Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/fDa3VUChHuPcgDyK2lNnzcMcxTM.roa
File: fDa3VUChHuPcgDyK2lNnzcMcxTM.roa (raw, json)
Hash identifier: IKSwuY4TDrDV+f1ltb0LDW0SSPwq8r5S8TVDmYWsyUs=
Subject key identifier: 7C:36:B7:55:40:A1:1E:E3:DC:80:3C:8A:DA:53:67:CD:C3:1C:C5:33
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01856C4A75E100E892498D214E33A89F13A0
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/fDa3VUChHuPcgDyK2lNnzcMcxTM.roa
Signing time: Sun 01 Jan 2023 07:44:57 +0000
ROA not before: Sun 01 Jan 2023 07:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1299
IP address blocks: 153.112.216.0/24 maxlen: 24
153.112.217.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
153.112.224.0/24 maxlen: 24
153.112.225.0/24 maxlen: 24
153.112.226.0/24 maxlen: 24
153.112.230.0/24 maxlen: 24
153.112.231.0/24 maxlen: 24
193.53.29.0/24 maxlen: 24
153.112.227.0/24 maxlen: 24
153.112.228.0/24 maxlen: 24
153.112.229.0/24 maxlen: 24
153.112.205.0/24 maxlen: 24
192.157.14.0/24 maxlen: 24
192.157.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:75:e1:00:e8:92:49:8d:21:4e:33:a8:9f:13:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 07:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c36b75540a11ee3dc803c8ada5367cdc31cc533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8b:6b:1e:74:68:b6:fe:1b:06:a7:4d:4b:4f:
3b:14:6b:33:6a:3a:a3:b2:a6:4a:ce:2f:54:c2:c2:
86:fe:8e:d1:45:c1:35:a5:b6:80:90:76:f9:89:15:
b8:24:8f:61:52:23:12:8c:fd:04:f0:3a:ea:a1:12:
c9:f2:52:d0:cb:f2:45:72:ec:a6:59:be:cf:f8:e5:
a1:9a:d0:a5:f2:51:61:08:cb:c8:f3:20:ae:56:d5:
b4:d0:8c:ab:96:3a:b2:d3:c1:9d:1a:c8:e2:85:3e:
7b:52:c1:a3:95:63:07:7d:31:11:a8:e7:b9:ba:e0:
22:2f:df:12:5e:a3:7c:5d:22:9b:94:39:8e:03:30:
47:2f:d3:4b:28:2a:11:2a:94:b0:af:c5:8a:64:f8:
e0:f9:eb:45:a0:0a:d8:c0:9c:c2:26:71:ce:be:70:
c4:ef:7f:9a:0f:3e:04:62:43:12:26:39:d0:1f:06:
60:95:b0:25:cc:23:7f:80:70:c7:5c:e6:e6:f2:77:
00:d2:03:bf:e0:1f:87:ab:11:85:58:a5:de:7f:d9:
0d:26:bf:56:f7:c2:b8:ff:d1:a5:d3:a8:10:80:e0:
e9:e2:4a:ce:f0:67:86:5e:be:93:14:f0:83:9c:5a:
16:b4:ea:43:ac:93:f4:9b:f0:2f:93:9f:f8:1f:b9:
c2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:36:B7:55:40:A1:1E:E3:DC:80:3C:8A:DA:53:67:CD:C3:1C:C5:33
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/fDa3VUChHuPcgDyK2lNnzcMcxTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.205.0/24
153.112.216.0/23
153.112.223.0-153.112.231.255
192.157.14.0/23
193.53.29.0/24
Signature Algorithm: sha256WithRSAEncryption
03:1b:84:bb:e6:c6:a1:5f:05:ce:b4:b6:5f:12:a1:27:9a:31:
7e:12:fc:95:df:ca:b1:0c:b7:ed:10:21:a2:da:02:dc:ce:0e:
fb:15:d7:d2:aa:d0:ee:1e:0a:36:e7:eb:eb:d5:ea:06:b9:83:
83:bb:b6:86:31:51:b8:31:54:71:bf:ac:15:8d:76:99:52:e3:
63:2e:33:ef:70:27:fb:37:ad:90:93:de:b6:74:4f:12:58:36:
81:ec:f8:e3:b6:b0:8a:ca:6c:c5:79:ba:82:89:1b:d2:6a:73:
26:5e:14:64:b1:9d:cf:3c:15:b6:21:4f:cf:1e:23:8e:67:28:
5e:93:12:98:e2:e5:1e:b4:55:75:7b:e8:ae:a8:c1:c3:88:79:
e8:21:24:60:71:35:fa:25:ed:d0:ce:c6:01:41:cf:91:cd:dc:
b0:54:02:bd:31:58:78:e8:b8:55:f1:f1:9f:5b:d7:89:3f:9e:
e1:03:2a:b8:65:fb:f3:31:ce:f8:78:1e:f8:c4:ca:0f:84:a9:
11:9a:32:cf:9b:d1:a7:97:2b:00:df:b3:d9:21:71:36:d6:36:
9c:34:3a:87:4a:b7:49:ca:06:b6:81:d9:21:0f:49:bd:fa:e0:
91:d9:9c:73:9e:1c:26:ea:45:ba:da:16:83:ee:90:1a:3a:b4:
63:7b:4a:77
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVsSnXhAOiSSY0hTjOonxOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjMwMTAxMDc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzM2Yjc1NTQwYTExZWUzZGM4MDNjOGFkYTUzNjdjZGMzMWNjNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkotrHnRotv4bBqdNS087FGszajqj
sqZKzi9UwsKG/o7RRcE1pbaAkHb5iRW4JI9hUiMSjP0E8DrqoRLJ8lLQy/JFcuym
Wb7P+OWhmtCl8lFhCMvI8yCuVtW00Iyrljqy08GdGsjihT57UsGjlWMHfTERqOe5
uuAiL98SXqN8XSKblDmOAzBHL9NLKCoRKpSwr8WKZPjg+etFoArYwJzCJnHOvnDE
73+aDz4EYkMSJjnQHwZglbAlzCN/gHDHXObm8ncA0gO/4B+HqxGFWKXef9kNJr9W
98K4/9Gl06gQgODp4krO8GeGXr6TFPCDnFoWtOpDrJP0m/Avk5/4H7nCcwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHw2t1VAoR7j3IA8itpTZ83DHMUzMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvZkRhM1ZVQ2hIdVBjZ0R5SzJsTm56Y01jeFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAmXDNAwQB
mXDYMAwDBACZcN8DBAOZcOADBAHAnQ4DBADBNR0wDQYJKoZIhvcNAQELBQADggEB
AAMbhLvmxqFfBc60tl8SoSeaMX4S/JXfyrEMt+0QIaLaAtzODvsV19Kq0O4eCjbn
6+vV6ga5g4O7toYxUbgxVHG/rBWNdplS42MuM+9wJ/s3rZCT3rZ0TxJYNoHs+OO2
sIrKbMV5uoKJG9JqcyZeFGSxnc88FbYhT88eI45nKF6TEpji5R60VXV76K6owcOI
eeghJGBxNfol7dDOxgFBz5HN3LBUAr0xWHjouFXx8Z9b14k/nuEDKrhl+/Mxzvh4
HvjEyg+EqRGaMs+b0aeXKwDfs9khcTbWNpw0OodKt0nKBraB2SEPSb364JHZnHOe
HCbqRbraFoPukBo6tGN7Snc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org