Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/96aopYGNRYU4alnN0yj5rGtpEU4.roa
File: 96aopYGNRYU4alnN0yj5rGtpEU4.roa (raw, json)
Hash identifier: RqLk1rEBmH5eu1iuAQDzk/3/OtPaSUOeq0HAv+sO8oE=
Subject key identifier: F7:A6:A8:A5:81:8D:45:85:38:6A:59:CD:D3:28:F9:AC:6B:69:11:4E
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 018CC5DC073F890FD4D6160F6D77F09CCFBB
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/96aopYGNRYU4alnN0yj5rGtpEU4.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35819
IP address blocks: 89.237.173.0/24 maxlen: 24
78.138.192.0/18 maxlen: 18
78.138.240.0/24 maxlen: 24
212.24.226.0/24 maxlen: 24
212.24.227.0/24 maxlen: 24
212.24.232.0/23 maxlen: 23
89.237.139.0/24 maxlen: 24
212.24.230.0/24 maxlen: 24
212.24.228.0/24 maxlen: 24
89.237.162.0/24 maxlen: 24
89.237.167.0/24 maxlen: 24
2a00:f580::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 29 Feb 2024 12:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:07:3f:89:0f:d4:d6:16:0f:6d:77:f0:9c:cf:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7a6a8a5818d4585386a59cdd328f9ac6b69114e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:63:7d:4d:e5:62:db:cc:15:ba:fb:c2:c4:7c:
c1:b2:62:c1:e7:bc:08:43:75:ab:20:48:16:b7:9f:
0d:9c:59:aa:ed:86:ec:6f:d1:a4:68:f5:f6:ea:79:
f2:b9:de:6c:03:09:34:58:07:08:c2:7b:50:73:0a:
66:1f:a1:ce:ab:1d:a1:c0:06:0a:16:cb:3b:e0:3f:
c9:40:8a:0e:b5:70:37:1d:f4:23:6b:74:e7:b5:6c:
9e:61:e6:a2:5b:46:91:fa:9a:9f:04:9e:fa:52:7d:
4e:18:df:7a:5d:29:bb:7f:fb:0a:9f:8b:c8:0e:9d:
41:6d:b7:5f:3b:7f:b4:76:a5:8f:a0:ee:8e:63:4b:
9c:f6:f6:26:45:0d:13:a4:06:fb:89:65:bc:68:96:
89:6e:48:d1:1f:e8:5f:9e:31:3b:c3:21:94:e9:12:
00:d2:5d:c5:6d:59:cf:f7:82:a5:35:99:5e:58:70:
83:75:28:d8:99:8a:77:9d:d0:17:7c:97:86:99:d7:
a3:e5:71:4c:5d:f9:c0:c8:f1:00:6f:84:64:f8:0a:
27:ce:d3:20:99:d1:c2:97:51:97:b4:56:bb:71:11:
a5:b3:5a:e1:73:33:bd:a0:e6:2d:50:32:d4:e4:1f:
b3:00:b4:df:77:d2:e9:1a:e7:c6:c8:e0:8f:dc:6d:
63:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A6:A8:A5:81:8D:45:85:38:6A:59:CD:D3:28:F9:AC:6B:69:11:4E
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/96aopYGNRYU4alnN0yj5rGtpEU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.192.0/18
89.237.139.0/24
89.237.162.0/24
89.237.167.0/24
89.237.173.0/24
212.24.226.0-212.24.228.255
212.24.230.0/24
212.24.232.0/23
IPv6:
2a00:f580::/32
Signature Algorithm: sha256WithRSAEncryption
12:ff:87:56:8a:c5:a2:88:5c:1c:3e:61:da:df:6d:c5:44:9c:
60:ea:94:f4:77:58:a8:17:99:94:6d:c7:bb:58:27:71:74:7e:
14:d4:ba:3e:fd:29:01:ae:22:af:27:20:a7:36:c6:e9:6d:eb:
86:c9:97:c2:50:4d:e6:93:73:53:81:45:dc:d8:11:5e:25:a6:
a2:97:b4:ef:5e:df:82:95:c5:6e:7a:bb:07:0c:fc:65:e3:6d:
2a:e8:f2:ba:3e:0e:fc:73:54:e1:a0:84:42:f9:9f:cd:05:b3:
ca:41:db:b7:b3:3c:5e:1b:60:c7:3b:d4:a3:7a:94:80:d9:4a:
54:29:6e:e8:84:f2:12:f8:4a:85:4b:57:1d:d6:c4:65:04:fb:
f7:32:09:d4:1f:33:a4:ba:95:77:1e:70:37:a1:2c:3c:06:3f:
d9:4e:ea:7a:b2:79:07:c8:85:0c:da:90:e1:f8:4a:33:44:b0:
18:6a:2e:5e:18:98:01:54:bf:da:35:83:93:0c:d6:f2:ae:20:
72:2c:78:31:8c:7b:58:ff:ce:52:27:fe:1a:93:b3:9d:e2:10:
f2:f6:f6:60:2e:fa:ff:a9:89:16:ca:61:96:94:ab:25:aa:49:
b0:01:08:29:3a:9b:34:96:26:76:16:ff:0e:7d:fe:b1:ea:03:
54:05:7a:8a
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzF3Ac/iQ/U1hYPbXfwnM+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2E2YThhNTgxOGQ0NTg1Mzg2YTU5Y2RkMzI4ZjlhYzZiNjkxMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWN9TeVi28wVuvvCxHzBsmLB57wI
Q3WrIEgWt58NnFmq7Ybsb9GkaPX26nnyud5sAwk0WAcIwntQcwpmH6HOqx2hwAYK
Fss74D/JQIoOtXA3HfQja3TntWyeYeaiW0aR+pqfBJ76Un1OGN96XSm7f/sKn4vI
Dp1BbbdfO3+0dqWPoO6OY0uc9vYmRQ0TpAb7iWW8aJaJbkjRH+hfnjE7wyGU6RIA
0l3FbVnP94KlNZleWHCDdSjYmYp3ndAXfJeGmdej5XFMXfnAyPEAb4Rk+AonztMg
mdHCl1GXtFa7cRGls1rhczO9oOYtUDLU5B+zALTfd9LpGufGyOCP3G1jUwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPemqKWBjUWFOGpZzdMo+axraRFOMB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvOTZhb3BZR05SWVU0YWxuTjB5ajVyR3RwRVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQGTorAAwQA
We2LAwQAWe2iAwQAWe2nAwQAWe2tMAwDBAHUGOIDBADUGOQDBADUGOYDBAHUGOgw
DQQCAAIwBwMFACoA9YAwDQYJKoZIhvcNAQELBQADggEBABL/h1aKxaKIXBw+Ydrf
bcVEnGDqlPR3WKgXmZRtx7tYJ3F0fhTUuj79KQGuIq8nIKc2xult64bJl8JQTeaT
c1OBRdzYEV4lpqKXtO9e34KVxW56uwcM/GXjbSro8ro+DvxzVOGghEL5n80Fs8pB
27ezPF4bYMc71KN6lIDZSlQpbuiE8hL4SoVLVx3WxGUE+/cyCdQfM6S6lXcecDeh
LDwGP9lO6nqyeQfIhQzakOH4SjNEsBhqLl4YmAFUv9o1g5MM1vKuIHIseDGMe1j/
zlIn/hqTs53iEPL29mAu+v+piRbKYZaUqyWqSbABCCk6mzSWJnYW/w59/rHqA1QF
eoo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:19 2024 by rpki-client on console-fra.rpki-client.org