Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jfGYrib_VG1xzoWh3eYWBhtRXtA.roa
File: jfGYrib_VG1xzoWh3eYWBhtRXtA.roa (raw, json)
Hash identifier: s1ZT0QhNd+pcP8wiosk8Y9y+AVVmQTRLLoFcwZqr/J4=
Subject key identifier: 8D:F1:98:AE:26:FF:54:6D:71:CE:85:A1:DD:E6:16:06:1B:51:5E:D0
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246CE7FEEF4689C005C33A6556AB6AE
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jfGYrib_VG1xzoWh3eYWBhtRXtA.roa
Signing time: Mon 02 Jan 2023 11:38:40 +0000
ROA not before: Mon 02 Jan 2023 11:38:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31287
IP address blocks: 185.46.163.0/24 maxlen: 24
185.46.160.0/22 maxlen: 22
85.187.205.0/24 maxlen: 24
85.187.206.0/24 maxlen: 24
85.187.204.0/24 maxlen: 24
85.187.207.0/24 maxlen: 24
85.187.222.0/24 maxlen: 24
85.187.232.0/24 maxlen: 24
85.187.235.0/24 maxlen: 24
85.187.234.0/24 maxlen: 24
85.187.248.0/24 maxlen: 24
85.187.250.0/24 maxlen: 24
85.187.42.0/24 maxlen: 24
85.187.50.0/24 maxlen: 24
85.187.63.0/24 maxlen: 24
85.187.62.0/24 maxlen: 24
46.55.252.0/22 maxlen: 22
46.55.252.0/24 maxlen: 24
46.55.253.0/24 maxlen: 24
151.237.128.0/24 maxlen: 24
85.187.4.0/24 maxlen: 24
85.187.3.0/24 maxlen: 24
85.187.6.0/24 maxlen: 24
85.187.8.0/24 maxlen: 24
85.187.10.0/23 maxlen: 23
85.187.15.0/24 maxlen: 24
85.187.18.0/24 maxlen: 24
85.187.20.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
46.55.254.0/24 maxlen: 24
77.78.152.0/21 maxlen: 21
77.78.154.0/24 maxlen: 24
77.78.153.0/24 maxlen: 24
77.78.159.0/24 maxlen: 24
185.72.58.0/24 maxlen: 24
80.72.64.0/24 maxlen: 24
151.237.91.0/24 maxlen: 24
80.72.72.0/24 maxlen: 24
151.237.92.0/24 maxlen: 24
151.237.93.0/24 maxlen: 24
195.85.215.0/24 maxlen: 24
151.237.36.0/22 maxlen: 22
151.237.36.0/24 maxlen: 24
151.237.38.0/24 maxlen: 24
151.237.37.0/24 maxlen: 24
151.237.39.0/24 maxlen: 24
185.200.40.0/22 maxlen: 22
151.237.63.0/24 maxlen: 24
2a01:9e40::/32 maxlen: 32
2a03:b540::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Jan 2023 10:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ce:7f:ee:f4:68:9c:00:5c:33:a6:55:6a:b6:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8df198ae26ff546d71ce85a1dde616061b515ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:25:09:ba:b0:96:be:e9:d5:d5:0a:9e:49:
ea:30:03:ce:60:dd:38:64:74:18:cb:8c:75:63:96:
5f:1f:56:c8:53:4e:3c:c4:97:e9:35:70:0a:dd:15:
9c:75:13:ba:b5:27:2d:2b:44:c1:03:07:ca:ff:40:
32:4e:78:47:06:a9:87:e8:2a:33:a1:30:b3:55:ce:
6f:6f:a2:95:2a:c6:fb:4b:76:50:94:98:ea:89:d9:
05:75:d2:e8:a5:d5:34:30:a1:80:5e:aa:08:81:04:
1c:d2:65:6e:ce:2d:e8:dd:99:58:dd:33:2a:3a:e1:
18:ed:42:66:e0:a1:21:bf:af:50:0e:b6:35:14:84:
e1:ba:b4:1c:bb:45:ca:2e:d8:9e:ae:8f:e3:dd:b8:
f2:de:5a:56:5c:6b:48:c6:30:07:9e:86:71:c1:5e:
e5:ae:bc:1b:23:ed:43:ce:54:28:bf:05:ba:49:54:
c1:bf:ca:68:ba:ae:80:93:7e:3e:7f:c8:be:ac:f9:
57:8a:57:96:fa:86:c4:dd:7d:5f:bc:23:00:0b:ee:
50:1a:8b:b6:09:d7:0b:08:33:20:45:7d:0f:9c:cd:
22:98:04:f7:44:72:4b:3b:15:64:ac:5d:36:d0:45:
32:34:c6:3c:e6:7d:af:9c:6b:31:48:bb:cc:2b:11:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F1:98:AE:26:FF:54:6D:71:CE:85:A1:DD:E6:16:06:1B:51:5E:D0
