Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0-_wax49PSsvc4vTcTDnbJQ45sg.roa
File: 0-_wax49PSsvc4vTcTDnbJQ45sg.roa (raw, json)
Hash identifier: o8xbviexIk+SbjDztHKSC2jGeqeSeCXQ3AlR1HATUrk=
Subject key identifier: D3:EF:F0:6B:1E:3D:3D:2B:2F:73:8B:D3:71:30:E7:6C:94:38:E6:C8
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 018CC6B810168D4D003B8325AF439FB1C81C
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0-_wax49PSsvc4vTcTDnbJQ45sg.roa
Signing time: Mon 01 Jan 2024 20:30:00 +0000
ROA not before: Mon 01 Jan 2024 20:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24852
IP address blocks: 213.164.112.0/22 maxlen: 22
88.223.96.0/22 maxlen: 22
213.164.116.0/23 maxlen: 23
213.164.118.0/24 maxlen: 24
88.223.104.0/21 maxlen: 21
84.55.0.0/18 maxlen: 18
88.223.112.0/20 maxlen: 20
88.223.128.0/22 maxlen: 22
84.55.32.0/24 maxlen: 24
84.55.33.0/24 maxlen: 24
84.55.34.0/23 maxlen: 23
84.55.36.0/23 maxlen: 23
88.223.144.0/21 maxlen: 21
213.164.96.0/20 maxlen: 20
79.132.160.0/19 maxlen: 19
88.223.152.0/24 maxlen: 24
84.55.48.0/21 maxlen: 21
88.223.153.0/24 maxlen: 24
88.223.160.0/20 maxlen: 20
84.55.56.0/23 maxlen: 23
84.55.58.0/23 maxlen: 23
84.55.60.0/23 maxlen: 23
84.55.62.0/23 maxlen: 23
95.173.32.0/19 maxlen: 19
88.223.192.0/19 maxlen: 19
88.222.0.0/15 maxlen: 15
185.104.176.0/22 maxlen: 22
217.147.41.0/24 maxlen: 24
217.147.44.0/23 maxlen: 23
217.147.40.0/24 maxlen: 24
217.147.46.0/24 maxlen: 24
217.147.47.0/24 maxlen: 24
88.223.0.0/18 maxlen: 18
217.147.34.0/24 maxlen: 24
217.147.35.0/24 maxlen: 24
217.147.36.0/23 maxlen: 23
217.147.38.0/24 maxlen: 24
217.147.32.0/20 maxlen: 20
2a01:7c80::/32 maxlen: 32
2a01:7c80::/33 maxlen: 33
Validation: Failed, certificate revoked on Tue 26 Mar 2024 12:14:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:10:16:8d:4d:00:3b:83:25:af:43:9f:b1:c8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jan 1 20:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3eff06b1e3d3d2b2f738bd37130e76c9438e6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:fe:3e:43:bf:23:af:b1:16:7d:8a:75:08:04:
a3:40:c9:86:ed:48:aa:78:9e:d9:13:f8:f2:85:86:
0e:4e:e5:76:47:3d:55:ad:82:64:11:3f:f1:b8:4b:
cc:2c:e8:27:b3:bc:67:4e:54:93:9e:06:7f:08:39:
5d:b8:f9:36:9e:5f:a8:6d:f4:4a:5c:95:c6:f0:2e:
fc:c1:f2:46:53:02:91:15:df:8c:b6:b5:a0:8b:85:
d8:2d:06:08:49:dd:31:55:f2:3d:56:e4:6c:8c:e9:
7c:77:e4:38:7e:7b:10:3e:bf:79:71:a9:d8:4f:58:
d0:19:80:6a:8e:b7:7c:89:ad:b7:6e:c6:e3:1d:4b:
ce:49:06:8c:9a:3e:e5:ce:0e:af:42:95:b1:91:08:
00:5c:0e:74:e1:24:2d:cb:51:1d:9d:59:a6:11:ea:
01:08:73:7a:0d:4e:91:d6:f4:3f:1d:c4:3a:96:db:
ab:39:cf:38:a3:5a:d3:ec:44:85:0b:ce:ad:6a:ff:
65:cb:11:8b:03:c8:c4:10:1f:91:37:24:e6:ee:55:
ea:d2:b3:cd:bb:9e:e9:21:85:e9:a2:72:39:df:3f:
