Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/C84rlJX3RRuljyC9e0-xA5SOa1s.roa
File: C84rlJX3RRuljyC9e0-xA5SOa1s.roa (raw, json)
Hash identifier: grbbEx0/9Mg2CD2V4TYWElAJMrfu8MC4na5nXoGrPiQ=
Subject key identifier: 0B:CE:2B:94:95:F7:45:1B:A5:8F:20:BD:7B:4F:B1:03:94:8E:6B:5B
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 018CC6B791A15CA445739580172886521228
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/C84rlJX3RRuljyC9e0-xA5SOa1s.roa
Signing time: Mon 01 Jan 2024 20:29:28 +0000
ROA not before: Mon 01 Jan 2024 20:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199484
IP address blocks: 185.155.150.0/24 maxlen: 24
185.155.151.0/24 maxlen: 24
185.155.149.0/24 maxlen: 24
185.155.148.0/24 maxlen: 24
185.153.250.0/24 maxlen: 24
185.153.251.0/24 maxlen: 24
185.153.248.0/22 maxlen: 22
185.153.249.0/24 maxlen: 24
185.153.248.0/24 maxlen: 24
2a07:89c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 25 Jun 2024 21:42:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:91:a1:5c:a4:45:73:95:80:17:28:86:52:12:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Jan 1 20:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bce2b9495f7451ba58f20bd7b4fb103948e6b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bc:bb:2c:0d:8f:8c:71:a3:6d:19:eb:ff:7f:
90:19:ef:b6:75:73:52:5f:02:2c:7f:f6:dd:b8:27:
34:34:42:3c:7c:ed:ce:21:34:ef:c7:cd:c9:e4:4e:
31:4d:a3:cf:8a:d8:1a:08:ba:51:d3:db:be:d0:5e:
56:f2:81:fb:ec:aa:f9:f2:ba:0e:90:8d:b1:5c:ff:
53:1a:1f:2e:a0:d3:08:6d:cf:26:9f:b5:70:b6:67:
bd:87:66:00:d1:4f:b4:2d:43:fb:f1:50:b9:13:01:
70:cd:a3:23:5c:ca:7e:73:3e:8b:ed:54:4b:ef:78:
58:60:c2:6d:9f:b0:40:7e:46:32:42:18:0f:e7:2d:
83:e1:b0:b4:57:74:a4:9a:0d:00:01:7d:d1:70:2d:
bd:15:e6:8b:7e:b8:c9:e4:75:61:be:04:92:9a:85:
fd:e5:69:14:cd:de:48:91:0f:ee:8d:8f:ba:a5:85:
aa:b4:af:fd:3c:cf:8e:74:04:54:f7:00:01:09:f6:
05:a9:02:87:f4:47:ac:28:7d:d4:64:8e:a6:de:22:
de:7e:14:51:ec:f0:fd:89:03:68:e5:49:35:4b:25:
8e:f1:4d:d6:aa:c4:09:1b:a5:52:6c:79:e2:f1:3a:
68:e6:7f:9b:be:2e:b1:34:9d:b1:5b:ed:91:e5:74:
c5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:CE:2B:94:95:F7:45:1B:A5:8F:20:BD:7B:4F:B1:03:94:8E:6B:5B
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/C84rlJX3RRuljyC9e0-xA5SOa1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.248.0/22
185.155.148.0/22
IPv6:
2a07:89c0::/48
Signature Algorithm: sha256WithRSAEncryption
21:bb:bd:96:c9:bf:37:8d:63:57:44:31:94:61:5c:2c:fb:7c:
20:fb:16:4d:76:79:b6:d0:2f:e8:cb:06:40:04:a2:eb:52:d6:
64:83:46:0f:35:47:e3:24:24:40:bc:27:11:26:e5:e8:4b:90:
c8:09:7f:74:46:66:e0:9b:0e:a1:01:73:a5:40:a2:b8:a8:d1:
ac:0f:57:4d:38:87:97:47:40:b6:e2:4e:6c:d7:f5:9b:48:ba:
d5:f1:51:57:58:07:de:f4:9b:61:9a:01:42:5c:1e:6d:23:ff:
d8:9d:44:50:90:5d:87:a8:d7:11:8d:41:47:a8:e5:9f:27:3e:
37:77:59:56:dd:73:5e:e5:44:64:fe:4b:1a:13:e2:31:6b:b7:
52:66:68:44:0b:cc:0c:e9:a6:17:cc:87:8d:85:d2:76:13:c2:
fc:29:36:91:52:cd:02:56:c2:5e:89:a4:45:8d:a1:8b:82:9c:
e6:ca:36:75:c6:6b:01:a5:d4:38:51:74:de:29:98:5f:cf:47:
57:15:3a:b1:ae:21:de:6f:bf:66:40:8e:c9:42:53:4a:8f:6c:
9f:1d:ee:86:5f:53:f6:7f:0b:74:53:8f:65:65:63:8c:72:c6:
2d:12:80:60:ca:32:41:77:c8:e8:0a:0c:64:bf:f8:57:47:cb:
ee:3a:9c:c7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGt5GhXKRFc5WAFyiGUhIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjQwMTAxMjAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmNlMmI5NDk1Zjc0NTFiYTU4ZjIwYmQ3YjRmYjEwMzk0OGU2YjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7y7LA2PjHGjbRnr/3+QGe+2dXNS
XwIsf/bduCc0NEI8fO3OITTvx83J5E4xTaPPitgaCLpR09u+0F5W8oH77Kr58roO
kI2xXP9TGh8uoNMIbc8mn7Vwtme9h2YA0U+0LUP78VC5EwFwzaMjXMp+cz6L7VRL
73hYYMJtn7BAfkYyQhgP5y2D4bC0V3Skmg0AAX3RcC29FeaLfrjJ5HVhvgSSmoX9
5WkUzd5IkQ/ujY+6pYWqtK/9PM+OdARU9wABCfYFqQKH9EesKH3UZI6m3iLefhRR
7PD9iQNo5Uk1SyWO8U3WqsQJG6VSbHni8Tpo5n+bvi6xNJ2xW+2R5XTFSwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAvOK5SV90UbpY8gvXtPsQOUjmtbMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvQzg0cmxKWDNSUnVsanlDOWUwLXhBNVNPYTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuZn4AwQC
uZuUMA8EAgACMAkDBwAqB4nAAAAwDQYJKoZIhvcNAQELBQADggEBACG7vZbJvzeN
Y1dEMZRhXCz7fCD7Fk12ebbQL+jLBkAEoutS1mSDRg81R+MkJEC8JxEm5ehLkMgJ
f3RGZuCbDqEBc6VAorio0awPV004h5dHQLbiTmzX9ZtIutXxUVdYB970m2GaAUJc
Hm0j/9idRFCQXYeo1xGNQUeo5Z8nPjd3WVbdc17lRGT+SxoT4jFrt1JmaEQLzAzp
phfMh42F0nYTwvwpNpFSzQJWwl6JpEWNoYuCnObKNnXGawGl1DhRdN4pmF/PR1cV
OrGuId5vv2ZAjslCU0qPbJ8d7oZfU/Z/C3RTj2VlY4xyxi0SgGDKMkF3yOgKDGS/
+FdHy+46nMc=
-----END CERTIFICATE-----
Generated at Wed Jun 26 03:16:45 2024 by rpki-client on console-ams.rpki-client.org