Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Jlj9Rj1DpTbgCc96BVvzUz6Udtk.roa
File: Jlj9Rj1DpTbgCc96BVvzUz6Udtk.roa (raw, json)
Hash identifier: m4gGfEFBJ9KtKtZ1LPkM3s1t0btqGvJpS9i+oYJOIVc=
Subject key identifier: 26:58:FD:46:3D:43:A5:36:E0:09:CF:7A:05:5B:F3:53:3E:94:76:D9
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018B03E46DA9FD7D849005D7B3361A78B8EF
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Jlj9Rj1DpTbgCc96BVvzUz6Udtk.roa
Signing time: Fri 06 Oct 2023 07:29:43 +0000
ROA not before: Fri 06 Oct 2023 07:29:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.23.200.0/23 maxlen: 32
185.251.44.0/23 maxlen: 32
185.251.46.0/23 maxlen: 32
185.247.230.0/23 maxlen: 32
185.247.229.0/24 maxlen: 32
185.247.228.0/24 maxlen: 32
195.66.220.0/22 maxlen: 32
95.175.80.0/20 maxlen: 32
185.251.248.0/23 maxlen: 32
185.251.250.0/23 maxlen: 32
194.156.112.0/22 maxlen: 32
193.8.80.0/22 maxlen: 32
178.239.22.0/23 maxlen: 32
95.214.84.0/22 maxlen: 32
88.218.144.0/22 maxlen: 32
45.133.136.0/24 maxlen: 32
195.158.208.0/22 maxlen: 32
91.193.100.0/22 maxlen: 32
Validation: Failed, certificate revoked on Fri 06 Oct 2023 08:53:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:e4:6d:a9:fd:7d:84:90:05:d7:b3:36:1a:78:b8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Oct 6 07:29:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2658fd463d43a536e009cf7a055bf3533e9476d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3d:ff:f8:b1:de:41:da:8f:ea:df:ce:43:7e:
47:19:1d:35:23:7e:4a:39:a5:9f:d7:f1:a4:dd:2c:
10:d9:4b:a4:d7:9d:5f:65:45:a6:19:e2:fc:36:af:
00:eb:a6:f6:92:44:51:a5:c4:6e:9e:d1:73:85:80:
13:64:99:a1:76:00:37:d0:27:da:07:88:60:11:5c:
33:7a:5c:74:f8:a1:4a:9f:ea:d6:dd:1c:3e:63:9c:
62:18:ca:42:07:e9:8b:ba:e9:62:23:ea:a6:90:29:
fd:a3:83:9e:b7:9b:3d:0d:75:5c:1e:2a:45:99:9b:
ab:28:5e:4a:3a:9c:85:09:b8:1d:81:b1:c0:a6:5b:
5d:0c:bf:b7:44:84:f3:ec:81:f5:77:fa:30:f4:55:
d9:b3:94:67:63:68:20:7c:db:bc:45:a9:7c:eb:6e:
6d:31:c7:ea:7a:8e:2f:2e:68:21:22:ef:18:45:4e:
dd:62:f3:3c:38:40:2d:a9:ec:8b:a7:16:1c:2d:0b:
11:b8:37:d0:51:53:2c:90:b3:7c:57:51:f1:91:40:
59:f8:af:9d:6c:05:00:82:36:51:31:20:1a:2b:47:
40:93:14:67:5a:64:52:32:1d:8b:4f:5f:e8:ea:cd:
e0:bc:39:7c:68:79:97:b1:06:a0:7a:a3:44:7f:e9:
2a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:58:FD:46:3D:43:A5:36:E0:09:CF:7A:05:5B:F3:53:3E:94:76:D9
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Jlj9Rj1DpTbgCc96BVvzUz6Udtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.136.0/24
