Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/rdRzB3zp5o-IdR9h0Dm9XejdJlk.roa
File: rdRzB3zp5o-IdR9h0Dm9XejdJlk.roa (raw, json)
Hash identifier: F1CUoMrAsmVOn8M2GkSiM6yl4Sgc9lt5jdaonBrmJMk=
Subject key identifier: AD:D4:73:07:7C:E9:E6:8F:88:75:1F:61:D0:39:BD:5D:E8:DD:26:59
Certificate issuer: /CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Certificate serial: 01856EC22291C2CF6CA98101EA4F1C63F104
Authority key identifier: 2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/rdRzB3zp5o-IdR9h0Dm9XejdJlk.roa
Signing time: Sun 01 Jan 2023 19:14:54 +0000
ROA not before: Sun 01 Jan 2023 19:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48095
IP address blocks: 188.65.16.0/22 maxlen: 22
87.101.80.0/22 maxlen: 22
77.247.112.0/23 maxlen: 23
77.247.114.0/23 maxlen: 23
193.9.152.0/22 maxlen: 22
185.158.70.0/23 maxlen: 23
185.158.68.0/23 maxlen: 23
31.40.226.0/23 maxlen: 23
31.40.224.0/23 maxlen: 23
185.222.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:22:91:c2:cf:6c:a9:81:01:ea:4f:1c:63:f1:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df8779a3c82f00fc14435ee7d8d0b8d6dd8204e
Validity
Not Before: Jan 1 19:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=add473077ce9e68f88751f61d039bd5de8dd2659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cd:35:49:04:29:0d:b8:be:4a:41:e2:ce:60:
9e:1a:69:d0:ea:cc:1a:99:54:dc:fe:c5:a8:4e:01:
af:96:57:0e:9f:d1:0b:84:f4:df:54:29:e7:84:8d:
7a:d5:50:c8:88:f3:a3:5f:c5:66:84:6c:9d:07:e0:
a6:81:e8:f0:3e:7e:8b:6a:bd:db:90:69:db:60:7c:
cc:7b:79:a3:10:34:00:f2:4c:8d:d5:20:b5:8a:7e:
46:bd:e7:6c:2c:1b:97:61:1a:c3:ed:79:5f:2a:c8:
1c:8a:32:ed:90:f6:9c:38:d6:b7:d3:ac:b6:65:56:
b2:f1:c2:b7:1e:44:d5:fa:af:f8:aa:70:7c:8d:5d:
bc:ec:75:40:6e:4b:35:cc:3f:19:1f:f2:3f:bc:c9:
d1:eb:71:0b:8b:b2:6c:d0:04:ee:c0:43:f5:85:2c:
24:10:9a:e8:58:a9:9a:df:62:0c:0d:a2:45:27:7e:
39:8d:b4:24:9a:3a:c4:dc:c3:13:b2:ab:54:31:b0:
b5:97:97:ed:50:ea:52:d6:1d:eb:b2:6b:dc:75:a1:
89:f0:64:44:19:2b:01:8a:f7:5e:c4:32:fd:5d:70:
fb:99:63:2b:ab:af:c8:26:61:72:40:98:ff:cb:54:
ab:a8:0f:61:36:55:33:bc:3c:9a:06:6b:a8:4e:3e:
c8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D4:73:07:7C:E9:E6:8F:88:75:1F:61:D0:39:BD:5D:E8:DD:26:59
X509v3 Authority Key Identifier:
keyid:2D:F8:77:9A:3C:82:F0:0F:C1:44:35:EE:7D:8D:0B:8D:6D:D8:20:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lfh3mjyC8A_BRDXufY0LjW3YIE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/rdRzB3zp5o-IdR9h0Dm9XejdJlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ccd96e-133e-45b7-88b7-e2ae055eced1/1/Lfh3mjyC8A_BRDXufY0LjW3YIE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.224.0/22
