Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/H097YeTM_KF9bzX6xHY_CVqfGzo.roa
File: H097YeTM_KF9bzX6xHY_CVqfGzo.roa (raw, json)
Hash identifier: w6tpjwt0dDdFKc79aSF3lXLYKHHdRdd1MMJYFxgl8J8=
Subject key identifier: 1F:4F:7B:61:E4:CC:FC:A1:7D:6F:35:FA:C4:76:3F:09:5A:9F:1B:3A
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018B2E84C7CF18EC9F8E6C882E72B4B53647
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/H097YeTM_KF9bzX6xHY_CVqfGzo.roa
Signing time: Sat 14 Oct 2023 14:08:55 +0000
ROA not before: Sat 14 Oct 2023 14:08:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20750
IP address blocks: 151.237.72.0/21 maxlen: 24
85.187.240.0/23 maxlen: 23
85.187.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:84:c7:cf:18:ec:9f:8e:6c:88:2e:72:b4:b5:36:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Oct 14 14:08:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f4f7b61e4ccfca17d6f35fac4763f095a9f1b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:eb:dd:36:d0:dc:af:69:97:77:3b:92:0a:40:
ef:9f:c7:6c:d0:2c:6f:88:d9:47:04:e1:4f:3f:2c:
5f:ff:bb:c1:dc:4a:6f:aa:08:da:d0:0e:1f:ec:45:
9b:ce:03:20:f8:a9:b2:c6:2a:a0:c9:fa:05:b7:81:
8e:a8:08:a4:3e:de:0f:04:3f:da:14:cc:5e:fd:e1:
a1:d7:2c:21:ad:43:f8:a5:17:33:01:d0:21:81:f1:
47:e4:f7:f7:5d:6a:e0:cf:27:1b:e7:b3:b1:6c:d3:
a2:5f:6b:d0:7d:2b:69:6f:9a:7e:03:94:cf:af:9a:
7f:b1:d6:d5:dc:0f:36:4b:78:8d:f1:40:e7:96:a7:
37:0a:f4:64:3d:c3:c4:bd:8a:46:86:4a:17:40:ec:
a6:63:4b:3c:34:a7:82:7b:1e:5d:de:43:e1:0d:05:
bc:64:10:c7:a6:ca:76:c1:12:5c:ac:89:78:e0:34:
42:63:3f:47:fa:a2:fd:0f:c1:1d:53:a3:53:ce:67:
66:cc:5c:a5:d0:7b:9b:d6:47:ed:2b:66:6f:02:93:
98:22:56:f9:35:d3:39:bc:6f:00:e8:42:cf:c4:51:
56:2c:74:6c:1f:99:45:cd:3b:3e:cd:e6:e2:f3:1d:
af:55:58:53:ea:db:a8:f7:b2:d8:43:8c:38:2f:ac:
ab:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4F:7B:61:E4:CC:FC:A1:7D:6F:35:FA:C4:76:3F:09:5A:9F:1B:3A
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/H097YeTM_KF9bzX6xHY_CVqfGzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.236.0-85.187.241.255
151.237.72.0/21
Signature Algorithm: sha256WithRSAEncryption
27:ca:a0:f5:26:02:b8:44:e1:bb:36:37:7d:05:a7:11:bf:70:
a9:48:93:7f:10:11:6d:60:27:ce:3f:8b:ea:1c:c1:33:7a:5a:
bd:b2:b7:ea:48:34:df:47:5f:36:13:43:cf:5f:49:58:0b:fe:
9e:42:7b:03:6f:ae:c4:8b:95:3d:6e:0e:f1:bc:ae:d8:b4:2b:
b3:db:e4:9c:c2:8e:ef:65:8d:e6:cb:c2:c2:ab:38:de:8b:0a:
d6:52:e6:4d:17:bc:c1:4c:63:63:04:a9:9e:e9:08:d8:50:c5:
7f:4b:27:1c:46:35:bf:07:bf:70:12:93:8e:ed:02:e3:fa:5c:
d7:34:15:c6:bc:44:fd:5e:a8:f0:59:9c:7a:92:72:75:eb:d7:
4a:7a:28:3c:43:fd:9f:b4:12:34:3a:e3:a8:73:02:6b:95:9c:
69:f9:03:c8:fe:69:a4:cc:9e:de:41:31:7b:92:75:2b:6b:28:
fe:9c:d5:d1:52:a4:b2:7d:72:83:45:3f:f3:3f:44:47:e6:15:
d9:e0:9f:6d:b6:ce:d7:46:95:9b:0a:9a:49:c7:b7:80:8f:72:
cd:3f:bf:cb:75:d2:4d:f8:29:3f:c6:6a:03:7a:a6:5f:e2:d1:
02:95:81:23:9e:83:70:8f:e3:9c:9c:06:e5:22:75:2f:9b:81:
4d:0c:21:a0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYsuhMfPGOyfjmyILnK0tTZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMxMDE0MTQwODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRmN2I2MWU0Y2NmY2ExN2Q2ZjM1ZmFjNDc2M2YwOTVhOWYxYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOvdNtDcr2mXdzuSCkDvn8ds0Cxv
iNlHBOFPPyxf/7vB3Epvqgja0A4f7EWbzgMg+KmyxiqgyfoFt4GOqAikPt4PBD/a
FMxe/eGh1ywhrUP4pRczAdAhgfFH5Pf3XWrgzycb57OxbNOiX2vQfStpb5p+A5TP
r5p/sdbV3A82S3iN8UDnlqc3CvRkPcPEvYpGhkoXQOymY0s8NKeCex5d3kPhDQW8
ZBDHpsp2wRJcrIl44DRCYz9H+qL9D8EdU6NTzmdmzFyl0Hub1kftK2ZvApOYIlb5
NdM5vG8A6ELPxFFWLHRsH5lFzTs+zebi8x2vVVhT6tuo97LYQ4w4L6yrVwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB9Pe2HkzPyhfW81+sR2Pwlanxs6MB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvSDA5N1llVE1fS0Y5YnpYNnhIWV9DVnFmR3pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJVu+wD
BAFVu/ADBAOX7UgwDQYJKoZIhvcNAQELBQADggEBACfKoPUmArhE4bs2N30FpxG/
cKlIk38QEW1gJ84/i+ocwTN6Wr2yt+pINN9HXzYTQ89fSVgL/p5CewNvrsSLlT1u
DvG8rti0K7Pb5JzCju9ljebLwsKrON6LCtZS5k0XvMFMY2MEqZ7pCNhQxX9LJxxG
Nb8Hv3ASk47tAuP6XNc0Fca8RP1eqPBZnHqScnXr10p6KDxD/Z+0EjQ646hzAmuV
nGn5A8j+aaTMnt5BMXuSdStrKP6c1dFSpLJ9coNFP/M/REfmFdngn222ztdGlZsK
mknHt4CPcs0/v8t10k34KT/GagN6pl/i0QKVgSOeg3CP45ycBuUidS+bgU0MIaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:41 2024 by rpki-client on console-ams.rpki-client.org