Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/AvPHEhOC2nMt0a7sywHnZww_1og.roa
File: AvPHEhOC2nMt0a7sywHnZww_1og.roa (raw, json)
Hash identifier: CJUg1GFyEZ0DE6xbQXUxcQAy0Q4Q2dek4m6nac2ngI4=
Subject key identifier: 02:F3:C7:12:13:82:DA:73:2D:D1:AE:EC:CB:01:E7:67:0C:3F:D6:88
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 01857142D7FF38239BCD57C104DCB8D4731D
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/AvPHEhOC2nMt0a7sywHnZww_1og.roa
Signing time: Mon 02 Jan 2023 06:54:44 +0000
ROA not before: Mon 02 Jan 2023 06:54:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45031
IP address blocks: 91.206.142.0/23 maxlen: 23
185.80.92.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
128.127.64.0/21 maxlen: 24
195.225.133.0/24 maxlen: 24
178.250.168.0/21 maxlen: 24
93.90.176.0/20 maxlen: 24
195.42.120.0/23 maxlen: 24
37.218.248.0/21 maxlen: 24
84.254.120.0/24 maxlen: 24
188.64.42.0/24 maxlen: 24
188.64.44.0/23 maxlen: 23
188.64.40.0/22 maxlen: 22
193.25.114.0/23 maxlen: 23
192.162.84.0/22 maxlen: 24
195.34.82.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
91.226.88.0/22 maxlen: 22
195.110.42.0/23 maxlen: 24
89.22.96.0/19 maxlen: 19
81.88.16.0/21 maxlen: 21
194.116.186.0/23 maxlen: 24
81.88.24.0/22 maxlen: 22
5.44.96.0/22 maxlen: 22
2a00:fa40::/32 maxlen: 32
2a02:a60::/32 maxlen: 64
2a00:5300::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 07 Feb 2023 16:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:d7:ff:38:23:9b:cd:57:c1:04:dc:b8:d4:73:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 2 06:54:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02f3c7121382da732dd1aeeccb01e7670c3fd688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:98:43:b4:3c:de:b7:d2:6c:27:36:5a:af:5a:
51:13:c4:ec:23:a9:af:8b:ae:f7:7e:49:3c:81:0e:
d4:cb:6a:cd:4f:74:99:a5:f7:60:f8:09:75:19:48:
2a:84:36:04:ae:14:46:21:fd:76:52:7d:ae:b8:7e:
0a:0d:ea:bc:11:5a:d2:1f:b3:e2:c4:53:08:cb:5b:
5d:03:73:04:f6:01:48:58:d0:80:84:f6:59:ee:7d:
ca:cb:a8:f3:48:8d:fb:0a:82:e9:0c:bd:a7:91:3b:
0b:f7:bb:53:20:ef:2e:f3:7a:95:8d:a5:f4:d0:83:
79:ee:1f:7a:4f:08:cf:ea:d4:b9:e1:9f:ef:f5:35:
6a:fe:fd:d9:1b:49:f8:7e:52:75:e0:f0:73:47:87:
ec:57:9e:0c:ba:f7:17:48:6a:eb:0b:a7:c0:d8:5f:
62:b9:d5:22:37:49:62:0a:75:8e:1c:9e:74:6f:c1:
ab:df:87:35:c7:bc:80:5a:5a:16:cb:56:13:ad:ed:
7a:92:c6:92:de:df:9e:1f:09:40:64:47:e0:d1:80:
6b:99:3b:65:9b:95:d6:5c:cb:fa:1a:31:0d:55:93:
3b:22:20:04:4b:17:40:1f:3f:86:c8:99:19:1a:0c:
b6:80:60:aa:25:7c:c6:ab:f2:e4:49:f6:64:63:92:
ca:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F3:C7:12:13:82:DA:73:2D:D1:AE:EC:CB:01:E7:67:0C:3F:D6:88
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/AvPHEhOC2nMt0a7sywHnZww_1og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.96.0/22