77.247.112.0/22
87.101.80.0/22
185.158.68.0/22
185.222.132.0/22
188.65.16.0/22
193.9.152.0/22
Signature Algorithm: sha256WithRSAEncryption
69:b1:14:62:ef:fc:5b:fd:ca:13:34:db:56:5f:ce:a1:af:5d:
48:fd:b9:7e:ee:b0:c0:c8:58:ef:8d:3c:e1:02:42:9a:ad:23:
1f:6d:4f:cb:88:5e:35:b8:c3:30:0e:26:74:f2:0f:a2:bd:ec:
b2:93:0e:cb:0d:5b:80:69:8e:4f:a7:0f:90:e1:67:18:d0:8e:
1c:6f:df:85:14:1a:09:21:4b:e8:42:01:68:ff:1e:75:24:de:
58:53:09:1b:20:c3:92:98:d9:e4:1b:53:14:a2:a5:d6:ba:8d:
5d:f5:fc:0e:e7:ae:62:b1:38:f8:dd:30:b4:dc:b6:9a:4d:6c:
0a:ed:2b:b8:b5:72:e9:42:75:3d:2b:64:9c:f3:aa:8a:b7:8d:
a5:1c:3b:aa:98:7d:fd:52:cc:8a:95:7d:43:62:1c:f3:76:39:
5e:66:ab:6e:61:e6:9e:55:78:22:17:2e:ec:5d:d1:20:fb:d9:
95:53:58:0d:85:87:e7:48:70:e6:b6:75:10:4d:ac:ce:d1:e1:
8d:df:b2:d5:d2:fe:15:cf:c0:d7:02:ba:5c:87:1e:39:50:a7:
42:29:f8:78:dc:40:4a:e6:90:8c:f1:15:98:a0:6b:55:6e:3a:
23:1c:35:95:ea:de:0f:b2:e6:ae:c1:96:ca:77:f5:c2:a5:1b:
52:30:88:f1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVuwiKRws9sqYEB6k8cY/EEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZjg3NzlhM2M4MmYwMGZjMTQ0MzVlZTdkOGQwYjhkNmRk
ODIwNGUwHhcNMjMwMTAxMTkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ0NzMwNzdjZTllNjhmODg3NTFmNjFkMDM5YmQ1ZGU4ZGQyNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk801SQQpDbi+SkHizmCeGmnQ6swa
mVTc/sWoTgGvllcOn9ELhPTfVCnnhI161VDIiPOjX8VmhGydB+CmgejwPn6Lar3b
kGnbYHzMe3mjEDQA8kyN1SC1in5GvedsLBuXYRrD7XlfKsgcijLtkPacONa306y2
ZVay8cK3HkTV+q/4qnB8jV287HVAbks1zD8ZH/I/vMnR63ELi7Js0ATuwEP1hSwk
EJroWKma32IMDaJFJ345jbQkmjrE3MMTsqtUMbC1l5ftUOpS1h3rsmvcdaGJ8GRE
GSsBivdexDL9XXD7mWMrq6/IJmFyQJj/y1SrqA9hNlUzvDyaBmuoTj7IfwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFK3Ucwd86eaPiHUfYdA5vV3o3SZZMB8GA1UdIwQY
MBaAFC34d5o8gvAPwUQ17n2NC41t2CBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4Yjct
ZTJhZTA1NWVjZWQxLzEvcmRSekIzenA1by1JZFI5aDBEbTlYZWpkSmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jY2Q5NmUtMTMzZS00NWI3LTg4YjctZTJhZTA1NWVjZWQx
LzEvTGZoM21qeUM4QV9CUkRYdWZZMExqVzNZSUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCHyjgAwQC
TfdwAwQCV2VQAwQCuZ5EAwQCud6EAwQCvEEQAwQCwQmYMA0GCSqGSIb3DQEBCwUA
A4IBAQBpsRRi7/xb/coTNNtWX86hr11I/bl+7rDAyFjvjTzhAkKarSMfbU/LiF41
uMMwDiZ08g+iveyykw7LDVuAaY5Ppw+Q4WcY0I4cb9+FFBoJIUvoQgFo/x51JN5Y
UwkbIMOSmNnkG1MUoqXWuo1d9fwO565isTj43TC03LaaTWwK7Su4tXLpQnU9K2Sc
86qKt42lHDuqmH39UsyKlX1DYhzzdjleZqtuYeaeVXgiFy7sXdEg+9mVU1gNhYfn
SHDmtnUQTazO0eGN37LV0v4Vz8DXArpchx45UKdCKfh43EBK5pCM8RWYoGtVbjoj
HDWV6t4PsuauwZbKd/XCpRtSMIjx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:02 2024 by rpki-client on console-fra.rpki-client.org