Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/fU2muGqxN09Mdyf1pD-xJMw58O8.roa
File: fU2muGqxN09Mdyf1pD-xJMw58O8.roa (raw, json)
Hash identifier: hlzjZ61JtCVsSL5JJxfqmZgwM6jI2YwslwABWVWcFI4=
Subject key identifier: 7D:4D:A6:B8:6A:B1:37:4F:4C:77:27:F5:A4:3F:B1:24:CC:39:F0:EF
Certificate issuer: /CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Certificate serial: 018CF854DEBB499D965397A27F5842BADB2E
Authority key identifier: A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/fU2muGqxN09Mdyf1pD-xJMw58O8.roa
Signing time: Thu 11 Jan 2024 11:42:40 +0000
ROA not before: Thu 11 Jan 2024 11:42:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20836
IP address blocks: 185.47.228.0/22 maxlen: 24
95.157.96.0/19 maxlen: 24
178.249.184.0/21 maxlen: 24
178.249.189.0/24 maxlen: 24
217.171.32.0/20 maxlen: 24
95.157.64.0/19 maxlen: 24
2001:b61::/32 maxlen: 32
2001:b60::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 11:42:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:54:de:bb:49:9d:96:53:97:a2:7f:58:42:ba:db:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a16b0d8ab49436550b6abf45b79035aec6aff23c
Validity
Not Before: Jan 11 11:42:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d4da6b86ab1374f4c7727f5a43fb124cc39f0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:04:9c:88:da:58:da:bc:4f:c8:35:9b:40:cf:
ce:fc:66:73:4f:8d:3d:28:03:6c:f1:f2:2a:81:bb:
85:4d:b5:58:b1:5e:fb:69:96:95:37:c8:16:d0:d0:
88:cf:25:60:96:e6:b2:a7:66:d3:b4:e3:69:e8:3b:
51:e6:2c:70:57:84:4e:55:e3:b5:63:44:08:c5:77:
eb:66:6f:db:80:44:1e:c9:36:69:f1:cf:98:07:f8:
51:d2:24:91:3d:a5:e5:b7:d9:02:0c:46:c3:5e:b9:
1f:5d:cb:f4:8a:08:b3:cf:2e:98:fa:b8:f7:53:3c:
c1:fb:37:bd:7e:55:c9:7c:d9:ec:06:df:dd:ec:a7:
5f:15:d1:13:86:7c:16:fc:f5:e1:ac:d7:ed:1e:eb:
8a:e4:0a:9f:eb:fa:0a:bb:f0:5b:eb:03:c4:46:f2:
21:33:f4:77:82:e8:33:cb:02:80:a4:45:65:aa:18:
8c:81:67:67:c6:ba:e4:dd:e5:19:0f:b6:9e:1e:65:
e3:79:ca:06:e2:8c:24:59:47:bc:12:78:d8:7d:68:
e8:e4:49:0f:ba:9c:a1:f5:00:c8:d7:cd:6b:cd:dd:
0c:6a:6a:a1:9c:13:b8:4f:a4:91:5b:80:e2:96:c0:
bd:4c:71:56:a3:12:47:7d:5d:b0:9b:d1:6c:62:f6:
af:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4D:A6:B8:6A:B1:37:4F:4C:77:27:F5:A4:3F:B1:24:CC:39:F0:EF
X509v3 Authority Key Identifier:
keyid:A1:6B:0D:8A:B4:94:36:55:0B:6A:BF:45:B7:90:35:AE:C6:AF:F2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oWsNirSUNlULar9Ft5A1rsav8jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/fU2muGqxN09Mdyf1pD-xJMw58O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/5f4518-82e9-4292-a54e-15cc9dc7bd87/1/oWsNirSUNlULar9Ft5A1rsav8jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.64.0/18
