Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/riPLM8CjrjW-Lo6aNvkliyjU1ig.roa
File: riPLM8CjrjW-Lo6aNvkliyjU1ig.roa (raw, json)
Hash identifier: JxAWBpHPzT55cTGmcQZOqldLZIBTKXSEwu2dqq3WcQA=
Subject key identifier: AE:23:CB:33:C0:A3:AE:35:BE:2E:8E:9A:36:F9:25:8B:28:D4:D6:28
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01867A0A3FD20A22172D9D4634A57881BA4E
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/riPLM8CjrjW-Lo6aNvkliyjU1ig.roa
Signing time: Wed 22 Feb 2023 16:52:17 +0000
ROA not before: Wed 22 Feb 2023 16:52:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43160
IP address blocks: 185.44.233.0/24 maxlen: 24
185.44.232.0/22 maxlen: 24
212.63.118.0/24 maxlen: 24
212.63.116.0/22 maxlen: 24
212.63.123.0/24 maxlen: 24
212.63.119.0/24 maxlen: 24
212.63.120.0/24 maxlen: 24
212.63.122.0/24 maxlen: 24
185.162.172.0/23 maxlen: 24
185.94.48.0/22 maxlen: 24
195.82.104.0/24 maxlen: 24
195.82.106.0/24 maxlen: 24
185.235.103.0/24 maxlen: 24
185.196.203.0/24 maxlen: 24
185.196.202.0/23 maxlen: 24
185.196.202.0/24 maxlen: 24
85.217.136.0/24 maxlen: 24
85.217.138.0/24 maxlen: 24
85.217.135.0/24 maxlen: 24
85.217.137.0/24 maxlen: 24
85.217.142.0/24 maxlen: 24
85.217.143.0/24 maxlen: 24
85.217.141.0/24 maxlen: 24
85.217.146.0/24 maxlen: 24
85.217.150.0/24 maxlen: 24
85.217.152.0/24 maxlen: 24
85.217.151.0/24 maxlen: 24
85.217.158.0/24 maxlen: 24
85.217.154.0/24 maxlen: 24
85.217.157.0/24 maxlen: 24
85.217.159.0/24 maxlen: 24
85.217.153.0/24 maxlen: 24
85.217.155.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
185.130.24.0/22 maxlen: 24
88.98.96.0/23 maxlen: 24
88.98.96.0/20 maxlen: 24
88.98.98.0/24 maxlen: 24
88.98.104.0/23 maxlen: 24
88.98.99.0/24 maxlen: 24
88.98.100.0/22 maxlen: 24
88.98.106.0/23 maxlen: 24
88.98.111.0/24 maxlen: 24
88.98.110.0/24 maxlen: 24
185.130.26.0/23 maxlen: 24
185.202.164.0/24 maxlen: 24
185.202.164.0/23 maxlen: 24
185.202.166.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Mar 2023 10:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7a:0a:3f:d2:0a:22:17:2d:9d:46:34:a5:78:81:ba:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Feb 22 16:52:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae23cb33c0a3ae35be2e8e9a36f9258b28d4d628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:82:97:33:ec:a0:bb:5a:32:4b:06:80:84:9c:
24:93:6b:7b:2b:26:9e:72:64:70:b3:0a:d8:19:97:
60:f2:a6:44:43:28:d1:d8:08:8e:07:39:b5:12:c8:
c2:33:65:9d:d5:e4:c0:3e:96:b3:7e:ba:dc:02:d8:
5a:ad:b0:92:96:8f:e2:7a:98:89:05:e4:3a:a3:e9:
35:33:ca:ad:13:38:54:44:00:5f:fc:ce:11:83:5f:
71:98:14:c1:69:f5:9c:e6:d8:3b:ec:3b:42:5d:d5:
48:81:f4:91:d2:8f:b0:e8:15:2a:c0:aa:05:d2:9e:
cc:9f:86:2c:d7:42:af:cc:e4:23:0f:a4:62:de:1f:
83:ba:80:20:47:cc:45:90:33:c2:73:08:76:bb:d8:
eb:50:db:71:53:26:e6:c9:1e:2c:8f:0a:80:1a:4a:
d1:42:11:fa:12:0f:c0:63:0c:be:7c:80:03:54:32:
71:3c:0f:64:b7:3a:71:1e:c3:f7:e1:b5:20:d2:45:
83:69:fa:04:ac:10:84:21:6a:72:d0:0a:cc:9a:8e:
32:db:19:83:75:aa:74:d3:2b:5a:1d:b4:a2:9f:94:
