Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/152lqvdPvJdQIGLrd4ODb07taRc.roa
File: 152lqvdPvJdQIGLrd4ODb07taRc.roa (raw, json)
Hash identifier: MjO+HYl2mZ0S9SedxppH136pSZcDiinh59vgf6jwwBw=
Subject key identifier: D7:9D:A5:AA:F7:4F:BC:97:50:20:62:EB:77:83:83:6F:4E:ED:69:17
Certificate issuer: /CN=0191496469167c5b1d8920b98bd51af3fe35ade5
Certificate serial: 018CC4253C7902D44BD9E2B17509B62B978F
Authority key identifier: 01:91:49:64:69:16:7C:5B:1D:89:20:B9:8B:D5:1A:F3:FE:35:AD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZFJZGkWfFsdiSC5i9Ua8_41reU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/152lqvdPvJdQIGLrd4ODb07taRc.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42353
IP address blocks: 185.63.140.0/24 maxlen: 24
185.63.141.0/24 maxlen: 24
185.63.142.0/24 maxlen: 24
185.63.143.0/24 maxlen: 24
178.22.136.0/24 maxlen: 24
178.22.137.0/24 maxlen: 24
178.22.139.0/24 maxlen: 24
178.22.136.0/23 maxlen: 23
178.22.136.0/21 maxlen: 21
178.22.142.0/23 maxlen: 24
178.22.143.0/24 maxlen: 24
178.22.140.0/23 maxlen: 23
178.22.140.0/24 maxlen: 24
178.22.141.0/24 maxlen: 24
194.0.210.0/24 maxlen: 24
2a02:28c8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3c:79:02:d4:4b:d9:e2:b1:75:09:b6:2b:97:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0191496469167c5b1d8920b98bd51af3fe35ade5
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d79da5aaf74fbc97502062eb7783836f4eed6917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0f:03:fd:2c:ae:8e:de:fd:eb:7e:2f:1d:de:
83:55:60:88:e0:1b:09:c6:b2:5c:aa:85:40:8d:98:
a0:d2:24:e5:60:84:38:b0:d3:32:de:cb:12:3b:1a:
8a:e0:91:cc:1c:52:59:20:36:07:ef:e1:f5:5e:c1:
96:b8:47:8a:31:02:26:a1:bc:30:47:94:eb:a5:b8:
2f:5a:f8:ab:b3:63:3e:f2:a7:75:31:c8:55:c3:e5:
bb:59:3b:a6:10:49:db:e3:94:c7:5a:0c:c2:9d:f2:
6d:6f:c4:0c:3b:95:64:37:03:6b:49:0f:71:7b:09:
5d:83:bb:b2:b9:d6:b1:3e:69:ca:3b:6e:ae:55:46:
91:d6:0b:49:4d:1f:a8:c6:3c:a9:0a:dc:08:8f:54:
17:c2:91:cf:44:52:71:74:7e:4a:36:2c:25:d3:6d:
64:4c:c7:48:e7:71:f6:ad:a2:89:b8:ae:42:cc:13:
40:ed:d4:20:7a:d0:9b:bd:33:4c:3d:43:7e:86:97:
eb:0b:67:bb:3a:2b:7b:43:53:01:b0:9a:9e:63:b0:
0e:34:1d:94:74:c0:d8:1d:57:8b:eb:da:cb:e2:50:
14:c9:27:17:8e:88:fd:f2:91:4e:64:64:2f:ca:4c:
ac:93:0f:4f:fe:fe:a0:4a:d6:d8:86:bb:4e:ac:73:
f1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9D:A5:AA:F7:4F:BC:97:50:20:62:EB:77:83:83:6F:4E:ED:69:17
X509v3 Authority Key Identifier:
keyid:01:91:49:64:69:16:7C:5B:1D:89:20:B9:8B:D5:1A:F3:FE:35:AD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZFJZGkWfFsdiSC5i9Ua8_41reU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/152lqvdPvJdQIGLrd4ODb07taRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/AZFJZGkWfFsdiSC5i9Ua8_41reU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.136.0/21
