Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1fI9ZiMkwNPte5zc48RbRN-E42g.roa
File: 1fI9ZiMkwNPte5zc48RbRN-E42g.roa (raw, json)
Hash identifier: m1kgCqV3N0bvONVX/lSx4DYnMGcDzQ0XeaZFTLtOv4M=
Subject key identifier: D5:F2:3D:66:23:24:C0:D3:ED:7B:9C:DC:E3:C4:5B:44:DF:84:E3:68
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 01919E2999D43B052F04365342DD80676D18
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1fI9ZiMkwNPte5zc48RbRN-E42g.roa
Signing time: Thu 29 Aug 2024 12:43:32 +0000
ROA not before: Thu 29 Aug 2024 12:43:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 195.216.160.0/24 maxlen: 24
195.216.161.0/24 maxlen: 24
213.182.197.0/24 maxlen: 24
213.182.198.0/24 maxlen: 24
213.182.201.0/24 maxlen: 24
213.182.205.0/24 maxlen: 24
213.182.206.0/24 maxlen: 24
213.182.212.0/24 maxlen: 24
213.182.213.0/24 maxlen: 24
213.182.214.0/24 maxlen: 24
213.182.215.0/24 maxlen: 24
213.182.217.0/24 maxlen: 24
213.182.219.0/24 maxlen: 24
213.182.220.0/24 maxlen: 24
213.182.221.0/24 maxlen: 24
213.182.222.0/24 maxlen: 24
213.182.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 31 Aug 2024 15:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:29:99:d4:3b:05:2f:04:36:53:42:dd:80:67:6d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Aug 29 12:43:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5f23d662324c0d3ed7b9cdce3c45b44df84e368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:75:34:66:df:b8:c9:a3:c6:3a:1a:71:e1:f3:
d0:31:f5:fa:e1:4f:5d:2f:7a:2e:99:53:d5:a1:45:
33:d9:a1:f6:78:d6:ca:32:6e:19:44:3e:73:ce:ac:
15:25:9b:af:36:b7:71:f9:70:2c:df:c5:c5:49:ff:
f4:74:fe:f3:5c:30:00:2a:8a:ea:56:39:5e:08:e1:
f0:70:3a:3a:6c:6e:b7:6f:2b:00:5d:23:32:9a:88:
a2:b9:65:00:47:cf:d5:c8:02:d2:3e:77:c1:a9:c9:
86:68:f2:11:2b:8c:20:96:88:c6:42:76:9b:7a:ba:
c2:89:6e:47:3d:c5:00:2f:af:b1:09:f3:3f:57:d3:
c4:8b:23:ea:df:e0:5a:27:dc:d7:f4:34:f4:e7:fd:
c9:5d:36:32:0d:47:42:05:57:4f:c9:20:8e:78:11:
d2:52:b2:54:9c:24:55:82:aa:5b:6a:4c:d7:8a:71:
83:10:df:71:1c:e4:54:6e:84:a5:78:ac:97:75:c9:
72:aa:ad:17:ef:c3:5e:e3:b6:74:86:b6:f6:d7:32:
b1:ad:79:79:5e:ec:81:6b:90:b6:5c:2f:69:0e:e8:
8b:5b:7a:e4:1d:58:08:50:ad:e8:81:2a:f9:49:0d:
65:81:d9:62:9d:ad:9b:2b:5e:33:b0:3e:a6:3f:af:
98:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:F2:3D:66:23:24:C0:D3:ED:7B:9C:DC:E3:C4:5B:44:DF:84:E3:68
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1fI9ZiMkwNPte5zc48RbRN-E42g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.160.0/23
