Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/iEpTcPa2lwO_BCR1cvIznlSdrYY.roa
File: iEpTcPa2lwO_BCR1cvIznlSdrYY.roa (raw, json)
Hash identifier: VJ30iWw50pqrA1L/tXwvtViboT4fBXmilVVmqtkhuH8=
Subject key identifier: 88:4A:53:70:F6:B6:97:03:BF:04:24:75:72:F2:33:9E:54:9D:AD:86
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 018CC3494B89D0EAA9EA8AF66BB2E44EF285
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/iEpTcPa2lwO_BCR1cvIznlSdrYY.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13150
IP address blocks: 185.114.121.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Apr 2024 09:08:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4b:89:d0:ea:a9:ea:8a:f6:6b:b2:e4:4e:f2:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=884a5370f6b69703bf04247572f2339e549dad86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:23:cb:14:6f:56:e9:9e:c3:0c:40:4f:53:ed:
b5:e6:d3:34:a1:57:50:57:6f:d3:49:c8:03:b9:7d:
bf:73:1f:04:bd:b2:1e:7c:96:ea:0f:b0:52:e6:5d:
4c:90:11:56:87:0e:e6:53:e8:1a:e8:4d:16:55:f2:
e9:83:8a:c4:6d:d8:38:46:a6:67:83:a4:7b:e9:84:
ab:bf:44:b4:3e:4e:35:13:30:e6:95:4a:51:6c:2f:
34:f6:4a:88:10:a0:54:ce:3c:b7:7e:8c:d0:c5:ae:
a4:fb:cf:c0:be:bc:a5:fe:b5:77:a1:49:a1:2a:91:
76:bd:6d:61:db:31:f1:04:fb:2d:ac:28:93:df:88:
ca:68:d5:16:eb:cb:f7:2a:96:4c:28:40:e7:07:67:
06:29:eb:63:67:bc:53:89:e2:11:08:21:c8:dc:b7:
07:48:2d:02:d3:08:9c:52:2e:9d:1d:2f:90:e2:a4:
05:8e:80:bb:95:e6:c7:2e:85:25:f0:9a:67:2e:48:
0e:7c:2d:e7:95:e6:8e:49:69:1e:f5:61:97:9d:08:
77:f9:db:c7:a1:74:45:d3:9f:bf:53:03:79:c2:80:
95:4d:4b:f0:61:50:0a:b4:26:c9:2d:77:3e:24:b1:
1b:fb:09:46:10:9d:d9:93:70:d7:7f:21:75:b8:7d:
ce:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:4A:53:70:F6:B6:97:03:BF:04:24:75:72:F2:33:9E:54:9D:AD:86
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/iEpTcPa2lwO_BCR1cvIznlSdrYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.20.255
185.114.120.0/22
209.206.0.0-209.206.29.255
209.206.31.0/24
Signature Algorithm: sha256WithRSAEncryption
11:b4:be:a0:6d:59:53:d0:63:e7:2d:e2:7c:2b:67:e2:ad:34:
11:47:63:82:08:f2:0c:2c:57:e1:ce:7f:c3:0a:c6:1a:d6:20:
4e:7a:76:6a:bd:f4:10:63:58:6d:01:13:b4:e4:94:21:55:27:
d3:c9:6c:20:0b:86:ba:1b:0e:7b:df:d8:37:3f:1d:a9:ce:d5:
cf:42:27:ff:b5:3d:32:23:1c:6a:b5:45:2c:96:7b:69:02:11:
4b:6c:29:dc:fa:74:8f:a0:0e:e3:6c:32:26:99:38:36:b1:d3:
e5:01:8f:35:5e:3e:dc:bc:e9:39:89:88:85:05:4d:ef:22:6e:
13:09:2c:41:f0:e2:bd:53:49:fe:31:85:a4:69:57:48:ee:a7:
be:47:46:89:af:66:bb:bc:84:a6:c5:59:c5:c8:a6:3d:55:ca:
ec:f3:a8:a4:f0:de:49:7f:fb:8d:3d:a2:2e:75:38:b3:b8:41:
97:8c:96:06:13:c6:08:ca:34:8a:f1:cf:fd:91:60:fa:58:05:
97:89:34:d6:c2:55:0c:54:37:a3:98:3b:05:2a:1f:bf:2f:df:
d3:42:b2:f1:d7:56:6c:18:02:e7:74:25:f8:11:5e:e2:89:97:
f6:1b:57:d3:5a:32:b3:8f:e6:a3:20:24:5c:7d:b0:07:57:e3:
db:ac:1d:6f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzDSUuJ0Oqp6or2a7LkTvKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODRhNTM3MGY2YjY5NzAzYmYwNDI0NzU3MmYyMzM5ZTU0OWRhZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyPLFG9W6Z7DDEBPU+215tM0oVdQ
V2/TScgDuX2/cx8EvbIefJbqD7BS5l1MkBFWhw7mU+ga6E0WVfLpg4rEbdg4RqZn
g6R76YSrv0S0Pk41EzDmlUpRbC809kqIEKBUzjy3fozQxa6k+8/Avryl/rV3oUmh
KpF2vW1h2zHxBPstrCiT34jKaNUW68v3KpZMKEDnB2cGKetjZ7xTieIRCCHI3LcH
SC0C0wicUi6dHS+Q4qQFjoC7lebHLoUl8JpnLkgOfC3nleaOSWke9WGXnQh3+dvH
oXRF05+/UwN5woCVTUvwYVAKtCbJLXc+JLEb+wlGEJ3Zk3DXfyF1uH3O1QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIhKU3D2tpcDvwQkdXLyM55Una2GMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvaUVwVGNQYTJsd09fQkNSMWN2SXpubFNkcllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQBVf8QMAwD
BABV/xMDBABV/xQDBAK5cngwCwMDAdHOAwQB0c4cAwQA0c4fMA0GCSqGSIb3DQEB
CwUAA4IBAQARtL6gbVlT0GPnLeJ8K2firTQRR2OCCPIMLFfhzn/DCsYa1iBOenZq
vfQQY1htARO05JQhVSfTyWwgC4a6Gw5739g3Px2pztXPQif/tT0yIxxqtUUslntp
AhFLbCnc+nSPoA7jbDImmTg2sdPlAY81Xj7cvOk5iYiFBU3vIm4TCSxB8OK9U0n+
MYWkaVdI7qe+R0aJr2a7vISmxVnFyKY9Vcrs86ik8N5Jf/uNPaIudTizuEGXjJYG
E8YIyjSK8c/9kWD6WAWXiTTWwlUMVDejmDsFKh+/L9/TQrLx11ZsGALndCX4EV7i
iZf2G1fTWjKzj+ajICRcfbAHV+PbrB1v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:06 2024 by rpki-client on console-fra.rpki-client.org