Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/1-Y_70Qn1_C0mfPAVaMeeVp9PShw.roa
File: 1-Y_70Qn1_C0mfPAVaMeeVp9PShw.roa (raw, json)
Hash identifier: IMvEpOFVWeYoTNOP4xBe6MQxJOy7HfjJJD1BU+In/xs=
Subject key identifier: F9:8F:FB:D1:09:F5:FC:2D:26:7C:F0:15:68:C7:9E:56:9F:4F:4A:1C
Certificate issuer: /CN=66d337d330ba44efcfef555355132a6a2c69783c
Certificate serial: 018571A7BE3E3F6E2FAA2A9CBDC056650E17
Authority key identifier: 66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/1-Y_70Qn1_C0mfPAVaMeeVp9PShw.roa
Signing time: Mon 02 Jan 2023 08:44:56 +0000
ROA not before: Mon 02 Jan 2023 08:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51130
IP address blocks: 78.31.232.0/24 maxlen: 24
78.31.233.0/24 maxlen: 24
78.31.232.0/22 maxlen: 22
78.31.235.0/24 maxlen: 24
78.31.234.0/24 maxlen: 24
212.86.64.0/24 maxlen: 24
185.119.240.0/24 maxlen: 24
212.86.64.0/19 maxlen: 19
185.119.240.0/22 maxlen: 22
212.86.67.0/24 maxlen: 24
185.119.242.0/24 maxlen: 24
185.119.243.0/24 maxlen: 24
212.86.68.0/24 maxlen: 24
212.86.65.0/24 maxlen: 24
212.86.66.0/24 maxlen: 24
185.119.241.0/24 maxlen: 24
212.86.71.0/24 maxlen: 24
212.86.69.0/24 maxlen: 24
212.86.70.0/24 maxlen: 24
212.86.74.0/24 maxlen: 24
212.86.75.0/24 maxlen: 24
212.86.72.0/24 maxlen: 24
212.86.73.0/24 maxlen: 24
212.86.78.0/24 maxlen: 24
212.86.76.0/24 maxlen: 24
212.86.77.0/24 maxlen: 24
212.86.81.0/24 maxlen: 24
212.86.82.0/24 maxlen: 24
212.86.79.0/24 maxlen: 24
212.86.80.0/24 maxlen: 24
212.86.85.0/24 maxlen: 24
212.86.83.0/24 maxlen: 24
212.86.84.0/24 maxlen: 24
212.86.88.0/24 maxlen: 24
212.86.89.0/24 maxlen: 24
212.86.86.0/24 maxlen: 24
212.86.87.0/24 maxlen: 24
212.86.91.0/24 maxlen: 24
212.86.90.0/24 maxlen: 24
212.86.92.0/24 maxlen: 24
212.86.95.0/24 maxlen: 24
212.86.93.0/24 maxlen: 24
212.86.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:be:3e:3f:6e:2f:aa:2a:9c:bd:c0:56:65:0e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d337d330ba44efcfef555355132a6a2c69783c
Validity
Not Before: Jan 2 08:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f98ffbd109f5fc2d267cf01568c79e569f4f4a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:58:b0:28:fa:2d:03:e5:e2:34:1b:83:7e:58:
0e:02:99:2a:09:64:f6:d3:e3:ab:c4:ec:02:8d:3d:
84:37:a8:97:05:8b:14:e0:b3:57:c5:db:80:f4:87:
6c:33:6c:23:8f:47:2d:90:50:ed:9f:f8:2c:75:ec:
f8:42:e2:dc:38:79:50:83:77:9e:fd:67:c9:5a:6c:
01:c0:0f:77:dc:4c:ab:17:7d:01:7a:51:07:6b:5f:
3c:32:99:3b:f3:f2:e7:eb:e7:e3:25:15:37:88:0c:
61:eb:35:fb:95:69:07:d0:74:d3:09:b5:72:0a:ef:
45:f7:61:e7:a8:72:00:df:2e:4e:c9:76:7a:52:13:
a4:0b:ec:db:f2:ef:b0:9e:d7:bd:7d:83:d1:e5:5c:
8f:95:fd:61:66:80:d0:bb:0f:59:8e:00:2b:97:a2:
ae:cb:0b:d3:e4:9c:bd:20:bd:4a:7f:74:f9:50:37:
07:5e:cf:9c:cd:4f:fd:7d:c6:8c:58:29:e1:c0:ea:
8c:11:ff:0e:41:fb:24:d5:98:bf:96:ee:99:fd:67:
24:7f:bc:6e:83:5a:2e:4b:bb:b3:fe:34:32:87:1e:
bb:cd:0e:e9:5f:3d:a3:5a:04:f8:e0:d9:9b:ac:56:
aa:20:f1:6b:14:6c:ed:d8:f3:33:2f:79:fa:87:91:
98:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8F:FB:D1:09:F5:FC:2D:26:7C:F0:15:68:C7:9E:56:9F:4F:4A:1C
