Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fpG6I86eV9hE-WXj2wXnHMToStI.roa
File: fpG6I86eV9hE-WXj2wXnHMToStI.roa (raw, json)
Hash identifier: P6rlVaDgwBIFBvGOoV1mPm57gKnckeAnyZPWuDQGjoA=
Subject key identifier: 7E:91:BA:23:CE:9E:57:D8:44:F9:65:E3:DB:05:E7:1C:C4:E8:4A:D2
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ACD5489C710EF5853B12550C21597
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fpG6I86eV9hE-WXj2wXnHMToStI.roa
Signing time: Mon 02 Jan 2023 17:15:05 +0000
ROA not before: Mon 02 Jan 2023 17:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201153
IP address blocks: 45.155.48.0/22 maxlen: 24
80.209.255.0/24 maxlen: 24
185.81.76.0/22 maxlen: 24
185.142.100.0/22 maxlen: 24
95.214.108.0/22 maxlen: 24
195.181.255.0/24 maxlen: 24
212.237.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:cd:54:89:c7:10:ef:58:53:b1:25:50:c2:15:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e91ba23ce9e57d844f965e3db05e71cc4e84ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:32:12:ac:f0:54:e4:59:4a:b5:8f:9b:f0:58:
f8:62:92:85:dc:14:c6:fc:e4:c4:7c:63:1f:2f:49:
b5:3a:e0:6f:c5:c5:1e:dc:dd:14:5b:d7:ca:59:8e:
7b:88:c9:03:5b:01:f4:8b:05:ba:b7:d4:25:96:17:
ad:96:1d:3a:4f:08:5d:bd:a3:e3:f4:0e:35:f0:fd:
b3:4f:f5:9a:38:4c:6f:c2:6a:03:61:7d:80:e9:ca:
ab:fa:9d:51:15:b0:94:e2:4b:24:34:11:27:4c:de:
e9:f4:d4:0c:44:a7:51:4a:9b:a0:0f:99:9f:8d:45:
87:49:f0:96:1d:38:70:c2:fb:24:44:a8:f1:d6:a2:
ce:4a:6a:1d:07:2d:86:ad:b8:f1:f4:dd:74:e2:c1:
6e:da:c7:43:14:2a:69:dd:88:f3:b1:36:21:4b:5f:
4f:ff:6f:ed:70:e3:89:f0:a3:b5:62:17:c2:2d:80:
ce:9e:bb:8e:cd:22:b6:f2:cc:f1:49:df:e5:de:50:
7a:9e:43:4c:63:c6:a6:05:2a:6e:f7:a0:a6:a5:02:
58:fd:a6:6b:fa:69:89:ea:56:8e:a7:ed:50:15:95:
e5:ba:37:d9:3b:bd:f1:dd:59:1c:02:f5:b3:f9:dc:
0d:8f:3c:71:b0:36:27:17:4e:fc:57:41:81:f9:c9:
cd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:91:BA:23:CE:9E:57:D8:44:F9:65:E3:DB:05:E7:1C:C4:E8:4A:D2
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/fpG6I86eV9hE-WXj2wXnHMToStI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.48.0/22
80.209.255.0/24
95.214.108.0/22
185.81.76.0/22
185.142.100.0/22
195.181.255.0/24
212.237.255.0/24
Signature Algorithm: sha256WithRSAEncryption
73:51:64:72:ce:da:e0:3f:0b:c4:1b:29:39:c2:ae:31:2c:b1:
26:3a:fa:15:5e:8b:1a:de:b1:ce:b6:0a:d9:34:17:c1:86:d2:
f7:4b:37:ab:2f:df:a7:6f:89:0d:26:d2:2d:86:4f:c2:51:bc:
c5:66:4a:42:4f:6b:16:78:d0:69:68:a4:62:6e:4b:16:b5:30:
55:fe:91:19:d9:c9:87:a7:11:50:52:c8:40:04:6c:50:f9:39:
d4:1c:ba:59:35:6a:a0:85:ea:b9:03:70:f4:07:d7:0c:be:6f:
c8:dc:9e:bc:0c:18:06:76:c0:eb:3e:3d:85:ae:af:09:2e:b8:
13:80:80:d5:87:29:90:ea:32:e5:8e:28:1a:c4:81:ed:d0:13:
09:d0:f2:c9:e4:c2:47:ce:80:e9:f0:b4:04:f2:27:d9:a1:21:
c6:77:f3:60:a4:72:21:a5:77:fa:0d:83:de:30:3d:20:d4:33:
4d:47:8d:67:a1:bc:4f:fc:e9:2c:87:ae:36:f7:42:fc:91:e8:
bb:6e:b6:c5:d0:fc:d8:1c:ec:75:c1:cc:d6:a8:ba:0f:72:24:
0c:76:57:3e:ec:c4:4d:66:f1:76:46:0f:b9:a3:d3:93:ab:e8:
8f:85:24:f9:7b:a7:2e:50:29:c3:bd:f5:75:5e:cb:b1:a8:d1:
b8:08:d9:9e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVzes1UiccQ71hTsSVQwhWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTkxYmEyM2NlOWU1N2Q4NDRmOTY1ZTNkYjA1ZTcxY2M0ZTg0YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDISrPBU5FlKtY+b8Fj4YpKF3BTG
/OTEfGMfL0m1OuBvxcUe3N0UW9fKWY57iMkDWwH0iwW6t9Qllhetlh06TwhdvaPj
9A418P2zT/WaOExvwmoDYX2A6cqr+p1RFbCU4kskNBEnTN7p9NQMRKdRSpugD5mf
jUWHSfCWHThwwvskRKjx1qLOSmodBy2Grbjx9N104sFu2sdDFCpp3YjzsTYhS19P
/2/tcOOJ8KO1YhfCLYDOnruOzSK28szxSd/l3lB6nkNMY8amBSpu96CmpQJY/aZr
+mmJ6laOp+1QFZXlujfZO73x3VkcAvWz+dwNjzxxsDYnF078V0GB+cnN9wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFH6RuiPOnlfYRPll49sF5xzE6ErSMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvZnBHNkk4NmVWOWhFLVdYajJ3WG5ITVRvU3RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZswAwQA
UNH/AwQCX9ZsAwQCuVFMAwQCuY5kAwQAw7X/AwQA1O3/MA0GCSqGSIb3DQEBCwUA
A4IBAQBzUWRyztrgPwvEGyk5wq4xLLEmOvoVXosa3rHOtgrZNBfBhtL3SzerL9+n
b4kNJtIthk/CUbzFZkpCT2sWeNBpaKRibksWtTBV/pEZ2cmHpxFQUshABGxQ+TnU
HLpZNWqgheq5A3D0B9cMvm/I3J68DBgGdsDrPj2Frq8JLrgTgIDVhymQ6jLljiga
xIHt0BMJ0PLJ5MJHzoDp8LQE8ifZoSHGd/NgpHIhpXf6DYPeMD0g1DNNR41nobxP
/Oksh64290L8kei7brbF0PzYHOx1wczWqLoPciQMdlc+7MRNZvF2Rg+5o9OTq+iP
hST5e6cuUCnDvfV1XsuxqNG4CNme
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org