Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/h5Ngyi8hfDPffd1V8IJ71DHrPeQ.roa
File: h5Ngyi8hfDPffd1V8IJ71DHrPeQ.roa (raw, json)
Hash identifier: jStUMrZuMmKF4lQFgx2fVeBtXAorGM8fhrREWYR9QR0=
Subject key identifier: 87:93:60:CA:2F:21:7C:33:DF:7D:DD:55:F0:82:7B:D4:31:EB:3D:E4
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 01856C4A76A7EBA833F05F83DF5AE8F4DDFA
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/h5Ngyi8hfDPffd1V8IJ71DHrPeQ.roa
Signing time: Sun 01 Jan 2023 07:44:57 +0000
ROA not before: Sun 01 Jan 2023 07:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3301
IP address blocks: 192.157.11.0/24 maxlen: 24
192.157.9.0/24 maxlen: 24
192.157.8.0/24 maxlen: 24
192.157.10.0/24 maxlen: 24
153.112.240.0/24 maxlen: 24
153.112.241.0/24 maxlen: 24
153.112.160.0/24 maxlen: 24
153.112.166.0/24 maxlen: 24
153.112.165.0/24 maxlen: 24
153.112.162.0/24 maxlen: 24
153.112.161.0/24 maxlen: 24
153.112.164.0/24 maxlen: 24
153.112.163.0/24 maxlen: 24
153.112.167.0/24 maxlen: 24
153.112.173.0/24 maxlen: 24
153.112.179.0/24 maxlen: 24
153.112.176.0/24 maxlen: 24
153.112.178.0/24 maxlen: 24
153.112.177.0/24 maxlen: 24
153.112.186.0/24 maxlen: 24
153.112.183.0/24 maxlen: 24
153.112.182.0/24 maxlen: 24
153.112.185.0/24 maxlen: 24
153.112.184.0/24 maxlen: 24
153.112.181.0/24 maxlen: 24
153.112.180.0/24 maxlen: 24
153.112.190.0/24 maxlen: 24
153.112.189.0/24 maxlen: 24
153.112.191.0/24 maxlen: 24
153.112.188.0/24 maxlen: 24
153.112.187.0/24 maxlen: 24
79.170.17.0/24 maxlen: 24
79.170.16.0/24 maxlen: 24
153.112.209.0/24 maxlen: 24
153.112.208.0/24 maxlen: 24
79.170.22.0/24 maxlen: 24
79.170.21.0/24 maxlen: 24
79.170.23.0/24 maxlen: 24
79.170.19.0/24 maxlen: 24
79.170.18.0/24 maxlen: 24
79.170.20.0/24 maxlen: 24
153.112.132.0/24 maxlen: 24
153.112.139.0/24 maxlen: 24
153.112.134.0/24 maxlen: 24
153.112.135.0/24 maxlen: 24
153.112.133.0/24 maxlen: 24
153.112.151.0/24 maxlen: 24
153.112.150.0/24 maxlen: 24
153.112.149.0/24 maxlen: 24
192.138.109.0/24 maxlen: 24
192.138.111.0/24 maxlen: 24
192.138.110.0/24 maxlen: 24
192.138.116.0/24 maxlen: 24
192.138.117.0/24 maxlen: 24
2a02:f784:20::/48 maxlen: 48
2a02:f784:30::/48 maxlen: 48
2a02:f784:8001::/48 maxlen: 48
2a02:f784:8000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:76:a7:eb:a8:33:f0:5f:83:df:5a:e8:f4:dd:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Jan 1 07:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=879360ca2f217c33df7ddd55f0827bd431eb3de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4b:59:f1:39:d2:51:80:63:ff:a5:b9:1c:7f:
28:f3:ba:0b:7e:68:ae:89:94:57:b7:2d:5d:e8:e9:
45:11:cd:84:4a:9a:6a:14:82:24:1b:69:db:c0:9e:
f3:ce:bd:dc:0f:7f:58:75:bb:51:dc:79:30:36:41:
32:50:cf:ae:a8:82:b4:4a:41:d3:b0:40:03:19:bf:
a1:68:93:c3:d4:59:71:25:e8:a3:f0:b8:a3:71:00:
ec:33:53:22:1b:c0:fa:b0:c4:63:62:e0:c3:08:62:
c0:23:fc:a2:11:32:ee:9a:76:ce:c7:b8:7a:bb:7c:
80:d7:72:cf:5a:7a:fc:b9:b8:b1:47:d3:9c:a5:c0:
3f:83:22:4e:73:49:74:63:2b:15:38:fc:85:f0:e0:
b9:67:bb:46:6e:76:7a:3d:1d:ca:88:1f:e7:c9:83:
47:9b:98:9a:45:89:15:9b:fb:d8:3a:4f:e2:45:4b:
26:30:88:69:a4:93:54:4f:3e:d2:de:bc:96:65:b7:
