Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/t57PJeKbqt9rw45goGO7SNZdeeE.roa
File: t57PJeKbqt9rw45goGO7SNZdeeE.roa (raw, json)
Hash identifier: /SvaUeBIN90mLVgnNs+WI1ENUNPls/fPLUxYAtD0oD8=
Subject key identifier: B7:9E:CF:25:E2:9B:AA:DF:6B:C3:8E:60:A0:63:BB:48:D6:5D:79:E1
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018AD71C1C65428AAA52F7F7DD626A850531
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/t57PJeKbqt9rw45goGO7SNZdeeE.roa
Signing time: Wed 27 Sep 2023 14:47:38 +0000
ROA not before: Wed 27 Sep 2023 14:47:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43561
IP address blocks: 95.87.209.0/24 maxlen: 24
37.157.191.0/24 maxlen: 24
95.87.223.0/24 maxlen: 24
95.87.228.0/24 maxlen: 24
84.40.116.0/24 maxlen: 24
95.87.199.0/24 maxlen: 24
37.157.169.0/24 maxlen: 24
95.43.250.0/24 maxlen: 24
84.40.65.0/24 maxlen: 24
84.40.73.0/24 maxlen: 24
84.40.74.0/24 maxlen: 24
84.40.93.0/24 maxlen: 24
95.87.255.0/24 maxlen: 24
185.60.66.0/24 maxlen: 24
185.60.67.0/24 maxlen: 24
2a02:1338::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:1c:1c:65:42:8a:aa:52:f7:f7:dd:62:6a:85:05:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Sep 27 14:47:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b79ecf25e29baadf6bc38e60a063bb48d65d79e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fb:e1:a0:ea:d3:ec:bb:40:ce:38:7d:c8:b3:
b9:ea:5c:ba:43:0f:3b:57:27:2c:82:e1:c6:84:f4:
7f:ee:79:8c:2b:82:e0:7b:4c:8f:7b:cf:99:fc:5b:
5a:02:87:b3:2b:b3:e1:1c:37:5b:cf:2f:5e:07:59:
f2:a1:19:5f:af:aa:30:80:93:72:cb:4e:e7:08:46:
c0:b8:72:8f:0b:ff:d0:bc:44:42:d8:39:31:86:c9:
8b:e6:dc:65:ad:c2:1a:8b:d8:39:c0:f2:4d:5e:a1:
56:23:cf:c1:5a:bd:9c:e5:c4:99:98:4b:2a:1d:21:
48:5b:42:aa:b3:dc:41:83:7c:f2:8a:2a:3d:5e:92:
ed:0d:1f:65:f1:d0:41:dd:3e:df:70:ee:d1:64:dd:
5a:4c:80:d7:43:cf:51:16:f6:2b:d4:01:ad:b3:70:
56:b3:91:9e:0e:c5:59:0c:4e:6c:60:17:5a:c6:1b:
49:d2:54:11:33:66:40:42:0c:b2:d0:92:20:59:2f:
10:6f:8a:18:31:28:99:b6:db:6f:35:de:07:61:6c:
32:b6:f4:77:31:95:22:ee:42:a7:d9:56:0d:7f:ab:
3a:0e:a4:91:fd:09:47:1f:67:6b:f9:a2:6f:11:56:
88:0a:75:03:08:a4:12:e6:1d:17:77:de:5d:9d:83:
ec:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:9E:CF:25:E2:9B:AA:DF:6B:C3:8E:60:A0:63:BB:48:D6:5D:79:E1
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/t57PJeKbqt9rw45goGO7SNZdeeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.169.0/24
37.157.191.0/24
84.40.65.0/24
84.40.73.0-84.40.74.255
84.40.93.0/24
84.40.116.0/24
