Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/jF3UzlyJPqG7M4x8EwzWE1XMJ6w.roa
File: jF3UzlyJPqG7M4x8EwzWE1XMJ6w.roa (raw, json)
Hash identifier: gyngLJCaL3bgWZvXnABC7iqtfhJF6R6/A+CuQuzmwDg=
Subject key identifier: 8C:5D:D4:CE:5C:89:3E:A1:BB:33:8C:7C:13:0C:D6:13:55:CC:27:AC
Certificate issuer: /CN=926cc6b46295cbbc1bdf986302d0271b8b7d7af0
Certificate serial: 018D9CA8F6F035C557FAA46666CE71B37B23
Authority key identifier: 92:6C:C6:B4:62:95:CB:BC:1B:DF:98:63:02:D0:27:1B:8B:7D:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmzGtGKVy7wb35hjAtAnG4t9evA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/jF3UzlyJPqG7M4x8EwzWE1XMJ6w.roa
Signing time: Mon 12 Feb 2024 09:32:15 +0000
ROA not before: Mon 12 Feb 2024 09:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25472
IP address blocks: 37.6.0.0/16 maxlen: 24
37.6.0.0/17 maxlen: 17
37.6.128.0/17 maxlen: 17
46.190.0.0/17 maxlen: 24
62.169.192.0/18 maxlen: 24
79.107.0.0/16 maxlen: 24
79.107.0.0/17 maxlen: 17
79.107.0.0/19 maxlen: 24
79.107.64.0/19 maxlen: 24
79.107.128.0/17 maxlen: 17
79.107.160.0/19 maxlen: 24
79.107.192.0/19 maxlen: 24
80.245.160.0/20 maxlen: 24
81.92.48.0/20 maxlen: 24
84.254.0.0/18 maxlen: 24
91.140.0.0/17 maxlen: 24
91.140.32.0/19 maxlen: 24
91.140.64.0/18 maxlen: 24
109.242.0.0/16 maxlen: 24
109.242.128.0/17 maxlen: 24
176.58.128.0/17 maxlen: 24
185.3.220.0/22 maxlen: 24
2a03:f000::/29 maxlen: 48
2a03:f000::/32 maxlen: 40
2a03:f002::/32 maxlen: 32
2a03:f003::/32 maxlen: 32
2a03:f003:1::/48 maxlen: 48
2a03:f003:2::/48 maxlen: 48
2a03:f003:3::/48 maxlen: 48
2a03:f003:100::/40 maxlen: 40
2a03:f003:200::/40 maxlen: 40
2a03:f003:300::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Jun 2024 08:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9c:a8:f6:f0:35:c5:57:fa:a4:66:66:ce:71:b3:7b:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=926cc6b46295cbbc1bdf986302d0271b8b7d7af0
Validity
Not Before: Feb 12 09:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c5dd4ce5c893ea1bb338c7c130cd61355cc27ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bd:a7:f5:1c:30:23:36:67:f2:3d:f3:bd:5f:
1b:93:d2:5b:56:76:04:84:51:ac:d9:a8:6f:9d:cd:
c8:64:14:08:d6:a0:91:cc:92:de:d4:25:66:b4:f8:
eb:0a:0c:fc:fe:82:8a:6d:01:4f:61:27:bb:0a:1d:
a4:6e:69:e6:c8:6a:1f:bc:19:d6:f5:a3:7a:f7:b8:
50:04:fb:1e:eb:f0:25:35:06:6d:f9:dd:01:9e:37:
46:52:39:89:28:fe:52:19:ba:b4:f4:82:ec:3c:66:
dc:c5:76:f0:e5:21:c1:5a:45:f1:e6:4b:25:ad:52:
a8:a1:13:0c:9a:4b:5c:ba:b4:63:9f:ee:7c:5b:31:
62:84:79:a9:fd:fd:47:1b:8d:a7:a8:b9:84:7a:46:
8d:9b:64:18:d2:a9:f2:7f:02:ec:b4:3b:30:c1:86:
e0:c0:19:23:3d:0a:c4:70:6f:d2:2e:0c:5c:4e:a7:
c7:dc:0e:a5:87:28:bb:da:ef:ab:e5:66:b6:39:f4:
85:09:6c:47:3d:21:51:e1:e4:d2:eb:7f:d0:6f:31:
81:87:c1:6a:2f:36:6d:b4:8f:ff:dc:de:c2:b0:f9:
04:a6:74:24:e1:56:9d:c4:44:bd:55:f1:a0:c8:59:
4a:24:d8:2b:3a:95:72:ec:c5:10:40:7d:d9:37:7f:
8a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5D:D4:CE:5C:89:3E:A1:BB:33:8C:7C:13:0C:D6:13:55:CC:27:AC
X509v3 Authority Key Identifier:
keyid:92:6C:C6:B4:62:95:CB:BC:1B:DF:98:63:02:D0:27:1B:8B:7D:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmzGtGKVy7wb35hjAtAnG4t9evA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/jF3UzlyJPqG7M4x8EwzWE1XMJ6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/c0147a-fabf-40a4-9ef5-2214e96e382f/1/kmzGtGKVy7wb35hjAtAnG4t9evA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.6.0.0/16
46.190.0.0/17
62.169.192.0/18
79.107.0.0/16
80.245.160.0/20
81.92.48.0/20
84.254.0.0/18
91.140.0.0/17
109.242.0.0/16
176.58.128.0/17
185.3.220.0/22
IPv6:
2a03:f000::/29
Signature Algorithm: sha256WithRSAEncryption
a4:e7:11:0b:a2:18:dd:4b:13:47:dc:0b:12:e0:fe:84:2e:e1:
5f:83:21:55:7b:74:4c:ed:f3:01:c1:de:01:47:c3:40:30:43:
6c:45:69:31:ef:26:96:38:b9:99:e6:c4:8e:3d:b7:cd:2f:09:
1a:20:b7:b3:96:c6:2e:7f:b6:63:86:d7:d1:78:55:7b:63:bd:
8f:17:66:24:61:1a:7f:dc:f0:6e:10:12:b0:a1:84:f4:b5:38:
cd:ba:b9:b9:f8:e4:07:d3:ad:46:1e:bf:b9:4e:78:33:e4:a3:
e4:7c:10:74:17:59:1b:43:18:f5:24:f5:40:02:12:a7:f4:c2:
f6:f7:0b:f9:c5:cc:10:a0:d2:ca:dd:fb:d9:38:56:44:4e:92:
ca:36:f3:19:6e:b7:99:0f:95:7d:65:44:61:6b:b7:1a:c5:02:
27:c4:3f:b7:54:af:35:e9:c7:9c:44:a3:3e:43:55:46:7c:2b:
84:db:bb:86:6d:c9:56:4f:f3:24:10:a9:ed:62:2f:fa:d2:7d:
a9:85:be:60:a0:47:db:a0:f3:06:6a:5c:2b:85:ab:7b:08:d3:
84:b3:ba:d6:d2:96:b8:4b:00:ae:b4:a5:bd:5a:30:62:c2:1d:
7a:ab:40:14:98:31:ff:50:ff:79:86:01:4a:0e:cf:84:09:dc:
ea:c1:04:b4
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY2cqPbwNcVX+qRmZs5xs3sjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNmNjNmI0NjI5NWNiYmMxYmRmOTg2MzAyZDAyNzFiOGI3
ZDdhZjAwHhcNMjQwMjEyMDkzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzVkZDRjZTVjODkzZWExYmIzMzhjN2MxMzBjZDYxMzU1Y2MyN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtb2n9RwwIzZn8j3zvV8bk9JbVnYE
hFGs2ahvnc3IZBQI1qCRzJLe1CVmtPjrCgz8/oKKbQFPYSe7Ch2kbmnmyGofvBnW
9aN697hQBPse6/AlNQZt+d0BnjdGUjmJKP5SGbq09ILsPGbcxXbw5SHBWkXx5ksl
rVKooRMMmktcurRjn+58WzFihHmp/f1HG42nqLmEekaNm2QY0qnyfwLstDswwYbg
wBkjPQrEcG/SLgxcTqfH3A6lhyi72u+r5Wa2OfSFCWxHPSFR4eTS63/QbzGBh8Fq
LzZttI//3N7CsPkEpnQk4VadxES9VfGgyFlKJNgrOpVy7MUQQH3ZN3+KvQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIxd1M5ciT6huzOMfBMM1hNVzCesMB8GA1UdIwQY
MBaAFJJsxrRilcu8G9+YYwLQJxuLfXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva216R3RHS1Z5N3diMzVoakF0QW5HNHQ5ZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jMDE0N2EtZmFiZi00MGE0LTllZjUt
MjIxNGU5NmUzODJmLzEvakYzVXpseUpQcUc3TTR4OEV3eldFMVhNSjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jMDE0N2EtZmFiZi00MGE0LTllZjUtMjIxNGU5NmUzODJm
LzEva216R3RHS1Z5N3diMzVoakF0QW5HNHQ5ZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwMAJQYDBAcu
vgADBAY+qcADAwBPawMEBFD1oAMEBFFcMAMEBlT+AAMEB1uMAAMDAG3yAwQHsDqA
AwQCuQPcMA0EAgACMAcDBQMqA/AAMA0GCSqGSIb3DQEBCwUAA4IBAQCk5xELohjd
SxNH3AsS4P6ELuFfgyFVe3RM7fMBwd4BR8NAMENsRWkx7yaWOLmZ5sSOPbfNLwka
ILezlsYuf7ZjhtfReFV7Y72PF2YkYRp/3PBuEBKwoYT0tTjNurm5+OQH061GHr+5
Tngz5KPkfBB0F1kbQxj1JPVAAhKn9ML29wv5xcwQoNLK3fvZOFZETpLKNvMZbreZ
D5V9ZURha7caxQInxD+3VK816cecRKM+Q1VGfCuE27uGbclWT/MkEKntYi/60n2p
hb5goEfboPMGalwrhat7CNOEs7rW0pa4SwCutKW9WjBiwh16q0AUmDH/UP95hgFK
Ds+ECdzqwQS0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:56 2024 by rpki-client on console-fra.rpki-client.org