Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/df_TIx7Lxy0UcGkepqsdG0wBXxo.roa
File: df_TIx7Lxy0UcGkepqsdG0wBXxo.roa (raw, json)
Hash identifier: CpptQvgUzopG9w/aBQt9UIV7R5NInEq+J+px/xhQpto=
Subject key identifier: 75:FF:D3:23:1E:CB:C7:2D:14:70:69:1E:A6:AB:1D:1B:4C:01:5F:1A
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 018B27F11FEA75C5561B71888AFF7AD3FC25
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/df_TIx7Lxy0UcGkepqsdG0wBXxo.roa
Signing time: Fri 13 Oct 2023 07:29:55 +0000
ROA not before: Fri 13 Oct 2023 07:29:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199484
IP address blocks: 185.155.150.0/24 maxlen: 24
185.155.151.0/24 maxlen: 24
185.155.149.0/24 maxlen: 24
185.155.148.0/24 maxlen: 24
185.153.250.0/24 maxlen: 24
185.153.251.0/24 maxlen: 24
185.153.248.0/22 maxlen: 22
185.153.249.0/24 maxlen: 24
185.153.248.0/24 maxlen: 24
2a07:89c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:f1:1f:ea:75:c5:56:1b:71:88:8a:ff:7a:d3:fc:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Oct 13 07:29:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75ffd3231ecbc72d1470691ea6ab1d1b4c015f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4c:ff:0b:6f:97:e0:1c:8e:f7:b2:ca:01:41:
a7:fc:d1:18:f8:ae:e0:3b:75:48:d8:50:27:ff:c2:
8e:a3:83:59:37:58:be:a8:b8:f6:3f:34:94:e8:02:
32:d3:30:a2:1a:d7:e3:97:df:cd:a4:8e:f5:f6:2f:
8e:27:b4:15:4e:ce:bd:5d:44:65:85:2e:65:1b:af:
3e:b8:39:91:4c:b8:16:73:3b:8a:48:52:e4:3f:3f:
3c:b4:3d:71:53:32:67:fb:28:14:df:80:fd:b1:23:
b3:77:c8:b4:29:5e:0c:b9:10:67:96:4c:1b:52:c4:
39:6e:c2:ee:d4:89:ed:cc:cd:8a:b2:81:a7:34:94:
78:50:3d:4c:f6:02:ab:dd:e0:a9:1a:87:91:ed:9f:
ad:c9:ef:8f:ee:39:e5:95:63:46:2f:d8:fc:37:4b:
99:13:ea:1f:88:40:28:21:c9:dd:b6:93:02:8d:a4:
ec:c6:ab:3d:9a:66:2c:1c:57:dd:d9:13:88:b5:2f:
fc:57:a4:3b:3e:fd:b8:f3:6b:85:a8:ce:fd:ba:fb:
4f:dd:58:8b:e5:62:47:70:e7:b6:23:09:73:67:0a:
b7:cb:31:4d:bb:8e:1f:d6:af:aa:f8:fd:09:b0:a5:
a5:58:c4:12:18:6e:be:08:d0:60:3b:2b:4e:57:85:
dc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:FF:D3:23:1E:CB:C7:2D:14:70:69:1E:A6:AB:1D:1B:4C:01:5F:1A
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/df_TIx7Lxy0UcGkepqsdG0wBXxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.248.0/22
185.155.148.0/22
IPv6:
2a07:89c0::/48
Signature Algorithm: sha256WithRSAEncryption
80:ec:12:02:8a:2c:b5:a9:d4:40:e7:87:e5:9a:95:bc:b3:43:
09:35:cf:bf:a2:d7:0c:f3:64:bf:a9:c2:cb:d4:dd:15:f1:65:
92:e9:3d:da:c8:93:3c:03:5b:cd:5b:e7:db:dc:f8:f2:c9:4f:
fe:01:1d:74:22:df:c9:a3:67:7d:75:fa:23:db:86:19:21:11:
74:93:a4:a3:3c:fa:c2:08:92:45:f0:d3:9c:32:83:25:65:42:
93:c1:ec:65:45:32:9c:79:4d:1d:91:5b:2e:99:b2:a9:b7:7b:
f0:18:9a:1d:29:86:e9:17:0d:a4:e0:52:97:8a:c1:ba:dd:ba:
76:ee:4e:94:e0:f6:16:f8:42:e2:2b:cb:71:d9:b5:bd:0d:9d:
87:49:85:94:17:8f:4c:7b:cd:3c:de:9b:8b:f2:33:75:34:b8:
34:9b:15:ac:8a:49:d1:31:28:3f:0c:c5:f0:53:9c:cf:f0:51:
f1:7e:4c:d2:ec:4e:ca:c8:93:9c:a1:31:33:88:cb:25:f3:3a:
ee:b3:12:e7:e6:59:4a:60:4a:0f:e7:f1:eb:69:1e:90:72:79:
13:f6:52:97:7b:0c:3d:78:aa:c2:72:e7:2e:d1:0b:88:2d:76:
a3:eb:7a:33:40:85:26:53:06:40:9a:22:db:56:5a:33:37:a4:
2b:14:ff:cd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYsn8R/qdcVWG3GIiv960/wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjMxMDEzMDcyOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWZmZDMyMzFlY2JjNzJkMTQ3MDY5MWVhNmFiMWQxYjRjMDE1ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEz/C2+X4ByO97LKAUGn/NEY+K7g
O3VI2FAn/8KOo4NZN1i+qLj2PzSU6AIy0zCiGtfjl9/NpI719i+OJ7QVTs69XURl
hS5lG68+uDmRTLgWczuKSFLkPz88tD1xUzJn+ygU34D9sSOzd8i0KV4MuRBnlkwb
UsQ5bsLu1IntzM2KsoGnNJR4UD1M9gKr3eCpGoeR7Z+tye+P7jnllWNGL9j8N0uZ
E+ofiEAoIcndtpMCjaTsxqs9mmYsHFfd2ROItS/8V6Q7Pv2482uFqM79uvtP3ViL
5WJHcOe2IwlzZwq3yzFNu44f1q+q+P0JsKWlWMQSGG6+CNBgOytOV4XcJwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHX/0yMey8ctFHBpHqarHRtMAV8aMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvZGZfVEl4N0x4eTBVY0drZXBxc2RHMHdCWHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuZn4AwQC
uZuUMA8EAgACMAkDBwAqB4nAAAAwDQYJKoZIhvcNAQELBQADggEBAIDsEgKKLLWp
1EDnh+WalbyzQwk1z7+i1wzzZL+pwsvU3RXxZZLpPdrIkzwDW81b59vc+PLJT/4B
HXQi38mjZ311+iPbhhkhEXSTpKM8+sIIkkXw05wygyVlQpPB7GVFMpx5TR2RWy6Z
sqm3e/AYmh0phukXDaTgUpeKwbrdunbuTpTg9hb4QuIry3HZtb0NnYdJhZQXj0x7
zTzem4vyM3U0uDSbFayKSdExKD8MxfBTnM/wUfF+TNLsTsrIk5yhMTOIyyXzOu6z
EufmWUpgSg/n8etpHpByeRP2Upd7DD14qsJy5y7RC4gtdqPrejNAhSZTBkCaIttW
WjM3pCsU/80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:28 2024 by rpki-client on console-fra.rpki-client.org