95.43.250.0/24
95.87.199.0/24
95.87.209.0/24
95.87.223.0/24
95.87.228.0/24
95.87.255.0/24
185.60.66.0/23
IPv6:
2a02:1338::/32
Signature Algorithm: sha256WithRSAEncryption
b0:d2:6e:f0:1a:18:87:70:57:95:a7:65:a5:84:1b:01:98:52:
53:27:37:e8:a7:e1:59:de:9a:3c:de:6f:b9:c2:e8:c9:cc:f1:
a0:56:39:d2:31:19:74:4a:73:a0:6e:13:be:ce:55:9d:2a:4a:
33:d6:c5:5b:52:64:8d:fe:7c:95:f5:9f:e7:48:51:d3:14:97:
01:e9:bf:76:e7:49:92:fa:34:27:f8:15:91:d3:d4:27:7d:16:
a9:8a:e9:12:17:f7:f0:cf:09:8c:2a:9f:40:3a:61:f2:c2:a7:
14:bc:58:0a:56:2e:6d:0a:c3:da:83:e0:aa:3b:6f:91:fd:32:
e8:48:0c:43:66:0b:e0:76:b0:52:8b:4c:0a:7b:56:5a:84:b8:
d6:70:20:6d:cc:da:4b:e1:0a:42:1f:e0:0c:cb:40:8d:1a:23:
6c:de:31:b5:fa:d1:ce:d5:d3:b2:3b:25:6a:2f:18:a4:2d:10:
9d:4e:5e:95:20:c2:fd:23:75:b1:b5:45:aa:75:49:c2:26:0d:
18:e9:90:ad:ba:41:51:c5:00:e9:60:3d:0f:27:6c:8a:22:90:
13:c1:15:28:a0:98:36:1c:93:bc:3e:71:1f:db:c8:de:c5:55:
88:bd:92:07:14:e0:4c:fc:58:42:24:d7:8e:d7:88:fe:cd:6d:
08:cc:5f:46
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYrXHBxlQoqqUvf33WJqhQUxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwOTI3MTQ0NzM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzllY2YyNWUyOWJhYWRmNmJjMzhlNjBhMDYzYmI0OGQ2NWQ3OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPvhoOrT7LtAzjh9yLO56ly6Qw87
VycsguHGhPR/7nmMK4Lge0yPe8+Z/FtaAoezK7PhHDdbzy9eB1nyoRlfr6owgJNy
y07nCEbAuHKPC//QvERC2DkxhsmL5txlrcIai9g5wPJNXqFWI8/BWr2c5cSZmEsq
HSFIW0Kqs9xBg3zyiio9XpLtDR9l8dBB3T7fcO7RZN1aTIDXQ89RFvYr1AGts3BW
s5GeDsVZDE5sYBdaxhtJ0lQRM2ZAQgyy0JIgWS8Qb4oYMSiZtttvNd4HYWwytvR3
MZUi7kKn2VYNf6s6DqSR/QlHH2dr+aJvEVaICnUDCKQS5h0Xd95dnYPsswIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFLeezyXim6rfa8OOYKBju0jWXXnhMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvdDU3UEplS2JxdDlydzQ1Z29HTzdTTlpkZWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQAJZ2pAwQA
JZ2/AwQAVChBMAwDBABUKEkDBABUKEoDBABUKF0DBABUKHQDBABfK/oDBABfV8cD
BABfV9EDBABfV98DBABfV+QDBABfV/8DBAG5PEIwDQQCAAIwBwMFACoCEzgwDQYJ
KoZIhvcNAQELBQADggEBALDSbvAaGIdwV5WnZaWEGwGYUlMnN+in4Vnemjzeb7nC
6MnM8aBWOdIxGXRKc6BuE77OVZ0qSjPWxVtSZI3+fJX1n+dIUdMUlwHpv3bnSZL6
NCf4FZHT1Cd9FqmK6RIX9/DPCYwqn0A6YfLCpxS8WApWLm0Kw9qD4Ko7b5H9MuhI
DENmC+B2sFKLTAp7VlqEuNZwIG3M2kvhCkIf4AzLQI0aI2zeMbX60c7V07I7JWov
GKQtEJ1OXpUgwv0jdbG1Rap1ScImDRjpkK26QVHFAOlgPQ8nbIoikBPBFSigmDYc
k7w+cR/byN7FVYi9kgcU4Ez8WEIk147XiP7NbQjMX0Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:54 2024 by rpki-client on console-ams.rpki-client.org