Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/1-PBzYghUQM-49YeaUV0iOQglQuc.roa
File: 1-PBzYghUQM-49YeaUV0iOQglQuc.roa (raw, json)
Hash identifier: 10d4RtL3TFyN55H5Y1RRQL+FOEMV8JBzrviU2qWU1sw=
Subject key identifier: F8:F0:73:62:08:54:40:CF:B8:F5:87:9A:51:5D:22:39:08:25:42:E7
Certificate issuer: /CN=c5119e75200392f1a2f08be990732d8047b28b09
Certificate serial: 01856D4ABE0751015E8BD2753DDD4FBAD430
Authority key identifier: C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/1-PBzYghUQM-49YeaUV0iOQglQuc.roa
Signing time: Sun 01 Jan 2023 12:24:52 +0000
ROA not before: Sun 01 Jan 2023 12:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57388
IP address blocks: 130.0.24.0/24 maxlen: 24
130.0.24.0/22 maxlen: 24
130.0.25.0/24 maxlen: 24
130.0.30.0/24 maxlen: 24
130.0.26.0/24 maxlen: 24
130.0.31.0/24 maxlen: 24
185.85.152.0/22 maxlen: 24
130.0.27.0/24 maxlen: 24
130.0.28.0/22 maxlen: 24
2a02:dd00::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:be:07:51:01:5e:8b:d2:75:3d:dd:4f:ba:d4:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5119e75200392f1a2f08be990732d8047b28b09
Validity
Not Before: Jan 1 12:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8f07362085440cfb8f5879a515d2239082542e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c5:fb:3d:4e:17:b2:36:3c:01:ae:2c:ca:d2:
f3:92:7c:bd:38:be:7c:3b:ab:70:2c:aa:a2:28:ce:
ba:b0:76:9c:29:ee:71:60:37:72:ae:ff:7d:d1:81:
2c:4e:53:f0:92:22:ff:01:ad:aa:dc:12:34:1f:d1:
5e:e0:1f:2f:3c:af:08:26:a2:d8:51:86:e1:d6:20:
16:24:44:23:5e:23:fe:5d:70:0b:ef:8a:80:33:0c:
ad:ba:3a:b4:34:f2:1e:e2:92:90:ba:aa:69:83:f7:
ab:f9:68:8b:78:f0:68:ea:cf:2f:12:d6:b6:c9:b0:
7f:c6:d2:3d:12:d7:e3:05:87:9f:6f:60:83:3b:f3:
ca:75:5b:1a:63:cb:f1:0d:ba:dd:2d:ed:35:be:62:
a9:0e:3d:71:ff:21:b9:23:16:ae:9d:54:f5:f3:c8:
67:e8:d1:00:5c:6e:c5:9b:d5:d0:c6:ae:d6:d5:c4:
d3:ff:ad:f2:85:50:5f:2d:09:fb:e5:d5:e1:36:67:
e5:50:45:a4:a7:20:7d:b3:51:12:1e:c3:84:f0:85:
4d:83:d8:eb:9f:ac:80:9a:ad:4b:e3:2d:bc:91:1b:
3d:68:0e:ae:77:69:33:b0:11:cf:0d:a8:b6:8e:d3:
a9:a2:61:e1:53:92:56:f7:c4:5f:fc:3d:c6:14:8b:
88:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F0:73:62:08:54:40:CF:B8:F5:87:9A:51:5D:22:39:08:25:42:E7
X509v3 Authority Key Identifier:
keyid:C5:11:9E:75:20:03:92:F1:A2:F0:8B:E9:90:73:2D:80:47:B2:8B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xRGedSADkvGi8IvpkHMtgEeyiwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/1-PBzYghUQM-49YeaUV0iOQglQuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/320baf-59dc-46a2-af7d-d819ced5d35a/1/xRGedSADkvGi8IvpkHMtgEeyiwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.24.0/21
185.85.152.0/22
