Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AVhNwtURtQ1IJhTJbgS7-zh0xHo.roa
File: AVhNwtURtQ1IJhTJbgS7-zh0xHo.roa (raw, json)
Hash identifier: Tw/QOnx5N4h9OFgRTUFmhnP7/zfEklH9I51OEzGb1Dg=
Subject key identifier: 01:58:4D:C2:D5:11:B5:0D:48:26:14:C9:6E:04:BB:FB:38:74:C4:7A
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018C7D7FA4ED4312A9C7943E42025996ED56
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AVhNwtURtQ1IJhTJbgS7-zh0xHo.roa
Signing time: Mon 18 Dec 2023 15:16:06 +0000
ROA not before: Mon 18 Dec 2023 15:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51223
IP address blocks: 185.139.60.0/22 maxlen: 24
185.26.4.0/22 maxlen: 24
89.32.80.0/21 maxlen: 24
178.237.128.0/20 maxlen: 24
212.119.48.0/22 maxlen: 24
176.113.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:7f:a4:ed:43:12:a9:c7:94:3e:42:02:59:96:ed:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 18 15:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01584dc2d511b50d482614c96e04bbfb3874c47a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:f0:8a:6c:50:2d:89:76:75:64:a0:eb:df:
7b:31:b7:60:92:e5:e9:ed:02:01:78:47:73:97:c7:
ad:54:86:20:ad:2d:14:92:a5:47:3b:0c:ac:40:48:
df:b4:d9:27:46:97:80:73:6b:b2:50:d4:54:d3:81:
c7:08:cc:b3:58:d4:4c:50:55:4e:5d:06:54:32:22:
73:4b:e2:83:50:80:b9:e9:f2:e6:87:a1:7f:52:2f:
11:07:59:8c:be:a3:b9:6c:5f:3b:d6:3d:9f:71:09:
ca:94:0a:87:4d:35:a2:eb:eb:78:48:3f:15:f3:95:
bd:58:f7:d1:2a:6f:04:bd:e8:01:3e:86:7e:0a:85:
0f:d0:23:ea:0e:aa:cc:75:59:72:97:1a:57:ac:07:
d1:9e:22:45:3a:f4:ab:07:ad:e5:73:e8:1e:e7:21:
57:44:45:06:01:a5:06:9c:2c:5f:0d:47:5a:0b:ae:
14:23:af:46:de:e5:5a:7f:9b:20:0c:9d:cb:53:fa:
20:1b:16:9e:43:6c:c2:09:f3:c8:3c:ab:cf:d1:58:
60:b8:f6:4b:97:c2:d4:6d:e3:cf:a1:b2:11:b8:d4:
8f:0d:e8:fa:b9:55:b1:1f:21:44:12:53:4f:7d:34:
42:c0:30:f7:77:41:11:55:cf:6b:f1:43:22:ca:62:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:58:4D:C2:D5:11:B5:0D:48:26:14:C9:6E:04:BB:FB:38:74:C4:7A
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AVhNwtURtQ1IJhTJbgS7-zh0xHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.80.0/21
176.113.84.0/22
178.237.128.0/20
185.26.4.0/22
185.139.60.0/22
212.119.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:98:85:e2:b0:48:35:58:f5:ac:0d:4b:18:2e:8d:e3:b7:55:
43:c3:33:29:65:b0:6c:f1:94:81:e5:ae:28:78:0e:da:ab:f1:
12:9c:01:9a:f2:da:49:68:e6:a7:2a:ef:60:22:f6:38:10:58:
3c:0e:30:2c:b4:13:a4:25:d3:6f:47:ef:c6:8f:1e:ab:d7:2f:
7d:56:ec:60:03:65:37:51:39:94:63:cb:84:41:a0:87:07:e5:
e7:f0:48:3f:7b:b1:f4:cc:b6:1a:97:e0:7d:8c:46:7e:e7:36:
16:d9:e5:46:85:e4:39:f0:83:c0:18:09:c8:2f:fb:ad:b5:2f:
b4:a2:39:86:fb:06:68:f0:09:19:91:44:9a:77:cc:6e:fa:66:
77:e1:f4:13:69:dd:94:d8:5c:59:e1:ca:66:36:ad:30:6c:58:
f9:da:95:10:7d:fe:f7:e7:da:88:55:06:30:4b:79:04:1b:70:
f9:4a:a1:79:20:95:54:82:b9:8c:d0:03:7a:52:dc:bb:56:88:
1e:b1:03:f5:59:92:09:21:d2:d9:46:46:39:3c:a4:f4:0e:44:
59:20:bd:3e:d6:67:f1:df:b6:4a:5e:4b:fe:28:58:df:5b:43:
4c:80:08:bd:c9:f5:8b:2c:8b:48:c2:9d:93:ce:51:f3:3d:93:
1c:95:85:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYx9f6TtQxKpx5Q+QgJZlu1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMxMjE4MTUxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTU4NGRjMmQ1MTFiNTBkNDgyNjE0Yzk2ZTA0YmJmYjM4NzRjNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUnwimxQLYl2dWSg6997MbdgkuXp
7QIBeEdzl8etVIYgrS0UkqVHOwysQEjftNknRpeAc2uyUNRU04HHCMyzWNRMUFVO
XQZUMiJzS+KDUIC56fLmh6F/Ui8RB1mMvqO5bF871j2fcQnKlAqHTTWi6+t4SD8V
85W9WPfRKm8EvegBPoZ+CoUP0CPqDqrMdVlylxpXrAfRniJFOvSrB63lc+ge5yFX
REUGAaUGnCxfDUdaC64UI69G3uVaf5sgDJ3LU/ogGxaeQ2zCCfPIPKvP0VhguPZL
l8LUbePPobIRuNSPDej6uVWxHyFEElNPfTRCwDD3d0ERVc9r8UMiymKz+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAFYTcLVEbUNSCYUyW4Eu/s4dMR6MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvQVZoTnd0VVJ0UTFJSmhUSmJnUzctemgweEhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDWSBQAwQC
sHFUAwQEsu2AAwQCuRoEAwQCuYs8AwQC1HcwMA0GCSqGSIb3DQEBCwUAA4IBAQCK
mIXisEg1WPWsDUsYLo3jt1VDwzMpZbBs8ZSB5a4oeA7aq/ESnAGa8tpJaOanKu9g
IvY4EFg8DjAstBOkJdNvR+/Gjx6r1y99VuxgA2U3UTmUY8uEQaCHB+Xn8Eg/e7H0
zLYal+B9jEZ+5zYW2eVGheQ58IPAGAnIL/uttS+0ojmG+wZo8AkZkUSad8xu+mZ3
4fQTad2U2FxZ4cpmNq0wbFj52pUQff7359qIVQYwS3kEG3D5SqF5IJVUgrmM0AN6
Uty7VogesQP1WZIJIdLZRkY5PKT0DkRZIL0+1mfx37ZKXkv+KFjfW0NMgAi9yfWL
LItIwp2TzlHzPZMclYXq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org