88.218.144.0/22
91.193.100.0/22
95.175.80.0/20
95.214.84.0/22
178.239.22.0/23
185.23.200.0/23
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
193.8.80.0/22
194.156.112.0/22
195.66.220.0/22
195.158.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:59:fd:eb:ea:3e:7e:c2:9f:40:53:1d:04:97:3a:9c:2c:86:
d8:a7:57:bd:df:08:47:de:fb:26:27:1f:29:06:1a:8e:1a:ef:
0a:02:b4:fc:fc:be:95:11:1d:ab:dc:05:b1:29:0c:ad:a0:b0:
14:33:cf:18:e8:ba:3b:6e:ea:d6:3f:58:88:e0:42:83:99:b8:
e7:67:f5:d9:ed:35:8e:36:f9:7a:fc:0c:98:f4:34:99:b6:31:
ef:31:3d:7e:7a:60:55:34:9d:4c:df:a1:ad:fe:84:69:86:b9:
98:b5:eb:5e:80:c6:a8:89:fe:80:15:59:17:86:de:7c:61:f6:
d7:a4:c4:1b:5b:36:73:7c:ad:2a:55:36:6e:31:75:19:51:fa:
7a:7c:5d:51:30:3b:06:0b:02:b4:75:e4:14:89:42:80:e1:fe:
cc:79:51:de:ab:38:b4:66:aa:da:ac:4e:c5:d6:cb:3f:97:54:
32:9d:35:ea:9d:a6:ca:71:45:b5:39:4e:a3:5b:6a:5a:be:3e:
a8:5c:4c:25:a0:9e:b8:a2:cd:02:8e:5b:44:84:24:28:7d:a8:
5d:17:84:46:c4:ed:99:c1:4c:12:c2:de:5d:83:97:54:a4:a0:
6f:c1:9f:1c:3f:7a:3d:d7:09:96:bc:fc:e4:2c:02:10:c7:cf:
97:bd:e7:39
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYsD5G2p/X2EkAXXszYaeLjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjMxMDA2MDcyOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjU4ZmQ0NjNkNDNhNTM2ZTAwOWNmN2EwNTViZjM1MzNlOTQ3NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT3/+LHeQdqP6t/OQ35HGR01I35K
OaWf1/Gk3SwQ2Uuk151fZUWmGeL8Nq8A66b2kkRRpcRuntFzhYATZJmhdgA30Cfa
B4hgEVwzelx0+KFKn+rW3Rw+Y5xiGMpCB+mLuuliI+qmkCn9o4Oet5s9DXVcHipF
mZurKF5KOpyFCbgdgbHApltdDL+3RITz7IH1d/ow9FXZs5RnY2ggfNu8Ral8625t
Mcfqeo4vLmghIu8YRU7dYvM8OEAtqeyLpxYcLQsRuDfQUVMskLN8V1HxkUBZ+K+d
bAUAgjZRMSAaK0dAkxRnWmRSMh2LT1/o6s3gvDl8aHmXsQageqNEf+kqCQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFCZY/UY9Q6U24AnPegVb81M+lHbZMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvSmxqOVJqMURwVGJnQ2M5NkJWdnpVejZVZHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYWIAwQC
WNqQAwQCW8FkAwQEX69QAwQCX9ZUAwQBsu8WAwQBuRfIAwQCuffkAwQCufssAwQC
ufv4AwQCwQhQAwQCwpxwAwQCw0LcAwQCw57QMA0GCSqGSIb3DQEBCwUAA4IBAQCa
Wf3r6j5+wp9AUx0ElzqcLIbYp1e93whH3vsmJx8pBhqOGu8KArT8/L6VER2r3AWx
KQytoLAUM88Y6Lo7burWP1iI4EKDmbjnZ/XZ7TWONvl6/AyY9DSZtjHvMT1+emBV
NJ1M36Gt/oRphrmYtetegMaoif6AFVkXht58YfbXpMQbWzZzfK0qVTZuMXUZUfp6
fF1RMDsGCwK0deQUiUKA4f7MeVHeqzi0ZqrarE7F1ss/l1QynTXqnabKcUW1OU6j
W2pavj6oXEwloJ64os0CjltEhCQofahdF4RGxO2ZwUwSwt5dg5dUpKBvwZ8cP3o9
1wmWvPzkLAIQx8+Xvec5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:29 2024 by rpki-client on console-ams.rpki-client.org