a6:05:8b:66:42:b7:c3:14:4e:68:aa:07:1f:e7:17:
a4:8f:14:d4:67:6d:7b:68:15:05:f2:90:59:8b:97:
8d:dd:c3:1c:da:e3:77:83:22:4f:ba:36:ee:c4:de:
05:11:72:bf:bc:fc:89:c9:06:d4:37:1f:b3:85:33:
5b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:93:60:CA:2F:21:7C:33:DF:7D:DD:55:F0:82:7B:D4:31:EB:3D:E4
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/h5Ngyi8hfDPffd1V8IJ71DHrPeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.16.0/21
153.112.132.0/22
153.112.139.0/24
153.112.149.0-153.112.151.255
153.112.160.0/21
153.112.173.0/24
153.112.176.0/20
153.112.208.0/23
153.112.240.0/23
192.138.109.0-192.138.111.255
192.138.116.0/23
192.157.8.0/22
IPv6:
2a02:f784:20::/48
2a02:f784:30::/48
2a02:f784:8000::/47
Signature Algorithm: sha256WithRSAEncryption
b4:23:3c:4e:b8:74:ef:7c:21:c8:8a:6f:08:4d:f1:4d:44:0f:
67:b3:da:d0:96:1c:c9:e2:ec:be:83:30:bc:1d:c2:b3:ea:d5:
e8:f0:43:5d:86:cf:a2:a3:9e:26:52:95:69:65:f9:d4:24:c0:
85:b0:29:72:08:e3:b7:97:33:05:6a:f6:25:19:b7:e9:da:5a:
29:fa:a9:3a:d4:35:a4:0e:e9:1f:9a:87:a8:48:ca:d8:29:2d:
5a:e0:b3:c7:9d:16:28:20:32:f7:2e:6e:d3:4c:36:c4:cf:28:
7e:5f:75:d7:d8:7a:21:e7:80:3f:9f:f9:fb:96:01:b8:0d:1a:
76:54:2b:5b:fe:c1:2e:00:50:97:e1:4c:ae:b4:02:2f:0b:cd:
d6:75:32:01:0e:34:9c:8d:f7:7d:88:7a:13:58:c2:b1:50:87:
7b:cc:df:30:79:e1:f4:40:43:3c:29:5b:c4:41:39:a1:4e:e1:
a8:68:36:d9:76:06:07:54:17:16:3a:23:70:87:3a:1f:dc:d0:
7a:2a:56:01:62:30:68:5a:f9:45:fd:a2:e2:48:7a:c6:59:07:
88:35:39:e7:cc:2c:f9:c3:5a:2a:58:db:ae:52:d8:3a:5d:fd:
9c:a4:ba:59:12:b5:38:33:29:13:2d:20:84:f4:48:d4:f5:a6:
16:af:61:50
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYVsSnan66gz8F+D31ro9N36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjMwMTAxMDc0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkzNjBjYTJmMjE3YzMzZGY3ZGRkNTVmMDgyN2JkNDMxZWIzZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0tZ8TnSUYBj/6W5HH8o87oLfmiu
iZRXty1d6OlFEc2ESppqFIIkG2nbwJ7zzr3cD39YdbtR3HkwNkEyUM+uqIK0SkHT
sEADGb+haJPD1FlxJeij8LijcQDsM1MiG8D6sMRjYuDDCGLAI/yiETLumnbOx7h6
u3yA13LPWnr8ubixR9OcpcA/gyJOc0l0YysVOPyF8OC5Z7tGbnZ6PR3KiB/nyYNH
m5iaRYkVm/vYOk/iRUsmMIhppJNUTz7S3ryWZbemBYtmQrfDFE5oqgcf5xekjxTU
Z217aBUF8pBZi5eN3cMc2uN3gyJPujbuxN4FEXK/vPyJyQbUNx+zhTNbRQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFIeTYMovIXwz333dVfCCe9Qx6z3kMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvaDVOZ3lpOGhmRFBmZmQxVjhJSjcxREhyUGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBeBAIAATBYAwQDT6oQ
AwQCmXCEAwQAmXCLMAwDBACZcJUDBAOZcJADBAOZcKADBACZcK0DBASZcLADBAGZ
cNADBAGZcPAwDAMEAMCKbQMEBMCKYAMEAcCKdAMEAsCdCDAhBAIAAjAbAwcAKgL3
hAAgAwcAKgL3hAAwAwcBKgL3hIAAMA0GCSqGSIb3DQEBCwUAA4IBAQC0IzxOuHTv
fCHIim8ITfFNRA9ns9rQlhzJ4uy+gzC8HcKz6tXo8ENdhs+io54mUpVpZfnUJMCF
sClyCOO3lzMFavYlGbfp2lop+qk61DWkDukfmoeoSMrYKS1a4LPHnRYoIDL3Lm7T
TDbEzyh+X3XX2Hoh54A/n/n7lgG4DRp2VCtb/sEuAFCX4UyutAIvC83WdTIBDjSc
jfd9iHoTWMKxUId7zN8weeH0QEM8KVvEQTmhTuGoaDbZdgYHVBcWOiNwhzof3NB6
KlYBYjBoWvlF/aLiSHrGWQeINTnnzCz5w1oqWNuuUtg6Xf2cpLpZErU4MykTLSCE
9EjU9aYWr2FQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:31 2024 by rpki-client on console-fra.rpki-client.org