Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/BRaEsPO96n9Ut63Oh1cM-XfwY2c.roa
File: BRaEsPO96n9Ut63Oh1cM-XfwY2c.roa (raw, json)
Hash identifier: fH7RIQt3q47utw+LHnEcfTYKFe6FOoF9CIJZnPaqTYE=
Subject key identifier: 05:16:84:B0:F3:BD:EA:7F:54:B7:AD:CE:87:57:0C:F9:77:F0:63:67
Certificate issuer: /CN=fcf5f08031e35af9545d3ad3d138cad10396e2ca
Certificate serial: 01856FE71A54DC0A98814E343DAA9C5869F0
Authority key identifier: FC:F5:F0:80:31:E3:5A:F9:54:5D:3A:D3:D1:38:CA:D1:03:96:E2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_PXwgDHjWvlUXTrT0TjK0QOW4so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/BRaEsPO96n9Ut63Oh1cM-XfwY2c.roa
Signing time: Mon 02 Jan 2023 00:34:54 +0000
ROA not before: Mon 02 Jan 2023 00:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205157
IP address blocks: 185.70.162.0/24 maxlen: 24
185.228.171.0/24 maxlen: 24
185.228.170.0/24 maxlen: 24
185.228.169.0/24 maxlen: 24
185.228.168.0/24 maxlen: 24
2a0d:2a00:1::/48 maxlen: 48
2a0d:2a00:ab1::/48 maxlen: 48
2a0d:2a00:2::/48 maxlen: 48
2a0d:2a00:ab2::/48 maxlen: 48
2a0d:2a00:c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:e7:1a:54:dc:0a:98:81:4e:34:3d:aa:9c:58:69:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcf5f08031e35af9545d3ad3d138cad10396e2ca
Validity
Not Before: Jan 2 00:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=051684b0f3bdea7f54b7adce87570cf977f06367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7d:27:1e:c1:13:c1:f4:79:35:bc:ae:b0:5e:
5e:a5:42:7c:9e:c2:3a:b1:9e:ae:73:9b:35:45:ee:
98:a0:93:e8:a0:53:de:6b:8b:c2:52:88:ed:b5:30:
17:c6:63:14:b2:19:54:be:aa:e0:1a:d7:2c:b0:e3:
18:f0:1d:fc:43:1c:9d:96:70:0b:0a:41:12:07:a5:
2d:f6:78:45:13:d7:eb:bf:be:02:25:8c:47:43:ac:
af:0b:9d:bf:24:13:5e:8d:86:31:b9:cd:05:60:d0:
c5:db:b3:fc:f7:a0:5b:74:9f:84:0c:51:3d:3b:80:
36:af:f9:92:c5:c1:b5:a4:86:f6:4b:c2:6d:0b:3c:
f7:ef:39:67:2e:23:e3:43:1f:c9:39:22:d0:2b:dc:
f1:05:9a:a4:04:65:1a:23:71:94:ba:25:46:f8:fe:
d6:f5:ec:58:a7:9b:12:b8:d4:b9:64:b9:4f:09:1d:
fa:68:48:fa:cf:7c:76:03:1d:2b:99:da:3a:07:e0:
14:09:fa:e6:06:6e:28:88:71:b6:67:83:50:c9:a1:
37:dd:ab:df:24:74:fc:71:8a:93:f6:d0:d2:ab:3e:
9d:96:1c:70:68:0b:71:94:67:ac:8b:cb:57:09:1f:
d4:32:38:36:d0:bb:8d:ec:e9:87:33:60:fc:89:10:
d2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:16:84:B0:F3:BD:EA:7F:54:B7:AD:CE:87:57:0C:F9:77:F0:63:67
X509v3 Authority Key Identifier:
keyid:FC:F5:F0:80:31:E3:5A:F9:54:5D:3A:D3:D1:38:CA:D1:03:96:E2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_PXwgDHjWvlUXTrT0TjK0QOW4so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/BRaEsPO96n9Ut63Oh1cM-XfwY2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b7bdf6-9df4-4d4f-8d95-bcbfb1898eba/1/_PXwgDHjWvlUXTrT0TjK0QOW4so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.162.0/24
