Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/Frgt6pWF7a4hyDFI1_Zdo5X63VE.roa
File: Frgt6pWF7a4hyDFI1_Zdo5X63VE.roa (raw, json)
Hash identifier: 6zMy88C617OHOP+gZbM9qbpqpq2g0oxJqBZJKUW1bpc=
Subject key identifier: 16:B8:2D:EA:95:85:ED:AE:21:C8:31:48:D7:F6:5D:A3:95:FA:DD:51
Certificate issuer: /CN=7d2ae80cde5cd769c8f144e6c266113bfaedec3e
Certificate serial: 0185719E8788DA63275A4B2648A67503364F
Authority key identifier: 7D:2A:E8:0C:DE:5C:D7:69:C8:F1:44:E6:C2:66:11:3B:FA:ED:EC:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/Frgt6pWF7a4hyDFI1_Zdo5X63VE.roa
Signing time: Mon 02 Jan 2023 08:34:52 +0000
ROA not before: Mon 02 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205668
IP address blocks: 185.44.128.0/22 maxlen: 24
185.200.101.0/24 maxlen: 24
185.200.102.0/24 maxlen: 24
185.200.103.0/24 maxlen: 24
185.200.100.0/24 maxlen: 24
185.129.71.0/24 maxlen: 24
185.129.68.0/22 maxlen: 24
185.129.68.0/24 maxlen: 24
185.129.69.0/24 maxlen: 24
185.129.70.0/24 maxlen: 24
45.148.168.0/22 maxlen: 24
2a0a:aa40::/32 maxlen: 32
2a01:74e0::/32 maxlen: 32
2a0a:aa42::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:87:88:da:63:27:5a:4b:26:48:a6:75:03:36:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ae80cde5cd769c8f144e6c266113bfaedec3e
Validity
Not Before: Jan 2 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16b82dea9585edae21c83148d7f65da395fadd51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ce:c8:39:5f:31:fb:9b:ab:c3:eb:f2:9f:c5:
33:f6:a9:7e:62:91:81:14:69:58:ea:b9:6b:91:d5:
8c:12:98:86:39:83:a4:48:b8:3d:a1:80:1e:68:76:
7e:57:05:96:19:99:02:95:fd:03:07:56:31:56:41:
67:cc:24:40:7f:88:8d:d8:71:f5:0b:0c:c5:dd:42:
c8:75:c6:2b:61:f3:b5:75:4a:4b:10:a6:98:4e:31:
be:07:7b:06:96:72:13:aa:0a:1c:42:bc:99:ee:c8:
c2:69:94:35:1a:00:67:a7:c8:a0:d9:5a:07:4e:6e:
7c:f0:7f:9c:68:63:22:08:59:83:0b:c2:14:0f:c6:
37:3a:ef:42:9a:f1:5e:06:a3:2d:94:4c:78:cd:4e:
01:2a:ed:bd:33:2e:f1:66:12:dc:95:4a:17:1c:c3:
c5:d3:2e:df:e3:9a:85:00:46:9f:e1:11:c6:99:8e:
f2:ba:1d:83:63:8b:a5:99:21:34:55:35:0b:c4:fe:
fc:62:60:c7:f4:d3:3b:40:2a:a9:55:64:84:d9:b7:
57:18:45:50:87:f9:42:37:16:8e:7a:c2:d8:5c:f0:
c2:6c:4f:7d:7a:5b:c1:5d:74:fe:fe:63:66:61:89:
9e:2f:9d:56:34:f7:97:c1:96:38:a7:9d:50:f1:ae:
43:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B8:2D:EA:95:85:ED:AE:21:C8:31:48:D7:F6:5D:A3:95:FA:DD:51
X509v3 Authority Key Identifier:
keyid:7D:2A:E8:0C:DE:5C:D7:69:C8:F1:44:E6:C2:66:11:3B:FA:ED:EC:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fSroDN5c12nI8UTmwmYRO_rt7D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/Frgt6pWF7a4hyDFI1_Zdo5X63VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/a2ea51-87a6-4814-9b82-278cbb0b4e73/1/fSroDN5c12nI8UTmwmYRO_rt7D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.168.0/22
