Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/d5Fk20kow4Ikqh_M9yikJJHmFH0.roa
File: d5Fk20kow4Ikqh_M9yikJJHmFH0.roa (raw, json)
Hash identifier: eCisxZ6edKh2D4F3oPpx3a43Deui1OowYozF0bMQVa0=
Subject key identifier: 77:91:64:DB:49:28:C3:82:24:AA:1F:CC:F7:28:A4:24:91:E6:14:7D
Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Certificate serial: 018CCA29F1B0F78D25919F29401C71DD9B2C
Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/d5Fk20kow4Ikqh_M9yikJJHmFH0.roa
Signing time: Tue 02 Jan 2024 12:33:15 +0000
ROA not before: Tue 02 Jan 2024 12:33:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208988
IP address blocks: 185.44.4.0/22 maxlen: 22
37.10.110.0/23 maxlen: 23
85.190.184.0/21 maxlen: 21
91.208.17.0/24 maxlen: 24
185.123.4.0/22 maxlen: 22
185.195.120.0/22 maxlen: 22
37.10.68.0/23 maxlen: 23
94.126.36.0/22 maxlen: 22
31.214.150.0/23 maxlen: 23
185.68.240.0/22 maxlen: 22
185.50.108.0/22 maxlen: 22
62.221.228.0/22 maxlen: 22
185.125.232.0/22 maxlen: 22
128.0.120.0/23 maxlen: 23
85.222.208.0/20 maxlen: 20
2a01:71a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 09 Feb 2024 09:50:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f1:b0:f7:8d:25:91:9f:29:40:1c:71:dd:9b:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450
Validity
Not Before: Jan 2 12:33:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=779164db4928c38224aa1fccf728a42491e6147d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:95:5d:33:79:a3:67:6c:30:9d:18:bc:db:67:
aa:04:a5:48:91:2d:03:a8:32:f1:af:38:46:b6:3f:
e7:47:f9:80:a8:75:dd:f5:ab:18:bd:81:92:46:fa:
da:b8:a3:97:fc:9d:05:d6:ae:53:97:dd:8f:b5:01:
d8:f0:7b:74:37:90:76:de:3d:e9:19:e8:f0:62:08:
80:13:23:d7:87:7c:1b:c6:93:20:05:e0:f3:0c:8f:
c5:1a:b8:88:13:c6:a4:3e:ef:f9:f2:b4:67:38:07:
e0:56:04:bb:b3:5b:c8:94:76:fd:3f:65:a3:28:aa:
76:38:69:38:1c:d1:35:80:2d:55:c2:6c:f5:ff:38:
c2:ac:5f:6f:bc:a1:be:0b:f9:10:4d:c0:29:9a:ba:
29:49:82:35:e1:14:e1:c3:77:3b:cf:32:cc:1f:87:
9f:ad:3d:09:fa:33:0d:80:67:d1:e7:bc:a9:74:5c:
71:61:d2:78:9e:3f:0a:ff:6d:a9:d3:6b:0d:ad:87:
41:6f:e4:58:ef:48:bb:6b:5a:46:64:3f:57:91:65:
57:d9:9c:a2:44:8e:a3:56:14:c0:cb:54:36:40:7a:
84:a1:48:a3:6a:32:82:79:77:a4:0c:75:6a:0a:46:
eb:ef:84:ad:b9:e6:d5:21:f3:9e:59:74:20:ae:a6:
c2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:91:64:DB:49:28:C3:82:24:AA:1F:CC:F7:28:A4:24:91:E6:14:7D
X509v3 Authority Key Identifier:
keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/d5Fk20kow4Ikqh_M9yikJJHmFH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.150.0/23
37.10.68.0/23
37.10.110.0/23
62.221.228.0/22
