Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/c5PAbvPQZx-CVfhhFYRLSuHu8bQ.roa
File: c5PAbvPQZx-CVfhhFYRLSuHu8bQ.roa (raw, json)
Hash identifier: e0gLJ4P92N3tCnoCCt5I2pOdWkIfFdu1KfDAB1CRBBY=
Subject key identifier: 73:93:C0:6E:F3:D0:67:1F:82:55:F8:61:15:84:4B:4A:E1:EE:F1:B4
Certificate issuer: /CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Certificate serial: 018D9D3B8D269DB658A7DB0B889D1B723FEE
Authority key identifier: BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/c5PAbvPQZx-CVfhhFYRLSuHu8bQ.roa
Signing time: Mon 12 Feb 2024 12:12:22 +0000
ROA not before: Mon 12 Feb 2024 12:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.118.79.0/24 maxlen: 24
193.68.89.0/24 maxlen: 24
213.21.232.0/24 maxlen: 24
213.21.236.0/24 maxlen: 24
213.21.237.0/24 maxlen: 24
213.21.239.0/24 maxlen: 24
213.21.245.0/24 maxlen: 24
213.21.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 12:03:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:3b:8d:26:9d:b6:58:a7:db:0b:88:9d:1b:72:3f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfdfe6dca8ac7bfa1a9450ef99fd315ed02acd9
Validity
Not Before: Feb 12 12:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7393c06ef3d0671f8255f86115844b4ae1eef1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7e:4a:ae:f7:e6:e7:9c:6b:b4:b2:fb:c6:b7:
3a:b9:2c:34:13:76:68:e1:c6:b1:a6:18:5e:e1:3d:
b5:53:ed:57:44:61:7c:6d:5a:b8:f5:59:4e:56:cc:
9b:4e:99:f0:d6:9f:de:f2:2e:1f:80:33:4e:f4:8f:
cf:7d:fd:b6:24:3d:12:0b:b6:b2:67:c5:dc:f6:df:
96:c4:12:5f:4f:3b:3e:5a:43:10:87:01:95:17:98:
32:c3:50:1d:e7:ed:64:41:74:06:20:14:67:c8:bc:
12:d5:b3:83:38:84:a8:e9:ae:b6:28:2f:e0:8e:51:
2b:23:1a:79:f0:b5:d2:32:87:14:a2:5f:b3:83:41:
8a:92:c7:d6:56:66:9e:d4:10:50:27:b2:63:6b:5f:
72:34:da:90:6d:f3:71:15:60:2b:c2:2e:5b:00:13:
49:6d:e7:84:71:19:1a:29:33:98:c3:6d:76:92:2b:
e0:25:69:63:e4:d4:68:67:af:f5:f8:10:bc:ea:a1:
6a:b7:16:b8:1f:4e:ec:3c:3a:85:b0:37:f0:72:fa:
93:4b:5b:e7:cc:39:6a:2b:e6:24:2a:c7:71:46:2c:
e1:63:70:d5:e8:b1:74:bf:2d:39:63:83:45:ee:71:
97:2d:af:15:69:f4:ec:b6:49:f5:77:10:55:ce:63:
6a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:93:C0:6E:F3:D0:67:1F:82:55:F8:61:15:84:4B:4A:E1:EE:F1:B4
X509v3 Authority Key Identifier:
keyid:BC:FD:FE:6D:CA:8A:C7:BF:A1:A9:45:0E:F9:9F:D3:15:ED:02:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/c5PAbvPQZx-CVfhhFYRLSuHu8bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/c9de13-5b74-413d-b2fb-1af2465a8eec/1/vP3-bcqKx7-hqUUO-Z_TFe0CrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.79.0/24
