Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/gjFjZTPcvo6yieOgJQdVBBHVp1I.roa
File: gjFjZTPcvo6yieOgJQdVBBHVp1I.roa (raw, json)
Hash identifier: f3iI1rFOmaeK5QQVxnFdOqSFS4SknzD1UywHb40duXY=
Subject key identifier: 82:31:63:65:33:DC:BE:8E:B2:89:E3:A0:25:07:55:04:11:D5:A7:52
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 01856ECB6F2B2AE84555C0D177BFFBBBA932
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/gjFjZTPcvo6yieOgJQdVBBHVp1I.roa
Signing time: Sun 01 Jan 2023 19:25:03 +0000
ROA not before: Sun 01 Jan 2023 19:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13150
IP address blocks: 185.114.121.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:6f:2b:2a:e8:45:55:c0:d1:77:bf:fb:bb:a9:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Jan 1 19:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8231636533dcbe8eb289e3a02507550411d5a752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8b:cb:ae:33:8d:4b:4b:ec:2d:4e:b3:96:94:
7d:5f:58:4a:08:ab:54:23:ca:4a:e2:b2:28:0a:db:
76:07:ed:20:b0:3f:2c:ba:fb:f9:4c:8c:bb:8c:90:
d7:cc:64:15:e4:4d:f2:36:81:ce:b7:7c:87:18:30:
8b:72:ea:42:93:71:31:c8:aa:ec:e6:77:9c:de:c3:
fd:79:09:11:34:5b:67:74:f0:13:61:74:cc:67:0c:
7e:d3:e4:63:1a:42:71:c7:35:38:f8:18:33:33:7a:
ef:27:fe:22:a3:23:94:53:16:66:92:64:d6:8b:80:
6e:1e:c2:8f:8b:7d:1b:06:c9:90:a4:96:89:80:11:
07:9b:38:07:4a:c9:1b:af:11:35:63:58:38:96:4f:
28:b7:b6:ef:70:fe:85:01:a6:37:0d:75:ad:c4:9a:
c4:11:75:21:20:15:75:08:d6:19:6f:86:34:ac:6c:
14:4c:82:55:02:7c:57:9c:4d:1a:d6:a6:59:2e:e3:
9b:ef:6d:16:09:94:74:37:40:5a:5d:4d:4b:50:c9:
13:76:82:40:03:b6:8c:57:4d:38:6d:0a:a7:0a:43:
70:7f:b5:44:5b:0d:35:18:7b:b5:93:75:e6:52:d6:
a1:6d:e3:81:a7:dc:25:2e:ab:48:95:e4:0c:ab:09:
c4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:31:63:65:33:DC:BE:8E:B2:89:E3:A0:25:07:55:04:11:D5:A7:52
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/gjFjZTPcvo6yieOgJQdVBBHVp1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.20.255
185.114.120.0/22
209.206.0.0-209.206.29.255
209.206.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:77:74:8f:5a:15:75:f2:27:a4:7e:65:4f:9c:0d:16:33:6f:
6f:ee:d9:b9:0e:bb:93:ef:a9:a1:4f:14:8b:db:49:4e:f4:93:
84:ec:d6:bf:a8:63:c0:80:36:6c:35:67:69:df:f4:9b:1b:e2:
10:07:ee:a8:e8:f1:17:75:bc:7c:f6:30:5c:1c:f3:26:7f:23:
5b:58:c5:f9:3c:0a:2b:41:24:dc:8e:f6:20:01:25:00:0c:97:
05:89:64:28:5c:f5:39:14:b5:8b:10:a3:74:d8:b5:3d:a5:25:
63:4a:99:9a:a3:56:c3:77:a5:ad:86:2a:ab:66:34:56:df:9d:
72:48:98:22:78:09:08:eb:88:96:6f:07:0b:67:7a:cb:96:33:
a5:7c:f0:2d:7e:d7:e9:96:ce:d7:b0:b4:71:05:1e:bb:7a:25:
8c:84:2b:aa:f0:d6:45:a0:83:61:b1:c1:de:a5:23:34:51:71:
d2:cb:d7:3d:52:73:90:cd:6e:43:bf:1f:13:c0:69:ad:e1:3d:
9e:e7:fc:6e:0b:91:e5:00:a1:f3:21:d0:a8:1c:4f:10:26:58:
65:36:57:0e:d1:43:3b:16:e1:d1:f4:05:93:6d:b0:fe:86:d9:
c2:d0:8a:3c:28:46:59:4c:d7:da:4f:aa:9d:fb:9e:b6:d5:d1:
5d:50:85:b5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVuy28rKuhFVcDRd7/7u6kyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjMwMTAxMTkyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjMxNjM2NTMzZGNiZThlYjI4OWUzYTAyNTA3NTUwNDExZDVhNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhovLrjONS0vsLU6zlpR9X1hKCKtU
I8pK4rIoCtt2B+0gsD8suvv5TIy7jJDXzGQV5E3yNoHOt3yHGDCLcupCk3ExyKrs
5nec3sP9eQkRNFtndPATYXTMZwx+0+RjGkJxxzU4+BgzM3rvJ/4ioyOUUxZmkmTW
i4BuHsKPi30bBsmQpJaJgBEHmzgHSskbrxE1Y1g4lk8ot7bvcP6FAaY3DXWtxJrE
EXUhIBV1CNYZb4Y0rGwUTIJVAnxXnE0a1qZZLuOb720WCZR0N0BaXU1LUMkTdoJA
A7aMV004bQqnCkNwf7VEWw01GHu1k3XmUtahbeOBp9wlLqtIleQMqwnEGQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIIxY2Uz3L6OsonjoCUHVQQR1adSMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvZ2pGalpUUGN2bzZ5aWVPZ0pRZFZCQkhWcDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQBVf8QMAwD
BABV/xMDBABV/xQDBAK5cngwCwMDAdHOAwQB0c4cAwQA0c4fMA0GCSqGSIb3DQEB
CwUAA4IBAQAKd3SPWhV18iekfmVPnA0WM29v7tm5DruT76mhTxSL20lO9JOE7Na/
qGPAgDZsNWdp3/SbG+IQB+6o6PEXdbx89jBcHPMmfyNbWMX5PAorQSTcjvYgASUA
DJcFiWQoXPU5FLWLEKN02LU9pSVjSpmao1bDd6WthiqrZjRW351ySJgieAkI64iW
bwcLZ3rLljOlfPAtftfpls7XsLRxBR67eiWMhCuq8NZFoINhscHepSM0UXHSy9c9
UnOQzW5Dvx8TwGmt4T2e5/xuC5HlAKHzIdCoHE8QJlhlNlcO0UM7FuHR9AWTbbD+
htnC0Io8KEZZTNfaT6qd+5621dFdUIW1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:06 2024 by rpki-client on console-fra.rpki-client.org