Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/rCZ7zxFFGhKAanZmQXNTfbGVjmQ.roa
File: rCZ7zxFFGhKAanZmQXNTfbGVjmQ.roa (raw, json)
Hash identifier: 42Lpg1j4e/nmmhTTdnQOx30DGUlrnnZ5PcR+l5h/Wkc=
Subject key identifier: AC:26:7B:CF:11:45:1A:12:80:6A:76:66:41:73:53:7D:B1:95:8E:64
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185737ABE5AA2B7D6F52E3C1C9047934876
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/rCZ7zxFFGhKAanZmQXNTfbGVjmQ.roa
Signing time: Mon 02 Jan 2023 17:15:01 +0000
ROA not before: Mon 02 Jan 2023 17:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43160
IP address blocks: 185.44.233.0/24 maxlen: 24
185.44.232.0/22 maxlen: 24
212.63.118.0/24 maxlen: 24
212.63.116.0/22 maxlen: 24
212.63.123.0/24 maxlen: 24
212.63.119.0/24 maxlen: 24
212.63.120.0/24 maxlen: 24
212.63.122.0/24 maxlen: 24
185.162.172.0/23 maxlen: 24
185.94.48.0/22 maxlen: 24
195.82.104.0/24 maxlen: 24
195.82.106.0/24 maxlen: 24
185.196.203.0/24 maxlen: 24
185.196.202.0/23 maxlen: 24
185.196.202.0/24 maxlen: 24
85.217.136.0/24 maxlen: 24
85.217.138.0/24 maxlen: 24
85.217.135.0/24 maxlen: 24
85.217.137.0/24 maxlen: 24
85.217.142.0/24 maxlen: 24
85.217.143.0/24 maxlen: 24
85.217.141.0/24 maxlen: 24
85.217.146.0/24 maxlen: 24
85.217.150.0/24 maxlen: 24
85.217.152.0/24 maxlen: 24
85.217.151.0/24 maxlen: 24
85.217.158.0/24 maxlen: 24
85.217.154.0/24 maxlen: 24
85.217.157.0/24 maxlen: 24
85.217.159.0/24 maxlen: 24
85.217.153.0/24 maxlen: 24
85.217.155.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
185.130.24.0/22 maxlen: 24
88.98.96.0/23 maxlen: 24
88.98.96.0/20 maxlen: 24
88.98.98.0/24 maxlen: 24
88.98.104.0/23 maxlen: 24
88.98.99.0/24 maxlen: 24
88.98.100.0/22 maxlen: 24
88.98.106.0/23 maxlen: 24
88.98.111.0/24 maxlen: 24
88.98.110.0/24 maxlen: 24
185.130.26.0/23 maxlen: 24
185.202.164.0/24 maxlen: 24
185.202.164.0/23 maxlen: 24
185.202.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Feb 2023 16:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:7a:be:5a:a2:b7:d6:f5:2e:3c:1c:90:47:93:48:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 2 17:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac267bcf11451a12806a76664173537db1958e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:f8:4b:5e:d6:68:32:4e:48:71:a3:dd:72:
4f:48:fa:bd:de:93:36:76:7e:56:dd:59:f9:eb:bc:
9a:a3:5c:9d:f3:d4:1c:40:9d:34:5e:d3:a4:a5:b9:
d0:58:34:6d:45:84:cc:bc:64:60:43:78:72:2d:58:
0f:0b:35:0d:1b:10:8c:de:29:1f:74:e6:18:60:e9:
78:f6:e3:56:d0:b9:c0:78:d7:03:48:18:83:44:11:
e4:ac:8e:a1:71:4d:ea:a4:fc:45:93:82:04:42:a5:
66:0e:f9:91:f1:f0:ad:19:98:fd:d5:b8:59:b5:1e:
96:48:43:67:41:8c:ce:a2:88:84:c9:6d:45:8d:f9:
be:1a:bb:61:e3:04:33:8d:73:84:7e:f1:5d:04:33:
9a:3c:81:cc:89:25:8e:16:23:72:03:47:19:83:ca:
f0:1b:0f:7a:7a:78:b4:1b:1f:1f:ee:25:c9:55:2f:
3a:c7:c4:79:ee:f2:45:e8:5a:d5:16:78:b6:92:30:
9c:10:a9:d4:b5:db:f4:8d:92:13:fd:4f:5c:13:99:
fd:f4:e8:60:d6:11:c2:3c:ea:ab:4f:62:8b:c7:a0:
55:f0:ac:51:f7:69:1b:1c:83:8d:b9:82:28:3d:ff:
74:d0:e4:56:dd:cf:45:a6:8d:d3:5c:74:84:f2:a5:
fb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:26:7B:CF:11:45:1A:12:80:6A:76:66:41:73:53:7D:B1:95:8E:64
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/rCZ7zxFFGhKAanZmQXNTfbGVjmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.135.0-85.217.138.255
85.217.141.0-85.217.143.255
85.217.146.0/24
85.217.150.0-85.217.155.255
85.217.157.0-85.217.159.255
88.98.96.0/20
185.44.232.0/22
185.94.48.0/22
185.130.24.0/22
185.162.172.0/23
185.196.202.0/23
185.202.164.0/22
195.82.104.0/24
195.82.106.0/24
212.63.116.0-212.63.120.255
212.63.122.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:8c:7b:d7:7f:56:8b:29:81:2d:fa:58:0f:d6:62:be:cf:15:
a9:1b:de:ea:2d:d8:37:74:0b:e5:82:7d:07:51:dc:ec:48:b4:
a4:43:cb:e6:50:ef:87:72:d6:7b:69:65:6c:75:37:6a:58:3b:
d5:c2:7b:48:16:fc:0d:12:98:a6:d4:6d:52:6f:8d:e5:45:dd:
bf:92:9d:e6:b6:52:36:2c:d9:d8:22:c2:1b:e5:c5:42:80:5d:
01:2d:14:ea:40:54:ae:33:c1:cc:28:65:c8:d1:fb:14:65:f1:
f0:10:50:18:5d:20:50:a3:28:24:98:0e:81:45:34:54:e3:e2:
a6:fb:c5:61:6c:92:f3:cc:07:35:f0:ec:68:f3:0d:f3:02:3c:
d3:76:cc:44:ec:59:04:c8:7b:75:9b:e2:80:f7:69:3c:22:33:
f0:7d:f8:2d:a5:9d:6c:cf:79:fd:21:07:35:86:4a:de:64:dc:
e4:00:fd:92:71:fe:4e:90:69:ca:bf:54:23:b8:96:85:6c:9b:
f3:af:3f:b9:bd:dc:6e:05:ab:23:12:81:50:5f:c1:3f:64:5b:
1c:ec:1a:8f:d0:68:03:3f:54:36:73:e8:54:64:e9:c2:31:bc:
29:de:62:3c:c4:32:c3:32:48:6a:14:82:51:36:ba:be:8b:76:
27:ba:89:1e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYVzer5aorfW9S48HJBHk0h2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMTAyMTcxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzI2N2JjZjExNDUxYTEyODA2YTc2NjY0MTczNTM3ZGIxOTU4ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgv4S17WaDJOSHGj3XJPSPq93pM2
dn5W3Vn567yao1yd89QcQJ00XtOkpbnQWDRtRYTMvGRgQ3hyLVgPCzUNGxCM3ikf
dOYYYOl49uNW0LnAeNcDSBiDRBHkrI6hcU3qpPxFk4IEQqVmDvmR8fCtGZj91bhZ
tR6WSENnQYzOooiEyW1Fjfm+Grth4wQzjXOEfvFdBDOaPIHMiSWOFiNyA0cZg8rw
Gw96eni0Gx8f7iXJVS86x8R57vJF6FrVFni2kjCcEKnUtdv0jZIT/U9cE5n99Ohg
1hHCPOqrT2KLx6BV8KxR92kbHIONuYIoPf900ORW3c9Fpo3TXHSE8qX70wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKwme88RRRoSgGp2ZkFzU32xlY5kMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvckNaN3p4RkZHaEtBYW5abVFYTlRmYkdWam1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgwDAME
AFXZhwMEAFXZijAMAwQAVdmNAwQEVdmAAwQAVdmSMAwDBAFV2ZYDBAJV2ZgwDAME
AFXZnQMEBVXZgAMEBFhiYAMEArks6AMEArleMAMEArmCGAMEAbmirAMEAbnEygME
ArnKpAMEAMNSaAMEAMNSajAMAwQC1D90AwQA1D94AwQB1D96MA0GCSqGSIb3DQEB
CwUAA4IBAQBMjHvXf1aLKYEt+lgP1mK+zxWpG97qLdg3dAvlgn0HUdzsSLSkQ8vm
UO+HctZ7aWVsdTdqWDvVwntIFvwNEpim1G1Sb43lRd2/kp3mtlI2LNnYIsIb5cVC
gF0BLRTqQFSuM8HMKGXI0fsUZfHwEFAYXSBQoygkmA6BRTRU4+Km+8VhbJLzzAc1
8Oxo8w3zAjzTdsxE7FkEyHt1m+KA92k8IjPwffgtpZ1sz3n9IQc1hkreZNzkAP2S
cf5OkGnKv1QjuJaFbJvzrz+5vdxuBasjEoFQX8E/ZFsc7BqP0GgDP1Q2c+hUZOnC
Mbwp3mI8xDLDMkhqFIJRNrq+i3Ynuoke
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org