85.190.184.0/21
85.222.208.0/20
91.208.17.0/24
94.126.36.0/22
128.0.120.0/23
185.44.4.0/22
185.50.108.0/22
185.68.240.0/22
185.123.4.0/22
185.125.232.0/22
185.195.120.0/22
IPv6:
2a01:71a0::/32
Signature Algorithm: sha256WithRSAEncryption
89:40:48:a4:ad:0b:76:a9:28:df:e9:ce:da:7c:36:13:6b:c7:
ee:0c:0e:26:8b:48:b9:55:9e:81:37:13:69:4e:60:b4:78:aa:
3a:fb:15:4e:43:e1:ce:d3:bf:50:04:86:e3:d8:b4:5a:c1:b2:
85:12:e9:22:28:c3:44:01:3b:3c:8c:ef:1f:27:38:f4:f2:e3:
92:f4:e4:5e:23:07:31:d5:09:3d:0e:29:3d:e2:f5:47:0c:64:
58:fc:6b:a5:6c:14:d8:0d:44:a3:27:99:12:7a:45:84:d5:7b:
ff:8a:6f:c3:53:e7:89:89:69:ae:3d:53:5a:fa:81:2c:5f:6a:
a0:02:a9:47:a5:44:6d:59:b6:d8:2d:87:f4:37:2f:16:12:2e:
63:de:19:e9:f6:cb:a7:5c:3a:3f:35:06:84:c4:d6:fa:d5:64:
88:6c:9e:b0:ad:44:15:13:0f:97:25:16:41:ac:92:39:67:34:
42:93:d7:b5:24:1b:93:06:ea:b9:3a:9e:b0:5d:1b:99:e9:ae:
74:8b:e1:f8:ae:8e:47:66:53:a8:dd:e3:89:d3:2b:8f:7d:5d:
83:3a:d1:fc:54:32:31:af:18:88:a7:76:76:d4:15:eb:95:55:
ae:4b:4c:5f:9e:04:02:ec:76:c1:9f:c2:9a:ea:67:9e:fb:13:
9d:82:d3:c2
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYzKKfGw940lkZ8pQBxx3ZssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx
YmE0NTAwHhcNMjQwMTAyMTIzMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzkxNjRkYjQ5MjhjMzgyMjRhYTFmY2NmNzI4YTQyNDkxZTYxNDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpVdM3mjZ2wwnRi822eqBKVIkS0D
qDLxrzhGtj/nR/mAqHXd9asYvYGSRvrauKOX/J0F1q5Tl92PtQHY8Ht0N5B23j3p
GejwYgiAEyPXh3wbxpMgBeDzDI/FGriIE8akPu/58rRnOAfgVgS7s1vIlHb9P2Wj
KKp2OGk4HNE1gC1Vwmz1/zjCrF9vvKG+C/kQTcApmropSYI14RThw3c7zzLMH4ef
rT0J+jMNgGfR57ypdFxxYdJ4nj8K/22p02sNrYdBb+RY70i7a1pGZD9XkWVX2Zyi
RI6jVhTAy1Q2QHqEoUijajKCeXekDHVqCkbr74StuebVIfOeWXQgrqbCjwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFHeRZNtJKMOCJKofzPcopCSR5hR9MB8GA1UdIwQY
MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt
ODI2ZDA1Y2NmZTI1LzEvZDVGazIwa293NElrcWhfTTl5aWtKSkhtRkgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1
LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAR/WlgME
ASUKRAMEASUKbgMEAj7d5AMEA1W+uAMEBFXe0AMEAFvQEQMEAl5+JAMEAYAAeAME
ArksBAMEArkybAMEArlE8AMEArl7BAMEArl96AMEArnDeDANBAIAAjAHAwUAKgFx
oDANBgkqhkiG9w0BAQsFAAOCAQEAiUBIpK0Ldqko3+nO2nw2E2vH7gwOJotIuVWe
gTcTaU5gtHiqOvsVTkPhztO/UASG49i0WsGyhRLpIijDRAE7PIzvHyc49PLjkvTk
XiMHMdUJPQ4pPeL1RwxkWPxrpWwU2A1EoyeZEnpFhNV7/4pvw1PniYlprj1TWvqB
LF9qoAKpR6VEbVm22C2H9DcvFhIuY94Z6fbLp1w6PzUGhMTW+tVkiGyesK1EFRMP
lyUWQaySOWc0QpPXtSQbkwbquTqesF0bmemudIvh+K6OR2ZTqN3jidMrj31dgzrR
/FQyMa8YiKd2dtQV65VVrktMX54EAux2wZ/CmupnnvsTnYLTwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org