Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jlFdYfxhsVXMVxTBAdyyW1GMp30.roa
File: jlFdYfxhsVXMVxTBAdyyW1GMp30.roa (raw, json)
Hash identifier: JL8W8v2Ui4FyfavKsjlDfYHLJMKsNLW2r3DajyODYcQ=
Subject key identifier: 8E:51:5D:61:FC:61:B1:55:CC:57:14:C1:01:DC:B2:5B:51:8C:A7:7D
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 01857246D4BDC09752D2E27416333765DCB9
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jlFdYfxhsVXMVxTBAdyyW1GMp30.roa
Signing time: Mon 02 Jan 2023 11:38:42 +0000
ROA not before: Mon 02 Jan 2023 11:38:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42351
IP address blocks: 185.240.189.0/24 maxlen: 24
185.240.188.0/24 maxlen: 24
185.240.191.0/24 maxlen: 24
185.240.190.0/24 maxlen: 24
185.255.58.0/24 maxlen: 24
185.242.169.0/24 maxlen: 24
185.242.168.0/24 maxlen: 24
185.243.239.0/24 maxlen: 24
185.243.238.0/24 maxlen: 24
185.243.237.0/24 maxlen: 24
185.243.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d4:bd:c0:97:52:d2:e2:74:16:33:37:65:dc:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 2 11:38:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e515d61fc61b155cc5714c101dcb25b518ca77d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:27:04:51:69:81:14:b5:dc:73:94:12:f2:c1:
f5:2f:c3:a2:f1:f6:4b:12:07:d4:ce:c4:4e:5f:61:
6b:e6:e8:e3:25:06:76:ca:c3:8f:37:74:fc:c0:83:
35:1e:b3:65:8f:46:88:f0:f8:fc:51:a7:72:3a:ce:
3c:e1:d4:a4:0a:f5:0e:58:da:a3:82:18:88:af:1b:
01:79:32:bb:a1:f0:9c:7f:e7:50:c4:fa:05:26:a0:
97:8c:ef:51:95:d0:68:ff:06:b8:d5:c0:73:20:e4:
f4:28:0f:3c:0b:65:d2:47:7d:67:5b:8e:26:c1:64:
00:d8:dc:13:9a:dd:a3:68:94:e5:1e:54:48:c4:73:
30:f0:36:e9:11:31:83:94:a9:d2:80:52:18:e0:69:
e3:a0:07:c7:33:51:13:04:2a:2d:d6:9f:88:1a:50:
f0:ef:20:25:7b:5c:89:2b:13:00:83:cd:6b:65:92:
b2:0f:82:61:2f:23:19:f4:b4:7b:c3:e5:ba:0a:e2:
d8:54:7a:34:8c:a3:35:0c:07:93:64:29:da:4a:2f:
03:83:e8:89:03:e0:75:1a:62:b1:08:c4:f9:23:ab:
3d:55:49:b8:f1:95:57:0d:c2:ab:35:c9:33:a9:e5:
cf:02:1c:ee:6f:ed:bf:4e:db:bc:d2:1f:8a:46:2e:
13:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:51:5D:61:FC:61:B1:55:CC:57:14:C1:01:DC:B2:5B:51:8C:A7:7D
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/jlFdYfxhsVXMVxTBAdyyW1GMp30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.188.0/22
185.242.168.0/23
185.243.236.0/22
185.255.58.0/24
Signature Algorithm: sha256WithRSAEncryption
00:22:2a:05:32:c6:2d:af:8c:28:f3:44:2c:e8:7d:6b:b1:2c:
85:d4:9e:a3:f4:a8:61:1e:bb:89:40:1f:9e:a6:20:7a:81:b5:
eb:d6:88:7b:5d:bf:1e:8c:35:ed:68:17:52:3b:41:af:b5:c6:
3c:fb:0c:d5:df:be:65:f8:6f:4f:3d:b3:3c:ac:db:f9:13:82:
13:37:49:2f:c8:74:13:26:23:9b:8d:c9:0b:ce:be:e7:9a:73:
f8:98:49:69:68:d4:af:0e:f1:10:41:c8:6c:ba:85:12:ba:61:
29:1f:22:9c:b9:23:1e:c1:be:23:85:54:92:be:a7:5e:97:11:
d1:85:51:22:7f:c4:ae:f7:67:13:b7:f0:3c:e7:27:41:c6:0e:
eb:2d:04:45:7a:e5:2b:c6:9f:d6:b4:64:77:b8:85:94:87:13:
4e:5e:a5:70:a5:34:89:4b:07:8d:82:de:83:3b:7f:bc:15:94:
ca:fb:b9:a2:c2:81:45:6f:f4:2d:fa:e3:26:f6:6d:c8:d7:81:
d0:1c:1b:60:dc:a5:e6:fe:e1:84:b3:f0:b3:95:7f:84:a0:8a:
50:c5:c6:e7:2b:f8:31:57:f9:e5:5f:76:de:a8:d1:92:53:a9:
a3:86:12:58:4c:79:7f:78:dd:fc:87:5d:cf:3e:02:0b:63:f7:
75:c4:ce:82
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyRtS9wJdS0uJ0FjM3Zdy5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjMwMTAyMTEzODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUxNWQ2MWZjNjFiMTU1Y2M1NzE0YzEwMWRjYjI1YjUxOGNhNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCcEUWmBFLXcc5QS8sH1L8Oi8fZL
EgfUzsROX2Fr5ujjJQZ2ysOPN3T8wIM1HrNlj0aI8Pj8UadyOs484dSkCvUOWNqj
ghiIrxsBeTK7ofCcf+dQxPoFJqCXjO9RldBo/wa41cBzIOT0KA88C2XSR31nW44m
wWQA2NwTmt2jaJTlHlRIxHMw8DbpETGDlKnSgFIY4GnjoAfHM1ETBCot1p+IGlDw
7yAle1yJKxMAg81rZZKyD4JhLyMZ9LR7w+W6CuLYVHo0jKM1DAeTZCnaSi8Dg+iJ
A+B1GmKxCMT5I6s9VUm48ZVXDcKrNckzqeXPAhzub+2/Ttu80h+KRi4TMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI5RXWH8YbFVzFcUwQHcsltRjKd9MB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvamxGZFlmeGhzVlhNVnhUQkFkeXlXMUdNcDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCufC8AwQB
ufKoAwQCufPsAwQAuf86MA0GCSqGSIb3DQEBCwUAA4IBAQAAIioFMsYtr4wo80Qs
6H1rsSyF1J6j9KhhHruJQB+epiB6gbXr1oh7Xb8ejDXtaBdSO0GvtcY8+wzV375l
+G9PPbM8rNv5E4ITN0kvyHQTJiObjckLzr7nmnP4mElpaNSvDvEQQchsuoUSumEp
HyKcuSMewb4jhVSSvqdelxHRhVEif8Su92cTt/A85ydBxg7rLQRFeuUrxp/WtGR3
uIWUhxNOXqVwpTSJSweNgt6DO3+8FZTK+7miwoFFb/Qt+uMm9m3I14HQHBtg3KXm
/uGEs/CzlX+EoIpQxcbnK/gxV/nlX3beqNGSU6mjhhJYTHl/eN38h13PPgILY/d1
xM6C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:12 2024 by rpki-client on console-fra.rpki-client.org