5.44.108.0/22
37.218.248.0/21
81.88.16.0-81.88.27.255
84.254.120.0/24
89.22.96.0/19
91.206.142.0/23
91.220.49.0/24
91.226.88.0/22
93.90.176.0/20
128.127.64.0/21
178.250.168.0/21
185.80.92.0/22
188.64.40.0-188.64.45.255
192.162.84.0/22
193.25.114.0/23
194.116.186.0/23
195.34.82.0/23
195.42.120.0/23
195.110.42.0/23
195.225.133.0/24
IPv6:
2a00:5300::/32
2a00:fa40::/32
2a02:a60::/32
Signature Algorithm: sha256WithRSAEncryption
49:60:60:bf:56:8e:2e:aa:36:e0:8a:aa:a8:1b:ea:21:c6:b9:
bc:ff:14:c1:20:66:0f:be:1e:c0:d2:96:70:f7:30:a3:72:23:
bb:2a:c1:cf:68:44:3f:cf:c7:ed:04:f0:08:c9:1e:a1:46:d8:
44:63:30:85:17:98:65:fc:2e:d6:15:40:0b:83:d1:37:d1:69:
67:43:50:bb:22:6e:e9:30:b4:a0:72:da:f3:d9:29:40:03:41:
42:4b:d1:c2:73:8e:37:56:7a:c0:38:1b:b8:e9:37:f5:9e:43:
b2:50:36:37:a1:f3:bf:3d:2c:9a:9b:63:21:53:60:31:5c:15:
2c:29:8f:6b:db:f7:bb:82:c8:1f:a1:a3:33:5a:d9:61:84:61:
fc:43:32:4a:95:58:13:ec:d8:82:2e:11:85:40:a5:36:1d:80:
e0:b8:6f:88:1a:e1:c1:01:af:ee:88:21:06:b8:12:22:9f:39:
e4:fa:b2:88:cc:f1:98:10:0d:d7:b2:70:f1:7f:fa:d2:4b:75:
04:89:bc:26:16:ed:40:1a:6b:bf:e7:b0:2e:e8:41:01:40:aa:
99:af:88:81:7b:1d:96:a9:97:75:26:24:80:91:e8:ff:2f:29:
d7:ad:02:c1:cf:8e:44:83:71:ce:75:ef:60:41:0f:eb:1d:85:
24:67:6a:01
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYVxQtf/OCObzVfBBNy41HMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMwMTAyMDY1NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmYzYzcxMjEzODJkYTczMmRkMWFlZWNjYjAxZTc2NzBjM2ZkNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5hDtDzet9JsJzZar1pRE8TsI6mv
i673fkk8gQ7Uy2rNT3SZpfdg+Al1GUgqhDYErhRGIf12Un2uuH4KDeq8EVrSH7Pi
xFMIy1tdA3ME9gFIWNCAhPZZ7n3Ky6jzSI37CoLpDL2nkTsL97tTIO8u83qVjaX0
0IN57h96TwjP6tS54Z/v9TVq/v3ZG0n4flJ14PBzR4fsV54MuvcXSGrrC6fA2F9i
udUiN0liCnWOHJ50b8Gr34c1x7yAWloWy1YTre16ksaS3t+eHwlAZEfg0YBrmTtl
m5XWXMv6GjENVZM7IiAESxdAHz+GyJkZGgy2gGCqJXzGq/LkSfZkY5LKtQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFALzxxITgtpzLdGu7MsB52cMP9aIMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvQXZQSEVoT0Mybk10MGE3c3l3SG5ad3dfMW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBlQQCAAEwgY4DBAIF
LGADBAIFLGwDBAMl2vgwDAMEBFFYEAMEAlFYGAMEAFT+eAMEBVkWYAMEAVvOjgME
AFvcMQMEAlviWAMEBF1asAMEA4B/QAMEA7L6qAMEArlQXDAMAwQDvEAoAwQBvEAs
AwQCwKJUAwQBwRlyAwQBwnS6AwQBwyJSAwQBwyp4AwQBw24qAwQAw+GFMBsEAgAC
MBUDBQAqAFMAAwUAKgD6QAMFACoCCmAwDQYJKoZIhvcNAQELBQADggEBAElgYL9W
ji6qNuCKqqgb6iHGubz/FMEgZg++HsDSlnD3MKNyI7sqwc9oRD/Px+0E8AjJHqFG
2ERjMIUXmGX8LtYVQAuD0TfRaWdDULsibukwtKBy2vPZKUADQUJL0cJzjjdWesA4
G7jpN/WeQ7JQNjeh8789LJqbYyFTYDFcFSwpj2vb97uCyB+hozNa2WGEYfxDMkqV
WBPs2IIuEYVApTYdgOC4b4ga4cEBr+6IIQa4EiKfOeT6sojM8ZgQDdeycPF/+tJL
dQSJvCYW7UAaa7/nsC7oQQFAqpmviIF7HZapl3UmJICR6P8vKdetAsHPjkSDcc51
72BBD+sdhSRnagE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org