X509v3 Authority Key Identifier:
keyid:66:D3:37:D3:30:BA:44:EF:CF:EF:55:53:55:13:2A:6A:2C:69:78:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtM30zC6RO_P71VTVRMqaixpeDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/1-Y_70Qn1_C0mfPAVaMeeVp9PShw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2b5e7c-67b1-477d-895f-8f5fc92125db/1/ZtM30zC6RO_P71VTVRMqaixpeDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.232.0/22
185.119.240.0/22
212.86.64.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:eb:a4:93:32:a8:42:ce:dd:ee:8b:b7:26:a2:c5:9c:85:84:
4b:a0:c1:26:fb:8e:3a:c0:e6:4f:fa:86:2c:f0:10:76:56:d2:
92:a7:e7:5c:44:62:b7:80:4a:dc:01:44:50:53:a5:84:0a:23:
32:bc:4e:e8:ac:9f:c1:73:d1:d6:2d:59:c9:00:c4:f4:80:54:
0c:cb:98:6b:76:b2:07:6f:36:db:fa:ba:d2:f8:ba:68:e9:6d:
5e:4b:11:81:21:dc:d4:fc:2f:5c:2c:85:2a:58:08:1f:9c:aa:
0b:1e:09:6f:5d:e4:e3:b1:8e:cb:c8:67:a5:fa:e4:3d:61:38:
34:20:08:fd:f2:dc:56:e2:bd:0d:ba:09:e2:6f:95:77:62:f2:
8a:cd:c7:ba:5c:1a:f9:b3:3c:69:fa:f9:f8:53:56:7d:00:b1:
32:f3:d3:19:7b:3b:e7:69:ef:26:8c:49:d2:21:70:43:06:03:
51:4b:5b:c9:5b:10:16:c7:ae:2d:e6:e3:58:87:ea:aa:32:ff:
91:e0:08:47:a0:97:f9:d3:21:7c:7f:11:79:0b:72:1f:7a:97:
8a:9e:6f:61:b7:95:8e:48:d9:51:cc:36:cf:5e:bf:bb:6c:ce:
6c:68:40:bb:5f:ab:2a:d7:ee:d5:96:4e:ef:72:12:7d:e7:49:
d1:89:33:42
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVxp74+P24vqiqcvcBWZQ4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDMzN2QzMzBiYTQ0ZWZjZmVmNTU1MzU1MTMyYTZhMmM2
OTc4M2MwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThmZmJkMTA5ZjVmYzJkMjY3Y2YwMTU2OGM3OWU1NjlmNGY0YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1iwKPotA+XiNBuDflgOApkqCWT2
0+OrxOwCjT2EN6iXBYsU4LNXxduA9IdsM2wjj0ctkFDtn/gsdez4QuLcOHlQg3ee
/WfJWmwBwA933EyrF30BelEHa188Mpk78/Ln6+fjJRU3iAxh6zX7lWkH0HTTCbVy
Cu9F92HnqHIA3y5OyXZ6UhOkC+zb8u+wnte9fYPR5VyPlf1hZoDQuw9ZjgArl6Ku
ywvT5Jy9IL1Kf3T5UDcHXs+czU/9fcaMWCnhwOqMEf8OQfsk1Zi/lu6Z/Wckf7xu
g1ouS7uz/jQyhx67zQ7pXz2jWgT44NmbrFaqIPFrFGzt2PMzL3n6h5GYmwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPmP+9EJ9fwtJnzwFWjHnlafT0ocMB8GA1UdIwQY
MBaAFGbTN9MwukTvz+9VU1UTKmosaXg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRNMzB6QzZST19QNzFWVFZSTXFhaXhwZUR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYjVlN2MtNjdiMS00NzdkLTg5NWYt
OGY1ZmM5MjEyNWRiLzEvMS1ZXzcwUW4xX0MwbWZQQVZhTWVlVnA5UFNody5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvMmI1ZTdjLTY3YjEtNDc3ZC04OTVmLThmNWZjOTIxMjVk
Yi8xL1p0TTMwekM2Uk9fUDcxVlRWUk1xYWl4cGVEdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAk4f6AME
Arl38AMEBdRWQDANBgkqhkiG9w0BAQsFAAOCAQEAe+ukkzKoQs7d7ou3JqLFnIWE
S6DBJvuOOsDmT/qGLPAQdlbSkqfnXERit4BK3AFEUFOlhAojMrxO6KyfwXPR1i1Z
yQDE9IBUDMuYa3ayB2822/q60vi6aOltXksRgSHc1PwvXCyFKlgIH5yqCx4Jb13k
47GOy8hnpfrkPWE4NCAI/fLcVuK9DboJ4m+Vd2Lyis3Hulwa+bM8afr5+FNWfQCx
MvPTGXs752nvJoxJ0iFwQwYDUUtbyVsQFseuLebjWIfqqjL/keAIR6CX+dMhfH8R
eQtyH3qXip5vYbeVjkjZUcw2z16/u2zObGhAu1+rKtfu1ZZO73ISfedJ0YkzQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:08 2024 by rpki-client on console-fra.rpki-client.org