:c3:93:be:e1:0a:74:94:e6:27:20:1c:5b:96:1b:87:d4:2b:
7e:63:4e:5d:15:9a:49:d4:ce:0b:37:d7:96:c2:fe:bc:8a:07:
8a:5f:8a:20:0f:1b:15:92:61:e1:26:ba:50:75:a9:f5:0b:0e:
9f:96:2d:b1:9b:17:37:4d:f5:cc:bd:a2:83:18:8f:4e:34:ca:
2c:ed:05:fa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVsXKq+jj5ANyBEcqLjJbozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjMwMTAxMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTMxYWJkYTg3MGE4MGMzNDhmYTRmOTE1NmI4NWM0MDU1Y2VhMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2dweTMib/zVTem4g8uQYNEwrCYh
5luuu/FqWZGtEVfa5c9TrUvsQnMqviPGbG4i3q5yeNUX9/3rEF56F4fETL3QXIIW
bGfJHH8/3nzO4/nppaQ9vukVYfRBSbZoVCKhS91WX1jHS4boIlbfVMU2L0MalXqo
zsPkdnvh23ChoOv57cddE2vaKvi6FeknZY8yYGHDFlUZ52U3K6bbaRaEqc4POKOJ
6aADvPV3Kfstmo5e6fWXs10pIYwp0M16Jk6bWBKhebMkEL+OgBHLBAmd3mUcIO0g
ow74dLyA4v4D1eoyT9+1LeYd9RPy25ejSw2PR8cb6t8M5/iyaKK7UVLtdQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFH4xq9qHCoDDSPpPkVa4XEBVzqADMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvZmpHcjJvY0tnTU5JLWstUlZyaGNRRlhPb0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVXMmMAwD
BAGdp4YDBAGdp5gwDAMEAJ2nmwMEAJ2nnAMEA52nuDAMAwQFnafgAwQBnafoMA0G
CSqGSIb3DQEBCwUAA4IBAQBA3IiZXNIlo/SB7AyvXQOsbWcEGXyAeMOUI85SwNpM
Y3lvbc+UIvz5cxSIGt3UT3xqh+WJUiDx9NPTBa5VawcCqz1WGcsFDg9raQxSYEj0
K3m6kzfjTVgB7+m7paGuXN7aWA6n0iU6Op1Mj4/WUgFfub7c/IbyVXmw9sUZb+Z1
1LEVWlMuZ7Ex0eo+8ROpG33qe0JHLPfMISLpWVm0MJK9W5Tsg03NYW9jEWQbLoQz
dXPucDXUw5O+4Qp0lOYnIBxblhuH1Ct+Y05dFZpJ1M4LN9eWwv68igeKX4ogDxsV
kmHhJrpQdan1Cw6fli2xmxc3TfXMvaKDGI9ONMos7QX6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org