Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4K9CibPj2wDXxR3je6VNaGOa754.roa
File: 4K9CibPj2wDXxR3je6VNaGOa754.roa (raw, json)
Hash identifier: NVCAOYfq06iuf47Noo3gqE2H4QkCnK/4U3FDNElBz4E=
Subject key identifier: E0:AF:42:89:B3:E3:DB:00:D7:C5:1D:E3:7B:A5:4D:68:63:9A:EF:9E
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018E66E3BE2C5836CEA42D40C62AA898CC38
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4K9CibPj2wDXxR3je6VNaGOa754.roa
Signing time: Fri 22 Mar 2024 15:59:45 +0000
ROA not before: Fri 22 Mar 2024 15:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Apr 2024 19:34:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:e3:be:2c:58:36:ce:a4:2d:40:c6:2a:a8:98:cc:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 22 15:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0af4289b3e3db00d7c51de37ba54d68639aef9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:56:11:6b:5e:d2:f3:c2:2b:e3:b4:95:d4:
36:50:b0:0a:d1:71:75:8f:f9:19:a9:e1:e2:53:fd:
e4:56:bd:56:38:d6:56:3f:9a:72:63:ff:d4:33:52:
80:fe:e9:3c:73:2e:16:e2:f7:0c:b7:88:ae:e8:f8:
50:3e:b2:f3:9e:25:b4:3b:06:98:42:ca:10:7a:b3:
e2:cb:ba:38:ee:6b:db:5f:46:e0:8b:73:80:94:b0:
da:a3:dc:1e:84:cb:d3:12:9c:fb:bc:91:ac:e2:16:
aa:a1:b3:5f:91:3a:8f:11:fb:52:71:56:b2:5d:ad:
b5:e4:b5:2c:19:ec:b0:79:65:03:69:b6:9e:55:b5:
a1:86:e3:ae:5b:45:08:e0:ad:40:42:13:3f:e6:31:
2e:37:2f:b1:5e:9b:64:09:53:9c:b5:0d:9c:2f:68:
5c:c2:a9:0b:4c:ab:ce:70:2a:b0:d7:63:c3:fb:3e:
47:0c:f6:96:69:7e:5f:8d:cf:a6:80:63:82:94:28:
d6:07:b0:8f:d4:4b:60:04:1b:3c:b7:38:fe:c0:25:
72:da:e7:c4:35:1e:d2:34:a3:4d:3f:b0:55:07:74:
d5:0f:82:70:3c:98:c2:50:d8:51:d4:89:cc:45:0a:
24:51:57:7d:16:d8:80:2a:6e:0d:3a:9c:29:3d:65:
1a:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AF:42:89:B3:E3:DB:00:D7:C5:1D:E3:7B:A5:4D:68:63:9A:EF:9E
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4K9CibPj2wDXxR3je6VNaGOa754.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0/24
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
22:19:90:68:90:fb:5e:7a:98:36:af:55:48:b8:6e:1c:59:36:
34:9c:bc:9c:65:0b:23:51:cd:e8:85:4f:b7:2e:25:e9:28:5e:
c0:39:66:4b:ea:de:ad:85:e5:11:9f:11:dc:02:f0:eb:4f:13:
3d:dc:fc:8f:5b:68:cb:e4:a1:0f:75:b4:82:65:a2:96:12:9c:
8a:80:df:27:4c:19:86:00:a2:c0:62:09:1b:77:33:c8:c8:2b:
b0:8a:5c:2d:41:63:9b:a3:fe:29:c4:f5:24:fc:0c:05:bd:40:
4a:48:84:64:89:39:ec:84:72:ad:dd:f1:91:8b:4d:b3:1d:71:
3c:5c:10:8a:58:6f:44:eb:32:a9:c3:d8:dc:fb:1d:6d:12:65:
d0:70:97:0a:33:34:ee:86:90:8e:7c:af:b0:31:37:df:0e:f7:
0b:49:7f:f3:be:dc:2c:c2:c3:d8:5a:53:fb:23:35:da:2a:0f:
1f:3d:51:dd:95:d7:bd:e0:fe:8a:d8:25:69:cd:6e:73:fa:7c:
34:1a:56:e7:ee:b7:2b:5d:8d:fc:1d:a6:33:6f:c0:eb:2d:fe:
f1:83:64:bb:2d:41:98:92:ce:d7:ca:bf:a4:81:e6:3c:7a:a3:
6e:d3:1e:fc:da:91:56:ed:61:77:8d:47:50:2b:1b:da:2a:5c:
53:aa:e0:c1
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAY5m474sWDbOpC1AxiqomMw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMzIyMTU1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGFmNDI4OWIzZTNkYjAwZDdjNTFkZTM3YmE1NGQ2ODYzOWFlZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6JWEWte0vPCK+O0ldQ2ULAK0XF1
j/kZqeHiU/3kVr1WONZWP5pyY//UM1KA/uk8cy4W4vcMt4iu6PhQPrLzniW0OwaY
QsoQerPiy7o47mvbX0bgi3OAlLDao9wehMvTEpz7vJGs4haqobNfkTqPEftScVay
Xa215LUsGeyweWUDabaeVbWhhuOuW0UI4K1AQhM/5jEuNy+xXptkCVOctQ2cL2hc
wqkLTKvOcCqw12PD+z5HDPaWaX5fjc+mgGOClCjWB7CP1EtgBBs8tzj+wCVy2ufE
NR7SNKNNP7BVB3TVD4JwPJjCUNhR1InMRQokUVd9FtiAKm4NOpwpPWUaLwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFOCvQomz49sA18Ud43ulTWhjmu+eMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNEs5Q2liUGoyd0RYeFIzamU2Vk5hR09hNzU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBoQQCAAEwgZoDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrADBABo
6CQDBACTTs8DBACi2l0DBAG5NIoDBAC5ob4DBAG5u9YwDAMEALnGWQMEArnGWAME
ALnJKgMEALnNzDAMAwQDudCYAwQAudCaAwQAueZ5AwQBuf14AwQAwJFGAwQA1DwN
AwQA2cWqMCwEAgACMCYDBwAqCo9AAAMwEgMHACoKj0AABwMHACoKj0AADAMHACoK
j0AAHDANBgkqhkiG9w0BAQsFAAOCAQEAIhmQaJD7XnqYNq9VSLhuHFk2NJy8nGUL
I1HN6IVPty4l6ShewDlmS+rerYXlEZ8R3ALw608TPdz8j1toy+ShD3W0gmWilhKc
ioDfJ0wZhgCiwGIJG3czyMgrsIpcLUFjm6P+KcT1JPwMBb1ASkiEZIk57IRyrd3x
kYtNsx1xPFwQilhvROsyqcPY3PsdbRJl0HCXCjM07oaQjnyvsDE33w73C0l/877c
LMLD2FpT+yM12ioPHz1R3ZXXveD+itglac1uc/p8NBpW5+63K12N/B2mM2/A6y3+
8YNkuy1BmJLO18q/pIHmPHqjbtMe/NqRVu1hd41HUCsb2ipcU6rgwQ==
-----END CERTIFICATE-----
Generated at Wed Apr 17 21:32:35 2024 by rpki-client on console-ams.rpki-client.org