Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/e3IbIdwED39-_jO6apuI4Os-LXQ.roa
File: e3IbIdwED39-_jO6apuI4Os-LXQ.roa (raw, json)
Hash identifier: 9v+Z644IaR4NiMnXhPh5SAtSk51wJKfI/ObWNFsuy20=
Subject key identifier: 7B:72:1B:21:DC:04:0F:7F:7E:FE:33:BA:6A:9B:88:E0:EB:3E:2D:74
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 018CC727454ED60F278D22CA68657EEB9819
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/e3IbIdwED39-_jO6apuI4Os-LXQ.roa
Signing time: Mon 01 Jan 2024 22:31:28 +0000
ROA not before: Mon 01 Jan 2024 22:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39686
IP address blocks: 144.178.192.0/19 maxlen: 24
144.178.224.0/20 maxlen: 24
185.184.204.0/22 maxlen: 24
144.178.96.0/21 maxlen: 24
45.11.164.0/22 maxlen: 24
161.51.64.0/19 maxlen: 24
144.178.108.0/22 maxlen: 24
144.178.112.0/22 maxlen: 24
151.236.144.0/20 maxlen: 24
144.178.120.0/21 maxlen: 24
93.95.248.0/21 maxlen: 24
144.178.240.0/21 maxlen: 24
89.20.160.0/19 maxlen: 24
144.178.248.0/22 maxlen: 24
144.178.64.0/19 maxlen: 24
2a01:9bc0::/29 maxlen: 48
2a02:fe8::/32 maxlen: 48
2a02:fe9::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 23 Jan 2024 08:21:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:45:4e:d6:0f:27:8d:22:ca:68:65:7e:eb:98:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 1 22:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b721b21dc040f7f7efe33ba6a9b88e0eb3e2d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f8:ac:fb:21:a6:0b:b3:72:f8:d2:5a:49:36:
0f:8f:55:94:ee:14:dc:a1:f4:8b:b2:ea:6d:d6:53:
db:5e:d3:6a:92:e7:98:2d:32:32:e9:0b:23:ec:3f:
9b:d3:39:94:e6:83:dc:a0:01:ed:4c:79:f4:be:a8:
9d:ce:1f:56:c9:8b:91:08:0f:e2:cc:78:13:ed:68:
35:83:da:6f:a4:ff:1e:f8:2e:38:d1:89:a6:27:1f:
6a:69:5a:d1:75:35:ad:10:a4:1f:de:96:cd:43:d8:
13:19:30:14:01:a1:11:f6:16:7f:c8:61:4b:3c:51:
2b:6d:e2:26:a7:0a:6a:11:66:87:49:92:b1:e6:16:
a5:c1:37:ee:11:8d:e1:91:dd:4e:c8:e2:3c:38:04:
ae:ea:62:a5:ed:5d:f4:5b:fb:39:f5:48:d4:52:65:
26:8a:b7:c2:90:31:f8:1e:a5:09:68:96:9c:a3:79:
45:b4:c8:a7:b4:6b:8a:0e:b1:19:9b:e0:8b:0b:0d:
0e:6c:03:69:2f:9a:5b:c3:6f:73:ea:76:cb:7c:4c:
3c:a4:6f:ae:a1:c4:d1:5f:07:c8:79:20:89:47:ed:
c4:f8:b0:b3:3d:17:d1:29:1a:14:16:e3:16:e0:85:
05:4f:12:cc:d1:07:7a:db:7f:f7:82:c2:68:e5:6d:
6c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:72:1B:21:DC:04:0F:7F:7E:FE:33:BA:6A:9B:88:E0:EB:3E:2D:74
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/e3IbIdwED39-_jO6apuI4Os-LXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.164.0/22
89.20.160.0/19
93.95.248.0/21
144.178.64.0-144.178.103.255
144.178.108.0-144.178.115.255
144.178.120.0/21
144.178.192.0-144.178.251.255
