Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/j2YhpjEh8iFtLaMp2QMTmH6cAJc.roa
File: j2YhpjEh8iFtLaMp2QMTmH6cAJc.roa (raw, json)
Hash identifier: PnMp+JCXOnxZyM83UHsZlHu3Qq1TYyLx9W2bS8EZNcU=
Subject key identifier: 8F:66:21:A6:31:21:F2:21:6D:2D:A3:29:D9:03:13:98:7E:9C:00:97
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 018CC56ECF14723106DF1773B4402B13CCF4
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/j2YhpjEh8iFtLaMp2QMTmH6cAJc.roa
Signing time: Mon 01 Jan 2024 14:30:22 +0000
ROA not before: Mon 01 Jan 2024 14:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198102
IP address blocks: 195.28.8.0/23 maxlen: 24
213.225.240.0/20 maxlen: 24
89.35.168.0/22 maxlen: 24
195.225.40.0/23 maxlen: 24
89.45.212.0/22 maxlen: 24
195.238.80.0/23 maxlen: 24
128.65.204.0/23 maxlen: 24
128.65.200.0/23 maxlen: 24
86.105.236.0/22 maxlen: 24
185.85.192.0/23 maxlen: 24
185.85.194.0/24 maxlen: 24
78.111.224.0/20 maxlen: 24
195.210.40.0/23 maxlen: 24
134.255.168.0/22 maxlen: 24
91.231.62.0/24 maxlen: 24
2a00:4060::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 28 May 2024 14:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:cf:14:72:31:06:df:17:73:b4:40:2b:13:cc:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jan 1 14:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f6621a63121f2216d2da329d90313987e9c0097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:68:87:a5:96:bd:87:19:ad:a1:74:f7:f9:2f:
af:11:8b:06:7f:c4:0c:88:a0:95:d8:77:30:1f:56:
05:d1:f7:fb:e9:9f:98:48:c9:9e:f0:b9:8a:9d:de:
57:f2:39:4b:97:92:97:e8:eb:43:46:04:cb:95:c4:
e9:75:08:76:40:85:a2:66:41:a2:76:ce:6a:08:cc:
05:b8:46:0c:e5:3c:b5:35:b6:df:76:21:06:f1:93:
22:14:f1:63:76:8a:24:df:34:22:d0:5d:d9:20:60:
63:33:1c:b2:e7:b5:cb:e8:24:9c:a2:cd:27:aa:ec:
08:ef:76:79:ff:46:4b:55:ec:91:53:50:ee:b9:78:
aa:8b:36:4e:af:9a:90:aa:93:1b:31:84:56:e4:05:
3f:ba:94:63:11:ff:37:c1:77:6f:9d:a1:3c:1e:88:
72:53:fb:64:dc:3a:c5:73:3e:1e:38:ba:83:fa:dc:
ba:8b:ef:27:cf:a6:d7:2c:b7:8c:9f:44:9b:3c:b2:
16:40:00:36:aa:9e:f9:f5:fb:d9:5f:91:fd:a1:c7:
c9:00:e7:6b:15:02:7c:45:ab:4b:ce:a9:15:b9:ea:
34:a5:1a:87:86:60:65:a4:8c:42:9c:fd:3b:69:5b:
7d:73:5c:95:49:66:44:95:53:53:bf:c2:9b:e9:c2:
6e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:66:21:A6:31:21:F2:21:6D:2D:A3:29:D9:03:13:98:7E:9C:00:97
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/j2YhpjEh8iFtLaMp2QMTmH6cAJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.224.0/20
86.105.236.0/22
89.35.168.0/22