63:80:63:7a:c4:25:48:78:d5:ce:1c:cc:49:bf:27:
99:99:96:bf:45:b2:67:e5:ef:6e:31:04:9f:0d:25:
24:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:EF:F0:6B:1E:3D:3D:2B:2F:73:8B:D3:71:30:E7:6C:94:38:E6:C8
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/0-_wax49PSsvc4vTcTDnbJQ45sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.160.0/19
84.55.0.0/18
88.222.0.0/15
95.173.32.0/19
185.104.176.0/22
213.164.96.0-213.164.118.255
217.147.32.0/20
IPv6:
2a01:7c80::/32
Signature Algorithm: sha256WithRSAEncryption
08:fa:58:0c:3d:f7:ac:60:69:58:6a:c7:b2:6a:56:01:c3:d3:
38:e1:c0:05:d9:1f:ee:fa:50:40:86:03:67:ce:0a:ac:f4:ca:
9d:ea:34:1b:4a:59:ff:07:f1:cf:28:10:5e:6a:5c:52:72:b0:
7f:7d:a3:1f:bf:a0:02:14:90:b8:47:03:af:39:32:74:90:c3:
2e:e3:db:da:b8:33:ca:ca:2b:0b:cb:48:b4:dc:02:cf:e0:2b:
a8:d3:48:0d:bd:08:bd:ab:38:45:3b:6e:74:14:20:eb:e9:1d:
a1:af:9f:38:7d:c2:20:39:ad:e0:c8:23:12:89:cd:24:58:2f:
ae:95:f2:7f:b4:d8:0b:ee:a2:6d:e4:70:3c:93:91:12:0e:e8:
88:90:da:4b:5a:eb:42:b5:29:c3:7f:a3:70:6e:6a:1f:05:39:
ea:cd:b8:0a:a2:0e:dd:fb:7b:65:52:7c:9a:51:58:9a:c0:47:
3d:93:b3:54:a0:0a:d6:00:4a:7d:74:fc:63:13:6c:38:5d:6a:
43:83:34:30:6f:25:fd:a3:9b:fd:dc:86:83:04:de:51:01:8c:
3f:81:99:99:ea:76:e9:1c:fe:b8:a4:ba:8e:39:58:69:2b:05:
4d:48:e4:03:4e:70:e0:fb:4b:e5:7f:a3:ec:ce:b6:4f:e4:40:
ad:58:3c:47
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzGuBAWjU0AO4Mlr0OfscgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjQwMTAxMjAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2VmZjA2YjFlM2QzZDJiMmY3MzhiZDM3MTMwZTc2Yzk0MzhlNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv4+Q78jr7EWfYp1CASjQMmG7Uiq
eJ7ZE/jyhYYOTuV2Rz1VrYJkET/xuEvMLOgns7xnTlSTngZ/CDlduPk2nl+obfRK
XJXG8C78wfJGUwKRFd+MtrWgi4XYLQYISd0xVfI9VuRsjOl8d+Q4fnsQPr95canY
T1jQGYBqjrd8ia23bsbjHUvOSQaMmj7lzg6vQpWxkQgAXA504SQty1EdnVmmEeoB
CHN6DU6R1vQ/HcQ6lturOc84o1rT7ESFC86tav9lyxGLA8jEEB+RNyTm7lXq0rPN
u57pIYXponI53z9jgGN6xCVIeNXOHMxJvyeZmZa/RbJn5e9uMQSfDSUkJwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNPv8GsePT0rL3OL03Ew52yUOObIMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvMC1fd2F4NDlQU3N2YzR2VGNURG5iSlE0NXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQFT4SgAwQG
VDcAAwMBWN4DBAVfrSADBAK5aLAwDAMEBdWkYAMEANWkdgMEBNmTIDANBAIAAjAH
AwUAKgF8gDANBgkqhkiG9w0BAQsFAAOCAQEACPpYDD33rGBpWGrHsmpWAcPTOOHA
Bdkf7vpQQIYDZ84KrPTKneo0G0pZ/wfxzygQXmpcUnKwf32jH7+gAhSQuEcDrzky
dJDDLuPb2rgzysorC8tItNwCz+ArqNNIDb0Ivas4RTtudBQg6+kdoa+fOH3CIDmt
4MgjEonNJFgvrpXyf7TYC+6ibeRwPJOREg7oiJDaS1rrQrUpw3+jcG5qHwU56s24
CqIO3ft7ZVJ8mlFYmsBHPZOzVKAK1gBKfXT8YxNsOF1qQ4M0MG8l/aOb/dyGgwTe
UQGMP4GZmep26Rz+uKS6jjlYaSsFTUjkA05w4PtL5X+j7M62T+RArVg8Rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org