Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/AqZAzDZnnng4H9U4Jw6rXHJHUTc.roa
File: AqZAzDZnnng4H9U4Jw6rXHJHUTc.roa (raw, json)
Hash identifier: Wi4IWDt6C+hw3UW2tKEF+U1814KeOy1Zgu0Ot58SDEM=
Subject key identifier: 02:A6:40:CC:36:67:9E:78:38:1F:D5:38:27:0E:AB:5C:72:47:51:37
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 018EC21DBC5768FD01C9FE411E73D4D898E9
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/AqZAzDZnnng4H9U4Jw6rXHJHUTc.roa
Signing time: Tue 09 Apr 2024 09:08:32 +0000
ROA not before: Tue 09 Apr 2024 09:08:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:20:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:1d:bc:57:68:fd:01:c9:fe:41:1e:73:d4:d8:98:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Apr 9 09:08:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02a640cc36679e78381fd538270eab5c72475137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9b:71:91:b4:d6:17:ee:68:6a:6d:c4:d6:3d:
2f:f7:54:00:bc:3d:dc:59:ff:2b:66:0a:1c:4f:60:
42:44:eb:33:21:d2:da:d5:bc:9e:2c:4d:b2:97:69:
3b:d2:76:4a:98:30:2a:01:d6:75:52:b0:37:8f:a5:
86:c5:1f:a0:0c:82:52:36:e1:a8:52:0e:bb:f3:10:
3e:97:b2:e1:92:0f:26:98:af:51:32:eb:89:6c:40:
6b:56:e5:9f:88:59:0b:08:27:54:91:e0:c1:01:f2:
93:4d:b4:11:6f:fe:1b:b8:6f:b2:b5:6a:58:e5:96:
8b:2a:fa:dc:92:c1:91:df:10:ba:94:40:27:ed:0b:
ab:cc:69:72:1b:36:3e:b7:8d:a7:11:18:c7:3a:10:
d8:a4:4f:7c:bd:86:93:dd:e4:08:58:d2:4c:e9:51:
64:90:99:e4:35:4c:04:1b:0a:3b:5c:6f:5a:33:87:
99:71:fb:17:45:83:4f:fc:b5:8e:50:f4:74:53:2f:
ba:1c:b3:2c:75:46:38:90:87:0c:75:ea:9d:c1:4e:
a9:6e:4a:1f:9b:70:b1:42:7b:16:71:25:8c:3c:36:
14:1f:aa:e1:62:d1:36:43:80:25:ff:54:55:4a:9b:
70:99:20:39:1e:4a:71:99:6d:31:5a:49:37:02:0b:
4c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A6:40:CC:36:67:9E:78:38:1F:D5:38:27:0E:AB:5C:72:47:51:37
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/AqZAzDZnnng4H9U4Jw6rXHJHUTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.21.255
85.255.23.0-85.255.31.255
185.114.120.0/22
209.206.0.0-209.206.29.255
209.206.31.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:67:c3:4c:cb:8e:21:79:85:ab:2b:55:cf:40:ce:85:43:f5:
3f:66:77:88:62:65:e8:a5:28:66:ff:a7:b0:67:ee:1f:c3:94:
8d:e2:f7:36:7a:86:24:4b:7c:d2:3e:d6:8e:3e:d7:84:2d:b1:
2e:9d:09:6d:90:6e:e0:12:31:9d:74:df:23:0a:7c:48:62:ad:
6d:0f:b8:70:8e:2f:93:94:9e:5c:de:a0:01:a0:c6:b0:29:bb:
32:a0:84:6c:7a:24:a3:b8:15:23:f7:cd:31:2e:f8:28:93:e8:
0d:51:51:4e:45:b5:46:1a:27:7a:05:a8:99:dd:78:9e:84:84:
91:9c:0e:cf:94:c5:71:1d:8d:4e:bf:f7:43:cc:b0:09:cf:4f:
bb:f0:fc:87:28:60:8f:ba:96:e6:55:e2:af:3c:08:ef:5e:93:
a3:10:51:f5:7f:e2:17:44:e8:0c:c8:af:95:f1:91:09:11:aa:
df:be:8a:ef:49:de:b8:2c:ec:23:f5:09:62:9e:49:3a:a2:17:
f5:34:aa:4c:8e:c1:dc:9c:59:04:3c:0e:ab:6e:30:69:04:14:
4c:5e:f2:fa:6b:da:e5:ac:8a:eb:43:92:29:51:8a:ac:99:15:
8a:53:fa:99:56:4a:d8:44:c7:a2:31:49:c7:74:c7:3e:b4:f7:
0a:83:a8:00
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY7CHbxXaP0Byf5BHnPU2JjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjQwNDA5MDkwODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE2NDBjYzM2Njc5ZTc4MzgxZmQ1MzgyNzBlYWI1YzcyNDc1MTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5txkbTWF+5oam3E1j0v91QAvD3c
Wf8rZgocT2BCROszIdLa1byeLE2yl2k70nZKmDAqAdZ1UrA3j6WGxR+gDIJSNuGo
Ug678xA+l7Lhkg8mmK9RMuuJbEBrVuWfiFkLCCdUkeDBAfKTTbQRb/4buG+ytWpY
5ZaLKvrcksGR3xC6lEAn7QurzGlyGzY+t42nERjHOhDYpE98vYaT3eQIWNJM6VFk
kJnkNUwEGwo7XG9aM4eZcfsXRYNP/LWOUPR0Uy+6HLMsdUY4kIcMdeqdwU6pbkof
m3CxQnsWcSWMPDYUH6rhYtE2Q4Al/1RVSptwmSA5HkpxmW0xWkk3AgtMvQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAKmQMw2Z554OB/VOCcOq1xyR1E3MB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvQXFaQXpEWm5ubmc0SDlVNEp3NnJYSEpIVVRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzBBBAIAATA7AwQBVf8QMAwD
BABV/xMDBAFV/xQwDAMEAFX/FwMEBVX/AAMEArlyeDALAwMB0c4DBAHRzhwDBADR
zh8wDQYJKoZIhvcNAQELBQADggEBANNnw0zLjiF5hasrVc9AzoVD9T9md4hiZeil
KGb/p7Bn7h/DlI3i9zZ6hiRLfNI+1o4+14QtsS6dCW2QbuASMZ103yMKfEhirW0P
uHCOL5OUnlzeoAGgxrApuzKghGx6JKO4FSP3zTEu+CiT6A1RUU5FtUYaJ3oFqJnd
eJ6EhJGcDs+UxXEdjU6/90PMsAnPT7vw/IcoYI+6luZV4q88CO9ek6MQUfV/4hdE
6AzIr5XxkQkRqt++iu9J3rgs7CP1CWKeSTqiF/U0qkyOwdycWQQ8DqtuMGkEFExe
8vpr2uWsiutDkilRiqyZFYpT+plWSthEx6IxScd0xz609wqDqAA=
-----END CERTIFICATE-----
Generated at Tue Apr 9 14:36:30 2024 by rpki-client on console-fra.rpki-client.org