213.182.197.0-213.182.198.255
213.182.201.0/24
213.182.205.0-213.182.206.255
213.182.212.0/22
213.182.217.0/24
213.182.219.0-213.182.223.255
Signature Algorithm: sha256WithRSAEncryption
82:92:84:ef:cd:21:94:2b:50:72:67:c6:de:87:2d:56:30:78:
2f:b8:55:8f:9d:12:92:8f:9c:38:c8:f9:fc:a1:d1:08:d7:ac:
0f:fb:05:e4:77:bb:aa:d1:50:2a:91:79:45:bf:67:58:19:c3:
14:c4:66:be:ad:27:c3:da:8c:58:ab:d2:04:2a:01:77:f3:48:
14:3d:55:00:41:29:a8:33:60:71:10:a6:18:37:e4:6d:3f:01:
90:fe:79:bb:b6:1b:44:f1:27:5d:fb:13:22:ab:99:1a:e2:a7:
2a:f6:69:02:08:2b:0e:b6:04:a8:73:f6:a3:54:5f:65:4a:20:
ff:8f:10:9c:ac:61:6d:09:36:85:75:23:3b:35:47:b6:f2:f7:
47:88:60:0d:81:dc:a6:9c:c2:61:04:ac:81:82:85:1f:59:95:
c4:03:0f:8e:9a:36:23:df:a5:ba:66:31:f6:9a:0c:d2:ed:20:
b7:93:2a:7c:13:74:07:aa:20:bb:ec:7c:6e:00:7e:c7:47:d9:
48:c4:a8:ce:8f:2b:68:d7:24:74:8f:ae:21:3c:9e:cd:d1:14:
e5:ae:57:7d:28:c9:fb:b4:0f:f9:78:93:24:4b:22:4f:39:b3:
fa:73:df:1c:cf:a7:1a:56:09:75:de:f5:ae:60:9d:ac:d9:30:
d4:98:dd:5f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZGeKZnUOwUvBDZTQt2AZ20YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwODI5MTI0MzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWYyM2Q2NjIzMjRjMGQzZWQ3YjljZGNlM2M0NWI0NGRmODRlMzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXU0Zt+4yaPGOhpx4fPQMfX64U9d
L3oumVPVoUUz2aH2eNbKMm4ZRD5zzqwVJZuvNrdx+XAs38XFSf/0dP7zXDAAKorq
VjleCOHwcDo6bG63bysAXSMymoiiuWUAR8/VyALSPnfBqcmGaPIRK4wglojGQnab
errCiW5HPcUAL6+xCfM/V9PEiyPq3+BaJ9zX9DT05/3JXTYyDUdCBVdPySCOeBHS
UrJUnCRVgqpbakzXinGDEN9xHORUboSleKyXdclyqq0X78Ne47Z0hrb21zKxrXl5
XuyBa5C2XC9pDuiLW3rkHVgIUK3ogSr5SQ1lgdlina2bK14zsD6mP6+YjQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNXyPWYjJMDT7Xuc3OPEW0TfhONoMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMWZJOVppTWt3TlB0ZTV6YzQ4UmJSTi1FNDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBw9igMAwD
BADVtsUDBADVtsYDBADVtskwDAMEANW2zQMEANW2zgMEAtW21AMEANW22TAMAwQA
1bbbAwQF1bbAMA0GCSqGSIb3DQEBCwUAA4IBAQCCkoTvzSGUK1ByZ8behy1WMHgv
uFWPnRKSj5w4yPn8odEI16wP+wXkd7uq0VAqkXlFv2dYGcMUxGa+rSfD2oxYq9IE
KgF380gUPVUAQSmoM2BxEKYYN+RtPwGQ/nm7thtE8Sdd+xMiq5ka4qcq9mkCCCsO
tgSoc/ajVF9lSiD/jxCcrGFtCTaFdSM7NUe28vdHiGANgdymnMJhBKyBgoUfWZXE
Aw+OmjYj36W6ZjH2mgzS7SC3kyp8E3QHqiC77HxuAH7HR9lIxKjOjyto1yR0j64h
PJ7N0RTlrld9KMn7tA/5eJMkSyJPObP6c98cz6caVgl13vWuYJ2s2TDUmN1f
-----END CERTIFICATE-----
Generated at Sat Aug 31 16:24:53 2024 by rpki-client on console-fra.rpki-client.org