Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/fAhk3FG2-LmQ2UL2_RykcuLrqzc.roa
File: fAhk3FG2-LmQ2UL2_RykcuLrqzc.roa (raw, json)
Hash identifier: mfzySbaRADX6oIKn5GJRYbqpn9LqbqLZrremxmSOXbQ=
Subject key identifier: 7C:08:64:DC:51:B6:F8:B9:90:D9:42:F6:FD:1C:A4:72:E2:EB:AB:37
Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial: 018CC26D7D1E8B434C654A245DA64E525056
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/fAhk3FG2-LmQ2UL2_RykcuLrqzc.roa
Signing time: Mon 01 Jan 2024 00:30:04 +0000
ROA not before: Mon 01 Jan 2024 00:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205072
IP address blocks: 185.149.108.0/22 maxlen: 24
109.109.128.0/20 maxlen: 24
45.155.21.0/24 maxlen: 24
45.155.20.0/22 maxlen: 22
195.5.176.0/24 maxlen: 24
45.137.36.0/22 maxlen: 22
87.239.16.0/21 maxlen: 24
194.26.214.0/24 maxlen: 24
45.147.88.0/22 maxlen: 22
193.22.80.0/24 maxlen: 24
195.5.161.0/24 maxlen: 24
195.5.170.0/24 maxlen: 24
195.5.168.0/24 maxlen: 24
2a0d:da00::/29 maxlen: 29
2a0d:da00::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jan 2024 15:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7d:1e:8b:43:4c:65:4a:24:5d:a6:4e:52:50:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
Validity
Not Before: Jan 1 00:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c0864dc51b6f8b990d942f6fd1ca472e2ebab37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c4:c3:7f:85:bd:e8:60:94:6a:b1:53:a0:43:
34:bf:0e:09:b0:4e:9b:34:d6:69:c6:af:03:19:c7:
44:c3:2e:88:e3:1d:87:44:3b:18:50:3a:0f:35:2e:
fb:d9:30:86:3d:90:5d:6b:b0:9a:d2:7d:0a:7f:32:
f7:8d:37:b7:5f:a5:6d:38:16:a4:01:9c:96:96:63:
14:8b:d9:3f:90:a6:15:e5:7b:28:eb:33:75:21:cb:
5e:86:8b:43:af:58:b4:80:64:70:52:ec:42:66:f5:
2b:51:93:50:36:19:c6:2a:e6:c8:cc:45:03:a7:28:
76:ce:52:16:22:b7:01:3c:c1:2d:8b:55:07:f4:87:
d2:1b:e1:84:ee:41:cc:e8:78:8c:1c:0d:a3:ba:7b:
d0:db:65:98:ee:ec:d0:4b:49:98:6e:cd:c8:4e:76:
4b:22:cf:41:f7:27:1c:9b:5d:41:79:05:6a:44:10:
45:3e:5a:d3:fa:b1:06:b9:60:14:76:9d:09:fe:8a:
73:dc:5a:72:6b:1c:b5:fa:87:7d:13:23:c9:f8:74:
53:06:90:a2:fe:1a:79:06:79:c9:cb:3f:06:63:52:
7d:25:56:8e:ed:79:e7:ad:3e:02:62:5b:5c:16:da:
fe:ad:f4:dd:52:1f:cd:b0:86:54:48:b6:a7:20:3d:
27:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:08:64:DC:51:B6:F8:B9:90:D9:42:F6:FD:1C:A4:72:E2:EB:AB:37
X509v3 Authority Key Identifier:
keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/fAhk3FG2-LmQ2UL2_RykcuLrqzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.36.0/22
45.147.88.0/22
45.155.20.0/22
87.239.16.0/21
109.109.128.0/20
185.149.108.0/22
193.22.80.0/24
194.26.214.0/24
