Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/h11vzY1Fk9VcFjJg0nSdj6kkp6g.roa
File: h11vzY1Fk9VcFjJg0nSdj6kkp6g.roa (raw, json)
Hash identifier: c9DqHk933MGMKe4iqeLvn2jrOh5N2I4dn+Psv9suakw=
Subject key identifier: 87:5D:6F:CD:8D:45:93:D5:5C:16:32:60:D2:74:9D:8F:A9:24:A7:A8
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018CC49383FF1720A0664CCA1C61C3E37D30
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/h11vzY1Fk9VcFjJg0nSdj6kkp6g.roa
Signing time: Mon 01 Jan 2024 10:30:50 +0000
ROA not before: Mon 01 Jan 2024 10:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 212.60.13.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
5.182.185.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 18:37:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:83:ff:17:20:a0:66:4c:ca:1c:61:c3:e3:7d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 1 10:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=875d6fcd8d4593d55c163260d2749d8fa924a7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8c:42:5d:c4:4f:f3:57:8f:e9:58:13:33:b5:
6c:59:f4:0c:35:b1:c6:42:2e:a4:82:c0:e9:cc:1c:
fb:6f:d5:97:fd:52:2f:b0:ec:72:5c:01:77:4f:a4:
21:10:4e:98:1c:75:b1:47:5e:aa:75:06:9f:96:46:
17:45:7c:24:ca:9d:d0:aa:e3:11:9b:fb:ad:d4:6e:
b1:e9:4e:1d:92:a4:0e:57:79:c7:e8:01:6d:5c:97:
7b:ef:0c:b9:47:97:cd:25:2f:80:a8:5f:e7:5e:6e:
ce:c7:10:85:a1:eb:68:6c:cc:2b:70:b0:b5:94:04:
3a:76:14:2d:d1:7b:eb:75:ac:9d:74:1b:51:a9:63:
16:94:c7:8c:c0:35:64:02:de:af:03:27:4c:6d:fa:
af:dd:89:8c:d1:51:15:28:05:d4:41:8e:fa:c7:bf:
6b:50:36:06:47:8d:ed:d5:e1:00:1f:9c:7a:59:e1:
d1:57:95:44:4c:fe:61:75:10:55:94:4b:a6:7c:72:
e7:67:3f:90:70:1b:97:d5:34:64:89:6d:04:9a:f4:
53:9e:66:11:26:3d:76:e8:fc:4d:7b:5b:95:12:36:
0c:21:94:31:d6:a3:f8:cd:f1:37:70:40:75:40:a7:
62:f0:c7:2e:de:e5:9c:6e:40:1a:67:c9:17:74:06:
2c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5D:6F:CD:8D:45:93:D5:5C:16:32:60:D2:74:9D:8F:A9:24:A7:A8
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/h11vzY1Fk9VcFjJg0nSdj6kkp6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.161.190.0/24
185.201.42.0/24
185.205.204.0/24
185.208.152.0/23
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
Signature Algorithm: sha256WithRSAEncryption
08:72:67:d9:9d:7b:62:c8:e9:c7:a3:7f:f7:d3:74:eb:cc:f7:
2e:19:ac:4b:56:68:a6:21:f0:59:ab:11:e2:04:0e:ae:6b:5a:
68:8e:c0:c8:f8:ae:ad:d6:8d:05:46:e7:97:ba:94:9c:1c:2d:
c1:79:00:a4:58:d2:a9:e1:9a:a5:10:34:4e:db:d3:a3:37:f8:
f7:5c:a7:4b:e9:5a:6d:21:02:ff:6e:07:86:5c:2c:00:63:a6:
18:92:fa:ed:5e:48:40:94:0b:94:13:3f:ba:0d:9f:ee:7e:81:
5c:35:a7:eb:13:fe:ed:7e:49:ab:55:36:39:af:4d:24:45:b7:
2f:49:0d:ec:69:d8:ff:0f:dd:72:0b:67:75:5d:e1:36:24:04:
fa:d6:f8:a9:de:6e:7b:03:48:85:65:7b:dd:f9:f5:42:a6:5c:
22:84:3c:13:b1:ac:6c:30:11:b0:c0:3b:6f:f2:70:e2:e4:39:
c2:7c:45:a5:39:76:48:e2:0e:1f:f1:ab:b5:f6:3a:98:73:35:
26:5d:56:23:d6:01:7b:ce:13:60:42:f6:9a:0e:af:35:18:8b:
2d:df:b7:00:41:52:30:0b:a1:58:d6:e6:a0:9c:f9:dd:ef:d9:
d7:6b:1a:01:f4:cf:b3:47:7d:1b:51:ce:a4:bd:2d:3e:7e:e1:
ba:87:9e:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzEk4P/FyCgZkzKHGHD430wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTAxMTAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVkNmZjZDhkNDU5M2Q1NWMxNjMyNjBkMjc0OWQ4ZmE5MjRhN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIxCXcRP81eP6VgTM7VsWfQMNbHG
Qi6kgsDpzBz7b9WX/VIvsOxyXAF3T6QhEE6YHHWxR16qdQaflkYXRXwkyp3QquMR
m/ut1G6x6U4dkqQOV3nH6AFtXJd77wy5R5fNJS+AqF/nXm7OxxCFoetobMwrcLC1
lAQ6dhQt0XvrdayddBtRqWMWlMeMwDVkAt6vAydMbfqv3YmM0VEVKAXUQY76x79r
UDYGR43t1eEAH5x6WeHRV5VETP5hdRBVlEumfHLnZz+QcBuX1TRkiW0EmvRTnmYR
Jj126PxNe1uVEjYMIZQx1qP4zfE3cEB1QKdi8Mcu3uWcbkAaZ8kXdAYsOwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFIddb82NRZPVXBYyYNJ0nY+pJKeoMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvaDExdnpZMUZrOVZjRmpKZzBuU2RqNmtrcDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABba5AwQB
BbbEAwQATh/NAwQAT2K3AwQAXPkdAwQAXpqrAwQAXpqyAwQAaOgkAwQAk07PAwQA
otpdAwQAuaG+AwQAuckqAwQAuc3MAwQBudCYAwQBuf14AwQA1DwNAwQA2cWqMA0G
CSqGSIb3DQEBCwUAA4IBAQAIcmfZnXtiyOnHo3/303TrzPcuGaxLVmimIfBZqxHi
BA6ua1pojsDI+K6t1o0FRueXupScHC3BeQCkWNKp4ZqlEDRO29OjN/j3XKdL6Vpt
IQL/bgeGXCwAY6YYkvrtXkhAlAuUEz+6DZ/ufoFcNafrE/7tfkmrVTY5r00kRbcv
SQ3sadj/D91yC2d1XeE2JAT61vip3m57A0iFZXvd+fVCplwihDwTsaxsMBGwwDtv
8nDi5DnCfEWlOXZI4g4f8au19jqYczUmXVYj1gF7zhNgQvaaDq81GIst37cAQVIw
C6FY1uagnPnd79nXaxoB9M+zR30bUc6kvS0+fuG6h55e
-----END CERTIFICATE-----
Generated at Fri Feb 9 21:14:27 2024 by rpki-client on console-ams.rpki-client.org