185.63.140.0/22
194.0.210.0/24
IPv6:
2a02:28c8::/32
Signature Algorithm: sha256WithRSAEncryption
e0:cd:b3:eb:3c:d5:09:29:84:0e:c2:4b:32:4d:6b:6a:83:84:
ef:ec:7e:3b:3f:f5:dd:41:7e:51:ae:39:6d:d1:88:12:8c:b0:
c9:81:9c:ff:65:67:cb:8b:4c:be:a3:27:0e:15:6e:ee:be:d4:
e3:a6:68:cf:aa:e5:1e:1e:ec:96:62:f1:7b:45:76:9b:31:6d:
53:5b:a4:c8:ef:ac:80:45:a7:ff:d1:11:fe:1c:fc:fd:71:cb:
78:68:05:8e:0e:7e:6f:44:2b:fd:3f:cd:1d:97:bc:df:af:ee:
34:3d:77:97:58:b3:c5:99:19:46:d6:02:ab:4b:da:dc:be:82:
56:34:9d:a6:0a:8e:b0:5d:c2:65:0d:15:e6:0a:9a:de:c4:47:
b6:b7:6b:e2:90:9f:ea:68:4f:64:24:8a:29:7a:4e:55:f5:64:
ae:fa:b7:ee:eb:22:be:ae:ab:70:99:de:cd:16:01:fe:0a:dc:
29:45:6b:b9:22:6f:9d:27:1a:17:6e:ff:95:5b:24:3a:c3:b6:
30:e6:84:5a:f4:0c:f7:f3:a5:c7:3f:d9:cf:ae:60:0d:f0:a4:
8b:a4:45:d4:c8:d7:38:bc:16:6b:4a:5a:38:6c:45:29:34:e5:
4d:38:da:6c:fe:43:d4:9c:0a:ab:71:13:c9:77:14:30:e3:6d:
c3:e7:ac:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJTx5AtRL2eKxdQm2K5ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTE0OTY0NjkxNjdjNWIxZDg5MjBiOThiZDUxYWYzZmUz
NWFkZTUwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlkYTVhYWY3NGZiYzk3NTAyMDYyZWI3NzgzODM2ZjRlZWQ2OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w8D/Syujt79634vHd6DVWCI4BsJ
xrJcqoVAjZig0iTlYIQ4sNMy3ssSOxqK4JHMHFJZIDYH7+H1XsGWuEeKMQImobww
R5TrpbgvWvirs2M+8qd1MchVw+W7WTumEEnb45THWgzCnfJtb8QMO5VkNwNrSQ9x
ewldg7uyudaxPmnKO26uVUaR1gtJTR+oxjypCtwIj1QXwpHPRFJxdH5KNiwl021k
TMdI53H2raKJuK5CzBNA7dQgetCbvTNMPUN+hpfrC2e7Oit7Q1MBsJqeY7AONB2U
dMDYHVeL69rL4lAUyScXjoj98pFOZGQvykyskw9P/v6gStbYhrtOrHPx4wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNedpar3T7yXUCBi63eDg29O7WkXMB8GA1UdIwQY
MBaAFAGRSWRpFnxbHYkguYvVGvP+Na3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpGSlpHa1dmRnNkaVNDNWk5VWE4XzQxcmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8xZDAxNTItODU2ZC00NzE3LTgyMTkt
YmYyZjk3ZjFlMzRmLzEvMTUybHF2ZFB2SmRRSUdMcmQ0T0RiMDd0YVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8xZDAxNTItODU2ZC00NzE3LTgyMTktYmYyZjk3ZjFlMzRm
LzEvQVpGSlpHa1dmRnNkaVNDNWk5VWE4XzQxcmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDshaIAwQC
uT+MAwQAwgDSMA0EAgACMAcDBQAqAijIMA0GCSqGSIb3DQEBCwUAA4IBAQDgzbPr
PNUJKYQOwksyTWtqg4Tv7H47P/XdQX5Rrjlt0YgSjLDJgZz/ZWfLi0y+oycOFW7u
vtTjpmjPquUeHuyWYvF7RXabMW1TW6TI76yARaf/0RH+HPz9cct4aAWODn5vRCv9
P80dl7zfr+40PXeXWLPFmRlG1gKrS9rcvoJWNJ2mCo6wXcJlDRXmCprexEe2t2vi
kJ/qaE9kJIopek5V9WSu+rfu6yK+rqtwmd7NFgH+CtwpRWu5Im+dJxoXbv+VWyQ6
w7Yw5oRa9Az386XHP9nPrmAN8KSLpEXUyNc4vBZrSlo4bEUpNOVNONps/kPUnAqr
cRPJdxQw423D56wM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:53 2025 by rpki-client