89.45.212.0/22
91.231.62.0/24
128.65.200.0/23
128.65.204.0/23
134.255.168.0/22
185.85.192.0-185.85.194.255
195.28.8.0/23
195.210.40.0/23
195.225.40.0/23
195.238.80.0/23
213.225.240.0/20
IPv6:
2a00:4060::/29
Signature Algorithm: sha256WithRSAEncryption
86:ea:a3:81:86:35:d7:ef:3a:41:2a:4a:b0:2a:af:d6:25:c4:
a5:f8:0b:1d:00:d6:e2:94:04:ca:2a:fd:65:40:33:6a:9d:ec:
d9:07:13:79:1a:0a:c8:53:64:0b:75:81:f9:5f:94:66:8b:be:
b8:ec:82:b9:77:20:b6:b2:46:5b:2b:d6:00:e4:c4:67:42:6f:
2b:3a:a1:58:a9:ba:c3:b9:c0:25:ef:93:46:77:ad:43:36:cc:
3c:c9:be:8b:83:04:2f:6a:4c:7b:3f:d8:91:dd:04:73:ca:70:
ca:5c:49:47:82:7e:ac:04:9d:92:9e:d3:5f:12:f2:10:65:18:
78:4f:9d:eb:e6:2b:b2:31:9d:01:57:4e:29:87:87:3e:37:eb:
82:a5:86:4c:8a:70:df:04:d6:28:de:4f:59:50:6b:70:16:55:
da:59:fc:be:5c:12:ec:58:86:95:31:31:6e:4a:9f:a4:48:d5:
9d:33:20:5a:d6:04:a8:65:b0:d2:7b:4f:68:af:f8:e1:1a:f6:
66:d9:27:8e:63:8b:56:bb:65:1b:df:34:9c:67:c4:7b:53:6f:
a9:23:4e:bb:0e:fb:70:5f:84:0d:e6:4f:c0:dd:61:68:91:22:
41:11:51:af:a4:d8:66:19:06:64:df:5d:28:41:9f:b6:3e:57:
32:bc:e5:02
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzFbs8UcjEG3xdztEArE8z0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjQwMTAxMTQzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjY2MjFhNjMxMjFmMjIxNmQyZGEzMjlkOTAzMTM5ODdlOWMwMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGiHpZa9hxmtoXT3+S+vEYsGf8QM
iKCV2HcwH1YF0ff76Z+YSMme8LmKnd5X8jlLl5KX6OtDRgTLlcTpdQh2QIWiZkGi
ds5qCMwFuEYM5Ty1NbbfdiEG8ZMiFPFjdook3zQi0F3ZIGBjMxyy57XL6CScos0n
quwI73Z5/0ZLVeyRU1DuuXiqizZOr5qQqpMbMYRW5AU/upRjEf83wXdvnaE8Hohy
U/tk3DrFcz4eOLqD+ty6i+8nz6bXLLeMn0SbPLIWQAA2qp759fvZX5H9ocfJAOdr
FQJ8RatLzqkVueo0pRqHhmBlpIxCnP07aVt9c1yVSWZElVNTv8Kb6cJuHQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFI9mIaYxIfIhbS2jKdkDE5h+nACXMB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvajJZaHBqRWg4aUZ0TGFNcDJRTVRtSDZjQUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEBE5v4AME
AlZp7AMEAlkjqAMEAlkt1AMEAFvnPgMEAYBByAMEAYBBzAMEAob/qDAMAwQGuVXA
AwQAuVXCAwQBwxwIAwQBw9IoAwQBw+EoAwQBw+5QAwQE1eHwMA0EAgACMAcDBQMq
AEBgMA0GCSqGSIb3DQEBCwUAA4IBAQCG6qOBhjXX7zpBKkqwKq/WJcSl+AsdANbi
lATKKv1lQDNqnezZBxN5GgrIU2QLdYH5X5Rmi7647IK5dyC2skZbK9YA5MRnQm8r
OqFYqbrDucAl75NGd61DNsw8yb6LgwQvakx7P9iR3QRzynDKXElHgn6sBJ2SntNf
EvIQZRh4T53r5iuyMZ0BV04ph4c+N+uCpYZMinDfBNYo3k9ZUGtwFlXaWfy+XBLs
WIaVMTFuSp+kSNWdMyBa1gSoZbDSe09or/jhGvZm2SeOY4tWu2Ub3zScZ8R7U2+p
I067DvtwX4QN5k/A3WFokSJBEVGvpNhmGQZk310oQZ+2PlcyvOUC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org