IPv6:
2a02:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
40:d2:49:a0:d5:a2:57:49:47:0e:e2:aa:27:26:b7:8f:aa:68:
6b:2a:99:fc:91:78:36:04:ba:ca:44:79:4a:84:06:5f:f7:40:
79:e2:1f:ad:cf:24:2c:66:03:f8:d0:f0:22:47:90:c5:95:cc:
d7:36:90:73:31:57:64:f5:a1:98:b4:23:3b:0c:aa:db:b2:59:
4e:e9:ec:50:94:8d:18:51:a4:a8:e4:0a:6e:1a:b8:2d:ea:1c:
bb:0b:d7:62:d0:f8:54:6c:1c:dd:0a:15:f2:b2:73:e4:13:5b:
82:41:0e:10:55:c1:f2:d6:b9:4d:02:77:99:57:85:9a:79:ae:
79:70:c9:63:b3:43:ad:a4:7f:7d:b9:88:c8:89:3f:60:78:b0:
9b:6e:48:e2:a8:c0:3d:ff:b2:96:6c:e5:d9:63:20:76:54:0e:
eb:5d:a3:72:54:13:35:c4:c4:28:da:bf:79:50:61:07:bb:5e:
31:83:ff:b0:24:47:fa:45:c4:f9:9d:06:09:3a:6c:a9:e8:37:
a1:ba:f1:10:0d:65:89:a4:99:34:0a:e7:f4:fc:e8:0a:62:cb:
2f:29:08:c2:87:69:01:9b:3b:e0:4c:32:fb:7b:25:e1:c0:34:
44:11:5b:d4:71:1d:1b:f1:6b:57:f8:11:46:dc:43:58:b8:6f:
3f:a9:d7:ce
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtSr4HUQFei9J1Pd1PutQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MTE5ZTc1MjAwMzkyZjFhMmYwOGJlOTkwNzMyZDgwNDdi
MjhiMDkwHhcNMjMwMTAxMTIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGYwNzM2MjA4NTQ0MGNmYjhmNTg3OWE1MTVkMjIzOTA4MjU0MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcX7PU4XsjY8Aa4sytLzkny9OL58
O6twLKqiKM66sHacKe5xYDdyrv990YEsTlPwkiL/Aa2q3BI0H9Fe4B8vPK8IJqLY
UYbh1iAWJEQjXiP+XXAL74qAMwytujq0NPIe4pKQuqppg/er+WiLePBo6s8vEta2
ybB/xtI9EtfjBYefb2CDO/PKdVsaY8vxDbrdLe01vmKpDj1x/yG5IxaunVT188hn
6NEAXG7Fm9XQxq7W1cTT/63yhVBfLQn75dXhNmflUEWkpyB9s1ESHsOE8IVNg9jr
n6yAmq1L4y28kRs9aA6ud2kzsBHPDai2jtOpomHhU5JW98Rf/D3GFIuIIQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPjwc2IIVEDPuPWHmlFdIjkIJULnMB8GA1UdIwQY
MBaAFMURnnUgA5LxovCL6ZBzLYBHsosJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFJHZWRTQURrdkdpOEl2cGtITXRnRWV5aXdrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMjBiYWYtNTlkYy00NmEyLWFmN2Qt
ZDgxOWNlZDVkMzVhLzEvMS1QQnpZZ2hVUU0tNDlZZWFVVjBpT1FnbFF1Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvMzIwYmFmLTU5ZGMtNDZhMi1hZjdkLWQ4MTljZWQ1ZDM1
YS8xL3hSR2VkU0FEa3ZHaThJdnBrSE10Z0VleWl3ay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA4IAGAME
ArlVmDANBAIAAjAHAwUDKgLdADANBgkqhkiG9w0BAQsFAAOCAQEAQNJJoNWiV0lH
DuKqJya3j6poayqZ/JF4NgS6ykR5SoQGX/dAeeIfrc8kLGYD+NDwIkeQxZXM1zaQ
czFXZPWhmLQjOwyq27JZTunsUJSNGFGkqOQKbhq4LeocuwvXYtD4VGwc3QoV8rJz
5BNbgkEOEFXB8ta5TQJ3mVeFmnmueXDJY7NDraR/fbmIyIk/YHiwm25I4qjAPf+y
lmzl2WMgdlQO612jclQTNcTEKNq/eVBhB7teMYP/sCRH+kXE+Z0GCTpsqeg3obrx
EA1liaSZNArn9PzoCmLLLykIwodpAZs74Ewy+3sl4cA0RBFb1HEdG/FrV/gRRtxD
WLhvP6nXzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:41 2024 by rpki-client on console-fra.rpki-client.org