Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/4f9XB8mjFVAIhYw4DQilS0jp7mg.roa
File: 4f9XB8mjFVAIhYw4DQilS0jp7mg.roa (raw, json)
Hash identifier: tvSt15Oq9/m8XRqtmMl56wMEcwSbie44NQJu0hh0TRc=
Subject key identifier: E1:FF:57:07:C9:A3:15:50:08:85:8C:38:0D:08:A5:4B:48:E9:EE:68
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 01884916187C1F9A6D91C3F502E8F21EA2B1
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/4f9XB8mjFVAIhYw4DQilS0jp7mg.roa
Signing time: Tue 23 May 2023 14:49:24 +0000
ROA not before: Tue 23 May 2023 14:49:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
185.243.48.0/22 maxlen: 22
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
178.239.154.0/23 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Jun 2023 09:22:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:49:16:18:7c:1f:9a:6d:91:c3:f5:02:e8:f2:1e:a2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: May 23 14:49:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1ff5707c9a3155008858c380d08a54b48e9ee68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:55:af:fc:a3:5e:98:ea:e4:6b:4c:35:e4:37:
7f:8b:ba:14:cc:33:c9:db:33:f1:20:63:ad:93:8c:
39:9e:89:14:5c:a1:9e:2d:f3:3d:a7:d8:1b:be:a1:
e4:ba:11:e1:ca:e1:de:7f:d5:0a:5f:cb:d1:fa:90:
97:89:f1:f0:20:bf:fa:b3:e1:a0:fe:d2:09:f2:fc:
ac:30:fe:6e:04:86:58:92:ba:4c:d3:c9:01:35:c5:
a4:62:74:89:fc:c2:06:e7:50:41:fb:28:13:6b:2d:
be:f5:28:bf:a9:31:a3:4e:35:be:47:81:b7:17:51:
3e:93:a1:6f:28:70:4a:d2:67:4e:24:6f:2f:44:c8:
a8:9d:df:05:59:a9:80:55:53:97:e0:39:29:5b:eb:
e5:15:b8:11:23:6e:cd:21:de:2c:27:91:37:4c:97:
83:88:07:c3:f9:9d:6f:78:67:57:28:6a:1c:dd:47:
10:f1:bf:77:67:f5:6a:7f:65:ac:97:97:5a:67:da:
c9:e2:ab:e4:11:2e:c4:ac:91:54:e2:64:ee:12:a5:
80:a9:7b:93:16:a7:6b:08:09:f2:a3:ef:fd:61:af:
a4:53:a0:8e:7b:28:b1:81:b6:f5:5a:c6:a6:45:b8:
dc:2e:1e:70:48:15:1d:b8:0f:03:25:64:38:43:0a:
6c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FF:57:07:C9:A3:15:50:08:85:8C:38:0D:08:A5:4B:48:E9:EE:68
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/4f9XB8mjFVAIhYw4DQilS0jp7mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.154.0/23
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.243.48.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:7b:b9:f1:96:a6:ec:e2:1e:e3:39:d3:7a:f9:a5:32:78:b1:
0e:ad:64:fd:12:ec:17:4a:87:0d:ca:93:d3:39:ac:bb:e6:76:
bf:ed:4d:32:90:56:ea:76:7a:ca:88:26:74:e5:60:be:ee:55:
b7:78:df:31:c4:dc:3c:9b:db:f2:e1:fe:44:18:72:24:8c:dd:
b4:14:b7:c5:28:01:85:0b:b0:92:93:fb:5c:63:9a:60:ca:30:
b1:4c:c7:d3:22:a4:ff:8a:3c:e8:e0:07:51:0b:18:79:69:c6:
08:20:20:22:e9:24:50:89:21:f5:59:4d:58:39:a9:20:92:2f:
18:ac:08:9b:ca:35:af:6b:5d:d1:2e:54:fd:bd:50:4d:61:e1:
59:f8:1a:dd:09:c9:86:f4:bb:c2:2e:f1:f6:c9:54:4a:83:f9:
c4:a8:72:bf:87:54:6f:89:2b:68:a8:ab:a0:65:f2:23:f5:24:
45:8f:eb:93:3c:ea:fc:e5:8f:84:69:8e:40:de:15:43:a4:e8:
38:69:63:10:2f:57:1c:24:0f:48:23:aa:76:19:be:f2:1c:c9:
22:71:ab:7b:18:b5:8f:3a:fa:75:b9:fb:74:b6:8d:de:df:83:
29:79:b2:a9:bb:4f:13:8c:01:fb:3a:e9:08:6b:ff:43:46:0b:
ac:3d:1f:a9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYhJFhh8H5ptkcP1AujyHqKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNTIzMTQ0OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWZmNTcwN2M5YTMxNTUwMDg4NThjMzgwZDA4YTU0YjQ4ZTllZTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVWv/KNemOrka0w15Dd/i7oUzDPJ
2zPxIGOtk4w5nokUXKGeLfM9p9gbvqHkuhHhyuHef9UKX8vR+pCXifHwIL/6s+Gg
/tIJ8vysMP5uBIZYkrpM08kBNcWkYnSJ/MIG51BB+ygTay2+9Si/qTGjTjW+R4G3
F1E+k6FvKHBK0mdOJG8vRMiond8FWamAVVOX4DkpW+vlFbgRI27NId4sJ5E3TJeD
iAfD+Z1veGdXKGoc3UcQ8b93Z/Vqf2Wsl5daZ9rJ4qvkES7ErJFU4mTuEqWAqXuT
FqdrCAnyo+/9Ya+kU6COeyixgbb1WsamRbjcLh5wSBUduA8DJWQ4QwpsvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOH/VwfJoxVQCIWMOA0IpUtI6e5oMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvNGY5WEI4bWpGVkFJaFl3NERRaWxTMGpwN21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBsu+aAwQA
su+fAwQBuRoiAwQCuXysAwQCufMwMA0GCSqGSIb3DQEBCwUAA4IBAQCde7nxlqbs
4h7jOdN6+aUyeLEOrWT9EuwXSocNypPTOay75na/7U0ykFbqdnrKiCZ05WC+7lW3
eN8xxNw8m9vy4f5EGHIkjN20FLfFKAGFC7CSk/tcY5pgyjCxTMfTIqT/ijzo4AdR
Cxh5acYIICAi6SRQiSH1WU1YOakgki8YrAibyjWva13RLlT9vVBNYeFZ+BrdCcmG
9LvCLvH2yVRKg/nEqHK/h1RviStoqKugZfIj9SRFj+uTPOr85Y+EaY5A3hVDpOg4
aWMQL1ccJA9II6p2Gb7yHMkicat7GLWPOvp1uft0to3e34MpebKpu08TjAH7OukI
a/9DRgusPR+p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:29 2024 by rpki-client on console-fra.rpki-client.org