195.5.161.0/24
195.5.168.0/24
195.5.170.0/24
195.5.176.0/24
IPv6:
2a0d:da00::/29
Signature Algorithm: sha256WithRSAEncryption
10:65:42:ba:bd:a0:b3:77:b6:41:d2:91:90:36:c0:c6:84:1a:
55:6c:e5:6c:b7:98:a0:4c:2c:af:42:e3:db:82:82:19:df:c9:
0d:5c:4f:e5:ea:5c:6c:a8:c9:02:15:15:ae:85:bf:7d:80:44:
8f:d1:77:73:3f:76:85:5f:cc:60:1e:72:c0:b7:b5:f6:6f:e1:
b9:5b:f7:fc:00:af:5f:86:db:05:2e:6a:bc:0d:5c:6b:62:fc:
b4:3f:c9:38:68:be:58:9e:c9:a1:83:5c:5a:d7:bc:ab:9e:44:
c5:56:67:3f:a6:ea:f5:ef:90:a8:f7:a2:d9:d6:f5:63:fc:1c:
e1:6a:eb:49:fd:2e:b7:38:69:8b:0b:3a:ed:3c:e0:af:9e:c7:
94:a7:7f:9c:79:e4:c7:3a:29:fd:34:a3:c4:d1:de:2b:db:ab:
a6:a9:9b:63:ea:ed:4a:ac:42:de:c7:96:a9:38:26:92:41:2d:
fa:06:c5:c6:21:c4:b0:b3:a2:38:ed:83:2d:77:f5:b9:d8:05:
16:5c:93:ce:05:ef:7c:4d:b3:58:86:36:ff:b4:70:11:a0:64:
4d:93:8c:eb:01:12:fa:20:b7:11:8e:c5:af:e7:28:42:0f:06:
a0:c7:ba:1a:ee:fa:58:38:02:f9:42:10:40:63:ec:27:81:2e:
01:0a:b1:6e
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzCbX0ei0NMZUokXaZOUlBWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZTkyYzM0MWU3Njk0NDNmZGUxZDI3NTY2MDQ0YjRiNjUx
NTkwNjAwHhcNMjQwMTAxMDAzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzA4NjRkYzUxYjZmOGI5OTBkOTQyZjZmZDFjYTQ3MmUyZWJhYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisTDf4W96GCUarFToEM0vw4JsE6b
NNZpxq8DGcdEwy6I4x2HRDsYUDoPNS772TCGPZBda7Ca0n0KfzL3jTe3X6VtOBak
AZyWlmMUi9k/kKYV5Xso6zN1IctehotDr1i0gGRwUuxCZvUrUZNQNhnGKubIzEUD
pyh2zlIWIrcBPMEti1UH9IfSG+GE7kHM6HiMHA2junvQ22WY7uzQS0mYbs3ITnZL
Is9B9yccm11BeQVqRBBFPlrT+rEGuWAUdp0J/opz3Fpyaxy1+od9EyPJ+HRTBpCi
/hp5BnnJyz8GY1J9JVaO7XnnrT4CYltcFtr+rfTdUh/NsIZUSLanID0nlQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFHwIZNxRtvi5kNlC9v0cpHLi66s3MB8GA1UdIwQY
MBaAFGbpLDQedpRD/eHSdWYES0tlFZBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYt
YzFkMjk2ZjhmZDA3LzEvZkFoazNGRzItTG1RMlVMMl9SeWtjdUxycXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYtYzFkMjk2ZjhmZDA3
LzEvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCLYkkAwQC
LZNYAwQCLZsUAwQDV+8QAwQEbW2AAwQCuZVsAwQAwRZQAwQAwhrWAwQAwwWhAwQA
wwWoAwQAwwWqAwQAwwWwMA0EAgACMAcDBQMqDdoAMA0GCSqGSIb3DQEBCwUAA4IB
AQAQZUK6vaCzd7ZB0pGQNsDGhBpVbOVst5igTCyvQuPbgoIZ38kNXE/l6lxsqMkC
FRWuhb99gESP0XdzP3aFX8xgHnLAt7X2b+G5W/f8AK9fhtsFLmq8DVxrYvy0P8k4
aL5Ynsmhg1xa17yrnkTFVmc/pur175Co96LZ1vVj/BzhautJ/S63OGmLCzrtPOCv
nseUp3+ceeTHOin9NKPE0d4r26umqZtj6u1KrELex5apOCaSQS36BsXGIcSws6I4
7YMtd/W52AUWXJPOBe98TbNYhjb/tHARoGRNk4zrARL6ILcRjsWv5yhCDwagx7oa
7vpYOAL5QhBAY+wngS4BCrFu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:17 2024 by rpki-client on console-ams.rpki-client.org