Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-_Fbgw5gcD9UXjXmyazymULRxow.roa
File: 1-_Fbgw5gcD9UXjXmyazymULRxow.roa (raw, json)
Hash identifier: VFrYIh+HydXQudjETxjJmNoPKpOt/VgASUkatEKI+Js=
Subject key identifier: FB:F1:5B:83:0E:60:70:3F:54:5E:35:E6:C9:AC:F2:99:42:D1:C6:8C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018AFA6DF200164FCB125D3AD2614A94A2F2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-_Fbgw5gcD9UXjXmyazymULRxow.roa
Signing time: Wed 04 Oct 2023 11:23:43 +0000
ROA not before: Wed 04 Oct 2023 11:23:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.209.36.0/23 maxlen: 24
185.220.249.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.251.231.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.121.12.0/22 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.206.248.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
176.125.248.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Nov 2023 16:57:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:6d:f2:00:16:4f:cb:12:5d:3a:d2:61:4a:94:a2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 4 11:23:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbf15b830e60703f545e35e6c9acf29942d1c68c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1c:c1:42:4a:1f:ce:39:e4:c1:ac:b3:f2:4d:
9f:1f:ed:68:d9:03:6a:88:2a:ad:38:4b:4c:c5:69:
0a:26:3f:53:72:c6:6d:2a:4e:18:db:9b:b2:1e:9a:
3f:fe:c3:dc:3a:d7:32:1b:c7:0f:38:d1:2d:f0:8d:
99:51:21:ae:99:9e:c8:9a:63:1b:cb:89:40:2f:77:
bd:70:72:47:e0:d0:f3:a6:0f:e9:0f:ad:70:48:6c:
bd:38:be:f0:7e:bd:a8:83:0d:22:9c:72:5f:08:09:
18:96:7b:2e:03:72:39:52:67:a6:ef:cc:9a:59:5a:
ef:f9:9f:24:36:29:2d:d7:4e:58:e2:d7:73:f8:9a:
9f:0a:32:d8:99:f1:16:fe:08:61:1f:6e:70:4f:92:
fd:66:96:c5:1d:ee:43:c6:0a:98:a7:be:84:1b:33:
f0:eb:10:5f:e6:ac:01:1d:45:82:fa:ae:b3:bc:aa:
fd:e8:ed:e8:b4:75:60:86:58:97:d2:5f:6f:49:3f:
89:28:05:6d:8c:20:b4:3d:bb:2d:71:63:f2:5f:a0:
ac:b5:c5:55:69:ab:b3:af:b1:79:f5:a7:ac:e9:1e:
80:d9:e7:9a:40:93:38:ea:df:cc:99:fa:e1:3c:5d:
80:de:d8:f5:8f:19:29:83:b3:2d:78:d7:09:03:f0:
c1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F1:5B:83:0E:60:70:3F:54:5E:35:E6:C9:AC:F2:99:42:D1:C6:8C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-_Fbgw5gcD9UXjXmyazymULRxow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.121.12.0/22
185.199.159.0/24
185.206.248.0/23
185.206.251.0/24
185.209.36.0/23
185.210.152.0/22
185.220.249.0/24
185.223.76.0/24
185.223.80.0/24
185.225.2.0/24
185.226.105.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
31:95:ee:a5:06:06:7a:d2:94:67:ea:fa:98:d8:f6:8b:27:fa:
5b:ab:7f:35:4a:c2:41:ca:72:c1:4a:1c:69:e2:db:55:f8:b3:
a3:4b:7c:fd:d9:2a:ba:e6:38:c6:a3:79:97:7e:f5:b6:ef:76:
66:29:84:1c:09:25:c9:f9:16:7f:71:7e:8f:dd:aa:0a:86:cf:
a9:0b:8e:ff:c6:4d:f8:88:1d:be:75:61:54:04:37:cb:81:9e:
64:59:af:f2:ce:98:6e:ce:a3:74:83:33:e8:6c:26:d9:6a:5b:
ad:36:d0:18:ad:3e:ba:07:02:5d:85:48:e4:f8:fd:e7:9c:81:
d7:22:74:c0:c8:6c:8f:de:6b:db:cf:43:97:02:8a:8e:15:6e:
ca:06:49:02:3b:c9:d2:9c:08:4f:0b:3d:f6:8a:8a:6d:03:55:
61:9d:d0:11:f4:17:6f:91:d9:53:74:d1:ca:d6:6e:c4:cb:54:
44:9a:a8:d9:69:ab:e1:38:65:00:e3:d7:aa:10:3b:8c:9f:72:
28:e8:6a:f6:74:2b:fa:2d:78:bb:21:9c:82:1f:95:1e:b5:87:
a3:8c:49:08:f0:de:17:1a:f9:a8:1a:4b:90:36:31:c2:48:4b:
98:f8:72:83:78:d5:ab:0b:80:cb:bd:33:8f:b9:09:f1:38:3d:
f4:b3:91:b0
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYr6bfIAFk/LEl060mFKlKLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDA0MTEyMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmYxNWI4MzBlNjA3MDNmNTQ1ZTM1ZTZjOWFjZjI5OTQyZDFjNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hzBQkofzjnkwayz8k2fH+1o2QNq
iCqtOEtMxWkKJj9TcsZtKk4Y25uyHpo//sPcOtcyG8cPONEt8I2ZUSGumZ7ImmMb
y4lAL3e9cHJH4NDzpg/pD61wSGy9OL7wfr2ogw0inHJfCAkYlnsuA3I5Umem78ya
WVrv+Z8kNikt105Y4tdz+JqfCjLYmfEW/ghhH25wT5L9ZpbFHe5DxgqYp76EGzPw
6xBf5qwBHUWC+q6zvKr96O3otHVghliX0l9vST+JKAVtjCC0PbstcWPyX6CstcVV
aauzr7F59aes6R6A2eeaQJM46t/MmfrhPF2A3tj1jxkpg7MteNcJA/DBEwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFPvxW4MOYHA/VF415sms8plC0caMMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1fRmJndzVnY0Q5VVhqWG15YXp5bVVMUnhvdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRqMGgwZgQCAAEwYAMEALB9+AME
Arl5DAMEALnHnwMEAbnO+AMEALnO+wMEAbnRJAMEArnSmAMEALnc+QMEALnfTAME
ALnfUAMEALnhAgMEALniaQMEArnqFAMEArnu5AMEAbnweAMEALn75zANBgkqhkiG
9w0BAQsFAAOCAQEAMZXupQYGetKUZ+r6mNj2iyf6W6t/NUrCQcpywUocaeLbVfiz
o0t8/dkquuY4xqN5l371tu92ZimEHAklyfkWf3F+j92qCobPqQuO/8ZN+IgdvnVh
VAQ3y4GeZFmv8s6Ybs6jdIMz6Gwm2WpbrTbQGK0+ugcCXYVI5Pj955yB1yJ0wMhs
j95r289DlwKKjhVuygZJAjvJ0pwITws99oqKbQNVYZ3QEfQXb5HZU3TRytZuxMtU
RJqo2Wmr4ThlAOPXqhA7jJ9yKOhq9nQr+i14uyGcgh+VHrWHo4xJCPDeFxr5qBpL
kDYxwkhLmPhyg3jVqwuAy70zj7kJ8Tg99LORsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:20 2024 by rpki-client on console-ams.rpki-client.org