151.236.144.0/20
161.51.64.0/19
185.184.204.0/22
IPv6:
2a01:9bc0::/29
2a02:fe8::/31
Signature Algorithm: sha256WithRSAEncryption
85:10:d2:ff:c9:5a:67:78:85:ff:28:f1:37:6f:cb:c2:c7:cf:
d5:92:d7:42:37:c0:47:8a:85:27:86:ed:4a:16:b2:5a:6a:f9:
1d:d6:dd:2c:b7:6e:ca:2b:85:41:4c:e3:63:51:03:a9:e2:51:
99:2d:eb:6f:6d:c4:bc:cf:d3:27:c7:11:d1:68:6f:d2:1b:05:
01:61:4d:45:a6:2b:a6:c5:0b:71:b8:92:7d:20:0d:8a:1b:ae:
a1:f1:36:ef:1c:6d:0b:10:9b:42:e2:b6:d6:ec:43:2f:87:18:
98:71:1f:e1:bf:74:3f:a2:86:1e:48:02:64:7d:bf:67:da:cc:
a5:56:5e:8e:9c:c0:db:83:60:b7:8f:de:1b:a9:c0:07:87:2b:
0b:e8:26:37:f0:90:79:13:06:f0:8e:19:62:b2:64:ec:9a:62:
22:00:d2:4a:c8:f3:07:8f:68:b8:2a:42:91:e1:7a:6b:ed:04:
28:22:ee:b4:15:db:b6:5b:e7:d7:7a:eb:70:9c:9a:54:2c:65:
cc:d2:f8:9e:60:24:43:05:a7:40:1c:7f:2c:ce:94:64:e1:95:
d7:88:e2:f4:81:e7:07:a3:13:2f:e4:1b:ac:93:dd:51:ad:86:
1f:4f:68:5b:ae:77:54:a0:2f:bf:cc:95:4a:c7:c5:b4:7b:55:
5f:4d:69:fe
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzHJ0VO1g8njSLKaGV+65gZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjU4MGUxOGFkNmZmOGRjOTQyYmU4ODNjMTZkZThiNzMx
Zjk2MDUwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjcyMWIyMWRjMDQwZjdmN2VmZTMzYmE2YTliODhlMGViM2UyZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPis+yGmC7Ny+NJaSTYPj1WU7hTc
ofSLsupt1lPbXtNqkueYLTIy6Qsj7D+b0zmU5oPcoAHtTHn0vqidzh9WyYuRCA/i
zHgT7Wg1g9pvpP8e+C440YmmJx9qaVrRdTWtEKQf3pbNQ9gTGTAUAaER9hZ/yGFL
PFErbeImpwpqEWaHSZKx5halwTfuEY3hkd1OyOI8OASu6mKl7V30W/s59UjUUmUm
irfCkDH4HqUJaJaco3lFtMintGuKDrEZm+CLCw0ObANpL5pbw29z6nbLfEw8pG+u
ocTRXwfIeSCJR+3E+LCzPRfRKRoUFuMW4IUFTxLM0Qd623/3gsJo5W1shwIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHtyGyHcBA9/fv4zumqbiODrPi10MB8GA1UdIwQY
MBaAFKhlgOGK1v+NyUK+iDwW3otzH5YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEt
MjM2ZTkyZmM2YTU5LzEvZTNJYklkd0VEMzktX2pPNmFwdUk0T3MtTFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lMjlkY2UtYTE3NC00Yjc3LTg5YWEtMjM2ZTkyZmM2YTU5
LzEvcUdXQTRZcldfNDNKUXI2SVBCYmVpM01mbGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAi0LpAME
BVkUoAMEA11f+DAMAwQGkLJAAwQDkLJgMAwDBAKQsmwDBAKQsnADBAOQsngwDAME
BpCywAMEApCy+AMEBJfskAMEBaEzQAMEArm4zDAUBAIAAjAOAwUDKgGbwAMFASoC
D+gwDQYJKoZIhvcNAQELBQADggEBAIUQ0v/JWmd4hf8o8Tdvy8LHz9WS10I3wEeK
hSeG7UoWslpq+R3W3Sy3bsorhUFM42NRA6niUZkt629txLzP0yfHEdFob9IbBQFh
TUWmK6bFC3G4kn0gDYobrqHxNu8cbQsQm0LittbsQy+HGJhxH+G/dD+ihh5IAmR9
v2fazKVWXo6cwNuDYLeP3hupwAeHKwvoJjfwkHkTBvCOGWKyZOyaYiIA0krI8weP
aLgqQpHhemvtBCgi7rQV27Zb59d663CcmlQsZczS+J5gJEMFp0AcfyzOlGThldeI
4vSB5wejEy/kG6yT3VGthh9PaFuud1SgL7/MlUrHxbR7VV9Naf4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:35 2024 by rpki-client on console-ams.rpki-client.org