185.44.128.0/22
185.129.68.0/22
185.200.100.0/22
IPv6:
2a01:74e0::/32
2a0a:aa40::/32
2a0a:aa42::/32
Signature Algorithm: sha256WithRSAEncryption
b5:f3:ec:a3:28:5d:fc:ea:3f:11:e3:37:c8:72:24:ad:65:af:
5f:c8:e7:62:79:c0:e1:4a:ba:4c:a0:31:a3:41:1e:92:63:dc:
36:64:ff:93:de:ec:c0:35:af:72:1f:6a:64:d7:e3:df:3e:1b:
36:f1:1f:0a:eb:42:ce:10:de:9b:ea:49:13:14:08:4e:83:ab:
ef:5e:f0:f8:e6:13:8c:95:6f:b5:77:84:6f:b5:dc:61:86:73:
25:73:6f:03:7a:7f:fb:89:ad:49:8f:8b:ff:7c:f7:99:74:50:
50:e3:6d:3f:78:d2:df:f5:5b:7d:d6:97:39:73:99:c6:3d:74:
36:3c:0b:a4:87:f8:1e:43:b9:ad:d0:f3:3d:a6:b9:87:e9:59:
e2:0a:ab:60:24:c6:ec:de:49:75:3f:f5:03:49:0c:20:42:96:
3c:21:3a:dc:c5:e3:25:30:8d:50:1c:ff:bc:24:0f:8d:c3:ff:
e6:7d:0d:0b:49:99:5e:d0:6d:2e:b3:64:4e:29:22:59:33:0f:
ec:0a:83:d5:2f:ce:53:50:08:ba:a4:14:a7:bf:98:f2:66:19:
9c:0f:c1:e5:49:c8:65:ea:46:53:58:9a:35:2d:61:0c:24:c1:
83:70:8a:9c:49:30:42:c1:fb:0f:02:f4:c0:61:1e:a8:65:49:
1b:d6:ee:e2
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVxnoeI2mMnWksmSKZ1AzZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmFlODBjZGU1Y2Q3NjljOGYxNDRlNmMyNjYxMTNiZmFl
ZGVjM2UwHhcNMjMwMTAyMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmI4MmRlYTk1ODVlZGFlMjFjODMxNDhkN2Y2NWRhMzk1ZmFkZDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms7IOV8x+5urw+vyn8Uz9ql+YpGB
FGlY6rlrkdWMEpiGOYOkSLg9oYAeaHZ+VwWWGZkClf0DB1YxVkFnzCRAf4iN2HH1
CwzF3ULIdcYrYfO1dUpLEKaYTjG+B3sGlnITqgocQryZ7sjCaZQ1GgBnp8ig2VoH
Tm588H+caGMiCFmDC8IUD8Y3Ou9CmvFeBqMtlEx4zU4BKu29My7xZhLclUoXHMPF
0y7f45qFAEaf4RHGmY7yuh2DY4ulmSE0VTULxP78YmDH9NM7QCqpVWSE2bdXGEVQ
h/lCNxaOesLYXPDCbE99elvBXXT+/mNmYYmeL51WNPeXwZY4p51Q8a5DtwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFBa4LeqVhe2uIcgxSNf2XaOV+t1RMB8GA1UdIwQY
MBaAFH0q6AzeXNdpyPFE5sJmETv67ew+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlNyb0RONWMxMm5JOFVUbXdtWVJPX3J0N0Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hMmVhNTEtODdhNi00ODE0LTliODIt
Mjc4Y2JiMGI0ZTczLzEvRnJndDZwV0Y3YTRoeURGSTFfWmRvNVg2M1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hMmVhNTEtODdhNi00ODE0LTliODItMjc4Y2JiMGI0ZTcz
LzEvZlNyb0RONWMxMm5JOFVUbXdtWVJPX3J0N0Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAeBAIAATAYAwQCLZSoAwQC
uSyAAwQCuYFEAwQCuchkMBsEAgACMBUDBQAqAXTgAwUAKgqqQAMFACoKqkIwDQYJ
KoZIhvcNAQELBQADggEBALXz7KMoXfzqPxHjN8hyJK1lr1/I52J5wOFKukygMaNB
HpJj3DZk/5Pe7MA1r3IfamTX498+GzbxHwrrQs4Q3pvqSRMUCE6Dq+9e8PjmE4yV
b7V3hG+13GGGcyVzbwN6f/uJrUmPi/9895l0UFDjbT940t/1W33WlzlzmcY9dDY8
C6SH+B5Dua3Q8z2muYfpWeIKq2AkxuzeSXU/9QNJDCBCljwhOtzF4yUwjVAc/7wk
D43D/+Z9DQtJmV7QbS6zZE4pIlkzD+wKg9UvzlNQCLqkFKe/mPJmGZwPweVJyGXq
RlNYmjUtYQwkwYNwipxJMELB+w8C9MBhHqhlSRvW7uI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:50 2024 by rpki-client on console-ams.rpki-client.org