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jfGYrib_VG1xzoWh3eYWBhtRXtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.252.0/22
77.78.152.0/21
80.72.64.0/24
80.72.72.0/24
85.187.3.0-85.187.4.255
85.187.6.0/24
85.187.8.0/24
85.187.10.0/23
85.187.15.0/24
85.187.18.0/24
85.187.20.0/24
85.187.42.0/24
85.187.50.0/24
85.187.62.0/23
85.187.184.0/23
85.187.204.0/22
85.187.222.0/24
85.187.232.0/24
85.187.234.0/23
85.187.248.0/24
85.187.250.0/24
151.237.36.0/22
151.237.63.0/24
151.237.91.0-151.237.93.255
151.237.128.0/24
185.46.160.0/22
185.72.58.0/24
185.200.40.0/22
195.85.215.0/24
IPv6:
2a01:9e40::/32
2a03:b540::/32
Signature Algorithm: sha256WithRSAEncryption
32:b9:48:e6:1b:9f:44:78:7e:79:9c:03:14:df:e7:4c:58:56:
ae:61:7a:c4:6e:25:0a:ad:d3:4c:68:69:0d:41:a8:41:53:3c:
49:da:48:02:ea:1d:a4:65:1c:82:f4:25:8a:05:15:f6:f1:d5:
6e:d0:d4:14:3a:b0:58:56:e2:52:47:a9:e4:2b:65:68:f2:47:
5a:ce:32:cf:6e:dd:ec:f4:fe:a2:49:2c:9e:65:c4:75:67:f5:
bb:a2:08:d3:af:51:55:e8:c0:89:a6:02:88:c2:3a:0b:fb:f4:
09:5a:a1:87:e7:18:67:a3:fc:72:81:fd:32:98:b7:a2:01:44:
ca:b9:4b:54:52:fd:91:74:35:a8:ba:b2:d2:3c:ec:95:d6:58:
6a:d6:36:1b:90:a5:ad:82:aa:5f:82:bb:07:b1:ac:b4:8f:16:
b1:fd:79:81:42:68:6e:e5:05:e9:5c:18:e3:9f:13:47:c3:f3:
07:9e:85:af:75:4f:d7:ca:89:3a:8e:c0:42:7c:72:07:de:2c:
f1:f4:ff:0b:a2:d1:f0:c6:ed:cc:d2:fc:ae:86:49:ab:cd:30:
e1:18:7c:bc:a2:82:e9:89:7d:99:87:e5:64:8f:1e:e0:0e:6e:
3c:5c:fe:61:81:7d:d9:99:68:ba:06:83:de:4e:8a:e1:3a:4d:
ab:58:03:ae
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYVyRs5/7vRonABcM6ZVarauMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGYxOThhZTI2ZmY1NDZkNzFjZTg1YTFkZGU2MTYwNjFiNTE1ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7QlCbqwlr7p1dUKnknqMAPOYN04
ZHQYy4x1Y5ZfH1bIU048xJfpNXAK3RWcdRO6tSctK0TBAwfK/0AyTnhHBqmH6Coz
oTCzVc5vb6KVKsb7S3ZQlJjqidkFddLopdU0MKGAXqoIgQQc0mVuzi3o3ZlY3TMq
OuEY7UJm4KEhv69QDrY1FIThurQcu0XKLtiero/j3bjy3lpWXGtIxjAHnoZxwV7l
rrwbI+1DzlQovwW6SVTBv8pouq6Ak34+f8i+rPlXileW+obE3X1fvCMAC+5QGou2
CdcLCDMgRX0PnM0imAT3RHJLOxVkrF020EUyNMY85n2vnGsxSLvMKxHRGwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFI3xmK4m/1Rtcc6Fod3mFgYbUV7QMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvamZHWXJpYl9WRzF4em9XaDNlWVdCaHRSWHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCBxQQCAAEwgb4DBAIu
N/wDBANNTpgDBABQSEADBABQSEgwDAMEAFW7AwMEAFW7BAMEAFW7BgMEAFW7CAME
AVW7CgMEAFW7DwMEAFW7EgMEAFW7FAMEAFW7KgMEAFW7MgMEAVW7PgMEAVW7uAME
AlW7zAMEAFW73gMEAFW76AMEAVW76gMEAFW7+AMEAFW7+gMEApftJAMEAJftPzAM
AwQAl+1bAwQBl+1cAwQAl+2AAwQCuS6gAwQAuUg6AwQCucgoAwQAw1XXMBQEAgAC
MA4DBQAqAZ5AAwUAKgO1QDANBgkqhkiG9w0BAQsFAAOCAQEAMrlI5hufRHh+eZwD
FN/nTFhWrmF6xG4lCq3TTGhpDUGoQVM8SdpIAuodpGUcgvQligUV9vHVbtDUFDqw
WFbiUkep5CtlaPJHWs4yz27d7PT+okksnmXEdWf1u6II069RVejAiaYCiMI6C/v0
CVqhh+cYZ6P8coH9Mpi3ogFEyrlLVFL9kXQ1qLqy0jzsldZYatY2G5ClrYKqX4K7
B7GstI8Wsf15gUJobuUF6VwY458TR8PzB56Fr3VP18qJOo7AQnxyB94s8fT/C6LR
8MbtzNL8roZJq80w4Rh8vKKC6Yl9mYflZI8e4A5uPFz+YYF92ZlougaD3k6K4TpN
q1gDrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:12 2024 by rpki-client on console-fra.rpki-client.org