185.228.168.0/22
IPv6:
2a0d:2a00:1::-2a0d:2a00:2:ffff:ffff:ffff:ffff:ffff
2a0d:2a00:c0::/48
2a0d:2a00:ab1::-2a0d:2a00:ab2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
96:0a:2e:57:7a:3c:b9:f1:8e:b8:1c:08:c2:a1:de:b9:a0:9e:
19:15:fe:cb:61:34:f1:cc:7c:60:34:14:da:32:11:cf:e3:f6:
cc:d6:b1:cf:c8:b6:31:76:e8:0e:6a:5b:f7:41:25:9b:3a:17:
27:39:37:d6:17:f0:2b:4d:03:8a:0b:98:8e:93:75:06:90:52:
29:7e:8f:00:8b:02:92:4c:ca:d8:25:3d:8d:37:e1:b8:14:38:
00:c0:0a:4f:00:5b:8d:27:f5:52:6a:ff:ae:d0:04:6c:81:b3:
26:97:15:e3:90:73:8f:60:a8:c0:aa:c7:8d:36:7c:fb:8a:5d:
5c:eb:21:1a:47:58:ef:f0:7b:98:6b:96:69:2b:97:d5:dd:ab:
bb:1c:39:d9:c1:b6:e8:85:c3:04:3f:68:b6:73:48:15:05:e9:
c3:69:b8:19:82:b7:bc:86:76:f6:ac:81:e9:58:e8:bf:41:d0:
a3:b3:3e:f6:21:a6:7c:f5:2a:68:6e:3b:31:ce:a9:18:b3:a4:
4c:c2:ad:de:99:46:e4:5b:1f:41:99:94:b3:79:74:23:8b:d2:
da:e8:07:4b:6d:24:02:9a:7e:7c:8c:68:da:94:2d:3d:de:50:
1e:a9:b2:39:71:70:b8:25:b3:01:eb:a1:ff:d3:a5:de:a0:e4:
2a:b9:9c:7b
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYVv5xpU3AqYgU40PaqcWGnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjZjVmMDgwMzFlMzVhZjk1NDVkM2FkM2QxMzhjYWQxMDM5
NmUyY2EwHhcNMjMwMTAyMDAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE2ODRiMGYzYmRlYTdmNTRiN2FkY2U4NzU3MGNmOTc3ZjA2MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA030nHsETwfR5NbyusF5epUJ8nsI6
sZ6uc5s1Re6YoJPooFPea4vCUojttTAXxmMUshlUvqrgGtcssOMY8B38QxydlnAL
CkESB6Ut9nhFE9frv74CJYxHQ6yvC52/JBNejYYxuc0FYNDF27P896BbdJ+EDFE9
O4A2r/mSxcG1pIb2S8JtCzz37zlnLiPjQx/JOSLQK9zxBZqkBGUaI3GUuiVG+P7W
9exYp5sSuNS5ZLlPCR36aEj6z3x2Ax0rmdo6B+AUCfrmBm4oiHG2Z4NQyaE33avf
JHT8cYqT9tDSqz6dlhxwaAtxlGesi8tXCR/UMjg20LuN7OmHM2D8iRDSTQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAUWhLDzvep/VLetzodXDPl38GNnMB8GA1UdIwQY
MBaAFPz18IAx41r5VF0609E4ytEDluLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1BYd2dESGpXdmxVWFRyVDBUakswUU9XNHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iN2JkZjYtOWRmNC00ZDRmLThkOTUt
YmNiZmIxODk4ZWJhLzEvQlJhRXNQTzk2bjlVdDYzT2gxY00tWGZ3WTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iN2JkZjYtOWRmNC00ZDRmLThkOTUtYmNiZmIxODk4ZWJh
LzEvX1BYd2dESGpXdmxVWFRyVDBUakswUU9XNHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTASBAIAATAMAwQAuUaiAwQC
ueSoMDcEAgACMDEwEgMHACoNKgAAAQMHACoNKgAAAgMHACoNKgAAwDASAwcAKg0q
AAqxAwcAKg0qAAqyMA0GCSqGSIb3DQEBCwUAA4IBAQCWCi5Xejy58Y64HAjCod65
oJ4ZFf7LYTTxzHxgNBTaMhHP4/bM1rHPyLYxdugOalv3QSWbOhcnOTfWF/ArTQOK
C5iOk3UGkFIpfo8AiwKSTMrYJT2NN+G4FDgAwApPAFuNJ/VSav+u0ARsgbMmlxXj
kHOPYKjAqseNNnz7il1c6yEaR1jv8HuYa5ZpK5fV3au7HDnZwbbohcMEP2i2c0gV
BenDabgZgre8hnb2rIHpWOi/QdCjsz72IaZ89SpobjsxzqkYs6RMwq3emUbkWx9B
mZSzeXQji9La6AdLbSQCmn58jGjalC093lAeqbI5cXC4JbMB66H/06XeoOQquZx7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:43 2024 by rpki-client on console-fra.rpki-client.org