Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/2RlG0DNdUJHzOSJTcNVS4QCDRC4.roa
File: 2RlG0DNdUJHzOSJTcNVS4QCDRC4.roa (raw, json)
Hash identifier: woUQixjUBwIJFEq2qvtQJ8a2Ep/FKCUNclKKbzk2Trc=
Subject key identifier: D9:19:46:D0:33:5D:50:91:F3:39:22:53:70:D5:52:E1:00:83:44:2E
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246D383186F29ED8DFD75387344B676
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/2RlG0DNdUJHzOSJTcNVS4QCDRC4.roa
Signing time: Mon 02 Jan 2023 11:38:42 +0000
ROA not before: Mon 02 Jan 2023 11:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41782
IP address blocks: 151.237.16.0/24 maxlen: 24
151.237.17.0/24 maxlen: 24
151.237.18.0/24 maxlen: 24
151.237.19.0/24 maxlen: 24
151.237.29.0/24 maxlen: 24
151.237.30.0/24 maxlen: 24
151.237.31.0/24 maxlen: 24
151.237.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jan 2023 10:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d3:83:18:6f:29:ed:8d:fd:75:38:73:44:b6:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d91946d0335d5091f339225370d552e10083442e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:10:d5:0c:77:2b:50:75:d3:8a:7e:64:be:17:
12:f4:9a:ee:8d:a4:39:26:8d:d9:fa:5f:b4:52:05:
0f:b1:ee:0b:b2:bb:09:bf:9e:f9:2e:15:e6:96:4b:
5a:79:45:4d:96:fa:14:5d:c1:ee:86:7a:94:2b:ed:
c6:33:7e:7e:84:e3:81:c3:a6:82:34:4d:6b:7e:11:
b8:94:8f:d2:05:66:a1:f9:83:0a:47:d9:78:42:af:
6e:0b:30:17:c0:6a:1f:44:ed:31:b4:19:19:6a:80:
67:b1:b5:ca:7d:90:4c:db:31:22:b9:97:92:a2:26:
8c:3a:8d:0b:9b:a2:35:e7:fd:87:60:d1:61:b7:39:
36:3b:17:f3:61:69:8e:bb:11:e0:ff:91:64:37:4c:
91:63:b8:50:7e:70:35:1f:af:61:7d:1b:4c:32:ff:
29:c4:e3:fc:16:55:fc:fe:64:72:83:2c:e0:5a:05:
bb:f9:d6:d5:55:b1:de:c1:29:d8:89:43:da:b5:17:
c2:d2:71:f7:9d:34:1b:55:99:21:88:c8:82:eb:72:
5f:af:86:6f:1c:43:e7:86:79:ad:3a:54:00:e6:e5:
b4:7b:77:40:56:fc:7c:c8:1f:b8:f3:61:69:cf:98:
7c:fb:09:bc:27:80:85:b8:79:75:77:56:1c:37:ff:
2a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:19:46:D0:33:5D:50:91:F3:39:22:53:70:D5:52:E1:00:83:44:2E
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/2RlG0DNdUJHzOSJTcNVS4QCDRC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.16.0/22
151.237.29.0-151.237.32.255
Signature Algorithm: sha256WithRSAEncryption
e3:06:28:6b:ef:2c:cc:81:ad:fd:f0:db:bb:c7:de:d5:14:d2:
83:4d:d9:7d:b3:c3:04:ab:26:02:92:59:2b:4e:37:6f:65:c7:
54:67:99:61:e4:5b:22:6e:62:65:f8:02:51:08:7c:cf:b4:14:
81:6d:13:06:21:e5:0c:70:58:b9:c6:a7:ec:94:14:f4:fb:e3:
e0:4f:21:d7:7e:12:ae:43:cd:50:0b:a6:a8:86:86:7e:8e:d5:
06:bf:77:ae:16:6e:45:6d:b3:b2:70:1b:99:e4:4b:31:6c:3f:
26:bf:55:d8:37:75:ec:ea:69:57:70:71:11:25:73:f5:92:88:
40:42:1e:27:e5:c8:1b:57:77:0c:76:b1:2f:cf:ff:5a:14:ad:
a2:df:90:ac:39:b4:34:a1:86:78:74:88:2a:f7:c1:2f:0a:0d:
8e:05:b3:09:31:b3:07:52:5f:2c:9d:17:79:d3:cb:a9:ff:7f:
c5:30:06:b4:46:c4:8c:e0:80:fb:63:29:c2:02:2f:f9:2c:5a:
35:61:b5:55:ef:50:2b:f9:a7:f2:98:51:2d:75:25:a6:e6:7d:
9e:a7:7a:ab:c0:8e:f5:0c:17:80:f0:17:78:91:fa:fc:6f:f6:
06:d2:03:58:09:e1:3e:e2:66:3e:2e:14:f3:77:73:da:8c:ca:
2f:d7:e3:2f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyRtODGG8p7Y39dThzRLZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE5NDZkMDMzNWQ1MDkxZjMzOTIyNTM3MGQ1NTJlMTAwODM0NDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRDVDHcrUHXTin5kvhcS9JrujaQ5
Jo3Z+l+0UgUPse4LsrsJv575LhXmlktaeUVNlvoUXcHuhnqUK+3GM35+hOOBw6aC
NE1rfhG4lI/SBWah+YMKR9l4Qq9uCzAXwGofRO0xtBkZaoBnsbXKfZBM2zEiuZeS
oiaMOo0Lm6I15/2HYNFhtzk2OxfzYWmOuxHg/5FkN0yRY7hQfnA1H69hfRtMMv8p
xOP8FlX8/mRygyzgWgW7+dbVVbHewSnYiUPatRfC0nH3nTQbVZkhiMiC63Jfr4Zv
HEPnhnmtOlQA5uW0e3dAVvx8yB+482Fpz5h8+wm8J4CFuHl1d1YcN/8qkwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNkZRtAzXVCR8zkiU3DVUuEAg0QuMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvMlJsRzBETmRVSkh6T1NKVGNOVlM0UUNEUkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCl+0QMAwD
BACX7R0DBACX7SAwDQYJKoZIhvcNAQELBQADggEBAOMGKGvvLMyBrf3w27vH3tUU
0oNN2X2zwwSrJgKSWStON29lx1RnmWHkWyJuYmX4AlEIfM+0FIFtEwYh5QxwWLnG
p+yUFPT74+BPIdd+Eq5DzVALpqiGhn6O1Qa/d64WbkVts7JwG5nkSzFsPya/Vdg3
dezqaVdwcRElc/WSiEBCHiflyBtXdwx2sS/P/1oUraLfkKw5tDShhnh0iCr3wS8K
DY4FswkxswdSXyydF3nTy6n/f8UwBrRGxIzggPtjKcICL/ksWjVhtVXvUCv5p/KY
US11JabmfZ6neqvAjvUMF4DwF3iR+vxv9gbSA1gJ4T7iZj4uFPN3c9qMyi/X4y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:11 2024 by rpki-client on console-fra.rpki-client.org