16:96:17:d9:1e:d4:de:ef:51:81:02:a7:94:0b:ca:
ed:54:57:21:0c:1e:62:3e:cf:9b:4d:05:23:1f:bd:
75:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:23:CB:33:C0:A3:AE:35:BE:2E:8E:9A:36:F9:25:8B:28:D4:D6:28
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/riPLM8CjrjW-Lo6aNvkliyjU1ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.135.0-85.217.138.255
85.217.141.0-85.217.143.255
85.217.146.0/24
85.217.150.0-85.217.155.255
85.217.157.0-85.217.159.255
88.98.96.0/20
185.44.232.0/22
185.94.48.0/22
185.130.24.0/22
185.162.172.0/23
185.196.202.0/23
185.202.164.0/22
185.235.103.0/24
195.82.104.0/24
195.82.106.0/24
212.63.116.0-212.63.120.255
212.63.122.0/23
Signature Algorithm: sha256WithRSAEncryption
09:89:64:06:04:14:cc:c9:c8:b5:e7:00:f3:c7:52:76:fa:80:
5a:47:e2:c6:d6:71:91:70:ec:a6:d7:44:f3:49:66:bb:3b:c2:
4a:80:8d:0b:d3:6b:04:1f:02:74:7d:75:99:1b:5d:73:f0:4b:
5e:dc:61:18:14:27:49:5a:dd:9f:30:5c:05:35:64:e0:e4:58:
04:85:3d:7f:16:63:da:82:b5:5e:c1:96:d6:e6:a4:7c:40:94:
78:98:55:ed:6a:05:9e:56:1e:09:f9:08:20:d4:3c:00:b0:af:
32:b3:11:22:fd:33:16:0a:3e:7e:ab:bf:f0:a2:5d:81:67:0a:
c5:21:6b:78:c7:70:b7:cb:8b:ab:55:c2:26:1c:2e:be:e4:45:
f8:7b:80:58:ed:99:3f:6e:60:b8:04:7a:46:66:01:bb:ed:3c:
7d:d7:29:98:d0:d4:8a:1c:a6:86:21:90:60:2f:39:e8:78:f2:
3f:6d:b4:8e:58:59:8d:9f:72:e8:71:34:41:41:a9:88:18:9f:
5f:7d:bf:13:7d:db:9c:d4:ab:dc:21:7b:1b:ee:07:a6:70:6f:
ee:8e:1e:db:3f:1c:af:56:89:4f:fe:82:8e:d8:14:d4:23:78:
b6:a5:93:d7:4b:d6:64:62:50:fd:6e:a6:d9:92:37:21:e1:c6:
25:bc:d8:5e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYZ6Cj/SCiIXLZ1GNKV4gbpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjMwMjIyMTY1MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIzY2IzM2MwYTNhZTM1YmUyZThlOWEzNmY5MjU4YjI4ZDRkNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YKXM+ygu1oySwaAhJwkk2t7Kyae
cmRwswrYGZdg8qZEQyjR2AiOBzm1EsjCM2Wd1eTAPpazfrrcAtharbCSlo/iepiJ
BeQ6o+k1M8qtEzhURABf/M4Rg19xmBTBafWc5tg77DtCXdVIgfSR0o+w6BUqwKoF
0p7Mn4Ys10KvzOQjD6Ri3h+DuoAgR8xFkDPCcwh2u9jrUNtxUybmyR4sjwqAGkrR
QhH6Eg/AYwy+fIADVDJxPA9ktzpxHsP34bUg0kWDafoErBCEIWpy0ArMmo4y2xmD
dap00ytaHbSin5QWlhfZHtTe71GBAqeUC8rtVFchDB5iPs+bTQUjH711wQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFK4jyzPAo641vi6Omjb5JYso1NYoMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvcmlQTE04Q2pyalctTG82YU52a2xpeWpVMWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wDAME
AFXZhwMEAFXZijAMAwQAVdmNAwQEVdmAAwQAVdmSMAwDBAFV2ZYDBAJV2ZgwDAME
AFXZnQMEBVXZgAMEBFhiYAMEArks6AMEArleMAMEArmCGAMEAbmirAMEAbnEygME
ArnKpAMEALnrZwMEAMNSaAMEAMNSajAMAwQC1D90AwQA1D94AwQB1D96MA0GCSqG
SIb3DQEBCwUAA4IBAQAJiWQGBBTMyci15wDzx1J2+oBaR+LG1nGRcOym10TzSWa7
O8JKgI0L02sEHwJ0fXWZG11z8Ete3GEYFCdJWt2fMFwFNWTg5FgEhT1/FmPagrVe
wZbW5qR8QJR4mFXtagWeVh4J+Qgg1DwAsK8ysxEi/TMWCj5+q7/wol2BZwrFIWt4
x3C3y4urVcImHC6+5EX4e4BY7Zk/bmC4BHpGZgG77Tx91ymY0NSKHKaGIZBgLzno
ePI/bbSOWFmNn3LocTRBQamIGJ9ffb8Tfduc1KvcIXsb7gemcG/ujh7bPxyvVolP
/oKO2BTUI3i2pZPXS9ZkYlD9bqbZkjch4cYlvNhe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org