178.249.184.0/21
185.47.228.0/22
217.171.32.0/20
IPv6:
2001:b60::/31
Signature Algorithm: sha256WithRSAEncryption
9e:1d:7f:16:85:8e:cb:30:bb:04:f2:98:ec:f5:4e:c8:cf:85:
ec:22:d8:22:47:31:d7:e7:32:1b:e1:c9:0f:7a:6f:51:20:81:
fc:88:c3:aa:52:37:5b:5a:4c:81:da:c3:66:7e:7f:a5:94:56:
4c:27:2b:60:8e:82:93:b6:80:c4:2b:1b:05:ac:f8:9a:29:d7:
43:1f:05:0e:7a:37:05:f2:f1:d4:16:32:ae:5e:fb:fd:7d:b7:
98:90:ea:ec:4c:04:c2:06:b6:0f:48:aa:11:d9:2f:3a:99:fe:
fc:88:55:e0:c4:1a:2a:6d:3c:0f:f0:5a:19:c3:8e:80:9e:10:
5f:d1:f3:42:9d:d5:bb:62:95:d5:ac:de:18:b6:f8:ce:e9:5b:
d1:f8:44:ed:8f:ce:54:b0:3c:91:32:32:75:64:94:61:b8:89:
53:70:9a:54:97:5c:eb:7c:48:b3:2f:b1:67:f1:67:61:42:ad:
94:72:8a:9d:d2:bf:c1:df:1c:a6:c2:17:8f:40:45:fe:82:d8:
d4:c5:5e:62:b8:9a:9b:51:82:e5:85:81:a6:7c:07:a2:fe:5a:
9d:dc:55:3f:15:48:fa:0f:a6:52:e1:c2:5d:8e:8b:89:49:9e:
d4:0c:d5:e8:54:02:6e:c2:6e:ec:93:65:d1:15:a5:b5:8d:a1:
7f:23:04:3b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYz4VN67SZ2WU5eif1hCutsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNmIwZDhhYjQ5NDM2NTUwYjZhYmY0NWI3OTAzNWFlYzZh
ZmYyM2MwHhcNMjQwMTExMTE0MjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDRkYTZiODZhYjEzNzRmNGM3NzI3ZjVhNDNmYjEyNGNjMzlmMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgSciNpY2rxPyDWbQM/O/GZzT409
KANs8fIqgbuFTbVYsV77aZaVN8gW0NCIzyVgluayp2bTtONp6DtR5ixwV4ROVeO1
Y0QIxXfrZm/bgEQeyTZp8c+YB/hR0iSRPaXlt9kCDEbDXrkfXcv0igizzy6Y+rj3
UzzB+ze9flXJfNnsBt/d7KdfFdEThnwW/PXhrNftHuuK5Aqf6/oKu/Bb6wPERvIh
M/R3gugzywKApEVlqhiMgWdnxrrk3eUZD7aeHmXjecoG4owkWUe8EnjYfWjo5EkP
upyh9QDI181rzd0MamqhnBO4T6SRW4DilsC9THFWoxJHfV2wm9FsYvav1QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFH1NprhqsTdPTHcn9aQ/sSTMOfDvMB8GA1UdIwQY
MBaAFKFrDYq0lDZVC2q/RbeQNa7Gr/I8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUt
MTVjYzlkYzdiZDg3LzEvZlUybXVHcXhOMDlNZHlmMXBELXhKTXc1OE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC81ZjQ1MTgtODJlOS00MjkyLWE1NGUtMTVjYzlkYzdiZDg3
LzEvb1dzTmlyU1VObFVMYXI5RnQ1QTFyc2F2OGp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGX51AAwQD
svm4AwQCuS/kAwQE2asgMA0EAgACMAcDBQEgAQtgMA0GCSqGSIb3DQEBCwUAA4IB
AQCeHX8WhY7LMLsE8pjs9U7Iz4XsItgiRzHX5zIb4ckPem9RIIH8iMOqUjdbWkyB
2sNmfn+llFZMJytgjoKTtoDEKxsFrPiaKddDHwUOejcF8vHUFjKuXvv9fbeYkOrs
TATCBrYPSKoR2S86mf78iFXgxBoqbTwP8FoZw46AnhBf0fNCndW7YpXVrN4YtvjO
6VvR+ETtj85UsDyRMjJ1ZJRhuIlTcJpUl1zrfEizL7Fn8WdhQq2Ucoqd0r/B3xym
whePQEX+gtjUxV5iuJqbUYLlhYGmfAei/lqd3FU/FUj6D6ZS4cJdjouJSZ7UDNXo
VAJuwm7sk2XRFaW1jaF/IwQ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:11 2024 by rpki-client on console-fra.rpki-client.org