193.68.89.0/24
213.21.232.0/24
213.21.236.0/23
213.21.239.0/24
213.21.245.0/24
213.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:8f:d2:8f:29:bf:7e:f6:c0:d5:87:88:5d:96:37:29:fd:7a:
14:48:6d:5c:7a:d1:02:05:2b:d3:11:0c:f4:31:6b:62:db:36:
ff:8e:35:c5:67:03:f2:dc:1b:ad:41:45:49:d7:5b:6f:79:e3:
ec:91:99:a8:36:56:58:4a:72:42:c7:0b:8e:3c:6e:a3:85:a4:
67:01:40:87:64:98:91:05:17:c3:67:bd:40:05:ee:be:74:7b:
9b:bc:09:d8:bf:dd:cf:9f:e3:49:b3:a6:b2:93:9e:18:8a:7c:
de:e2:d4:ae:fb:74:c8:48:60:09:9a:cb:fb:5e:28:68:97:49:
db:22:05:b0:ff:9b:31:44:51:9a:66:8d:2b:93:d4:3f:93:0a:
5a:8e:c0:21:46:f0:33:78:49:f0:bf:ec:d3:16:91:33:6e:e9:
be:ce:9c:ee:5c:78:8a:b9:34:ab:a6:46:47:d1:69:0b:60:8f:
38:18:91:03:ce:c7:d9:c8:9c:f4:84:2a:14:47:bc:da:4b:f5:
27:7f:67:cf:ad:9c:f7:e9:ad:d3:b5:46:2a:45:69:2d:ac:93:
1b:79:c3:ee:f7:b8:8c:07:72:2f:0d:3c:22:a5:45:df:47:ea:
5b:63:48:be:fc:f7:48:60:b7:54:2d:f9:35:f0:45:80:2d:22:
ee:68:1b:be
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2dO40mnbZYp9sLiJ0bcj/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmRmZTZkY2E4YWM3YmZhMWE5NDUwZWY5OWZkMzE1ZWQw
MmFjZDkwHhcNMjQwMjEyMTIxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzkzYzA2ZWYzZDA2NzFmODI1NWY4NjExNTg0NGI0YWUxZWVmMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH5Krvfm55xrtLL7xrc6uSw0E3Zo
4caxphhe4T21U+1XRGF8bVq49VlOVsybTpnw1p/e8i4fgDNO9I/Pff22JD0SC7ay
Z8Xc9t+WxBJfTzs+WkMQhwGVF5gyw1Ad5+1kQXQGIBRnyLwS1bODOISo6a62KC/g
jlErIxp58LXSMocUol+zg0GKksfWVmae1BBQJ7Jja19yNNqQbfNxFWArwi5bABNJ
beeEcRkaKTOYw212kivgJWlj5NRoZ6/1+BC86qFqtxa4H07sPDqFsDfwcvqTS1vn
zDlqK+YkKsdxRizhY3DV6LF0vy05Y4NF7nGXLa8VafTstkn1dxBVzmNqDQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHOTwG7z0GcfglX4YRWES0rh7vG0MB8GA1UdIwQY
MBaAFLz9/m3Kise/oalFDvmf0xXtAqzZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmIt
MWFmMjQ2NWE4ZWVjLzEvYzVQQWJ2UFFaeC1DVmZoaEZZUkxTdUh1OGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jOWRlMTMtNWI3NC00MTNkLWIyZmItMWFmMjQ2NWE4ZWVj
LzEvdlAzLWJjcUt4Ny1ocVVVTy1aX1RGZTBDck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAuXZPAwQA
wURZAwQA1RXoAwQB1RXsAwQA1RXvAwQA1RX1AwQA1RX9MA0GCSqGSIb3DQEBCwUA
A4IBAQAvj9KPKb9+9sDVh4hdljcp/XoUSG1cetECBSvTEQz0MWti2zb/jjXFZwPy
3ButQUVJ11tveePskZmoNlZYSnJCxwuOPG6jhaRnAUCHZJiRBRfDZ71ABe6+dHub
vAnYv93Pn+NJs6ayk54Yinze4tSu+3TISGAJmsv7Xihol0nbIgWw/5sxRFGaZo0r
k9Q/kwpajsAhRvAzeEnwv+zTFpEzbum+zpzuXHiKuTSrpkZH0WkLYI84GJEDzsfZ
yJz0hCoUR7zaS/Unf2fPrZz36a3TtUYqRWktrJMbecPu97iMB3IvDTwipUXfR+pb
Y0i+/PdIYLdULfk18EWALSLuaBu+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org