Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/K3aBKnuK4KC0w6curKs2zVG6ys4.roa
File: K3aBKnuK4KC0w6curKs2zVG6ys4.roa (raw, json)
Hash identifier: bxkzJtZmCR0I0RorOPlrKycaBnDrAqXVuaXaCAQWElA=
Subject key identifier: 2B:76:81:2A:7B:8A:E0:A0:B4:C3:A7:2E:AC:AB:36:CD:51:BA:CA:CE
Certificate issuer: /CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Certificate serial: 018B479989E0F17A2398B707B9D989F60B22
Authority key identifier: A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/K3aBKnuK4KC0w6curKs2zVG6ys4.roa
Signing time: Thu 19 Oct 2023 11:02:06 +0000
ROA not before: Thu 19 Oct 2023 11:02:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48854
IP address blocks: 185.134.28.0/22 maxlen: 22
195.178.14.0/23 maxlen: 23
80.70.0.0/23 maxlen: 23
185.21.40.0/22 maxlen: 22
80.70.6.0/23 maxlen: 23
80.70.5.0/24 maxlen: 24
80.70.7.0/24 maxlen: 24
212.97.132.0/22 maxlen: 22
212.97.143.0/24 maxlen: 24
212.97.140.0/24 maxlen: 24
212.97.140.0/22 maxlen: 22
212.97.142.0/24 maxlen: 24
212.97.141.0/24 maxlen: 24
94.143.8.0/21 maxlen: 21
93.191.152.0/21 maxlen: 21
93.191.152.0/22 maxlen: 22
217.61.236.0/22 maxlen: 22
93.191.156.0/24 maxlen: 24
93.191.158.0/24 maxlen: 24
93.191.157.0/24 maxlen: 24
89.188.72.0/21 maxlen: 21
185.25.142.0/24 maxlen: 24
185.25.141.0/24 maxlen: 24
185.25.143.0/24 maxlen: 24
94.231.96.0/20 maxlen: 20
94.231.103.0/24 maxlen: 24
185.223.24.0/22 maxlen: 22
185.221.36.0/22 maxlen: 22
212.237.248.0/23 maxlen: 23
194.150.112.0/22 maxlen: 22
185.20.204.0/22 maxlen: 22
185.20.205.0/24 maxlen: 24
185.20.206.0/23 maxlen: 23
2a06:eac0::/29 maxlen: 48
2a03:2740::/47 maxlen: 48
2a02:2338::/32 maxlen: 48
2a02:2339:4000::/34 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Oct 2023 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:47:99:89:e0:f1:7a:23:98:b7:07:b9:d9:89:f6:0b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4e7205f5d41257a6bb95f900eec0a1123e75164
Validity
Not Before: Oct 19 11:02:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b76812a7b8ae0a0b4c3a72eacab36cd51bacace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d2:f0:7e:79:c9:df:f9:17:3e:4f:0d:af:82:
d8:6b:1d:b7:18:39:6d:1d:43:5e:e0:45:55:e4:1a:
cb:5a:74:7f:1e:43:09:1d:ae:f3:04:c7:a5:1a:f8:
04:68:2e:b0:ce:18:e2:a4:be:b4:bd:c6:1c:09:65:
f8:14:91:d8:74:d6:ab:33:47:68:b3:bb:ea:cf:2a:
93:60:08:42:d6:61:4d:bf:e4:45:ed:d9:2e:0c:1c:
f1:d9:d9:85:15:dd:fa:ee:07:9c:d9:9b:d2:b4:6d:
1b:82:f8:c2:0a:83:28:da:c6:d7:24:81:36:75:33:
c8:fa:cf:cb:83:95:f5:a2:09:ca:e6:c4:b0:b2:ed:
d6:7f:6a:fb:b8:1a:8c:bf:b3:34:54:2f:29:70:db:
89:d7:2a:b2:cd:f3:79:1c:ff:79:79:48:de:85:ef:
c0:d2:64:3d:99:70:0e:7c:ee:aa:ef:f7:39:b8:9b:
05:da:ae:ea:47:eb:af:20:2d:a5:10:fc:2c:1e:41:
55:c5:70:99:b0:84:17:56:fb:d8:25:17:22:c2:56:
80:bd:7b:aa:0a:32:cd:96:cd:fa:e5:aa:81:81:7c:
ff:b3:70:fd:8e:f5:06:f4:1d:2f:09:3e:43:1c:49:
c5:54:f1:76:3f:55:e9:53:75:ab:f3:38:e2:7c:1c:
e8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:76:81:2A:7B:8A:E0:A0:B4:C3:A7:2E:AC:AB:36:CD:51:BA:CA:CE
X509v3 Authority Key Identifier:
keyid:A4:E7:20:5F:5D:41:25:7A:6B:B9:5F:90:0E:EC:0A:11:23:E7:51:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOcgX11BJXpruV-QDuwKESPnUWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/K3aBKnuK4KC0w6curKs2zVG6ys4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f761bd-5c3a-4d2f-8cd9-3e59ce445b1c/1/pOcgX11BJXpruV-QDuwKESPnUWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.0.0/23
80.70.5.0-80.70.7.255
89.188.72.0/21
93.191.152.0/21
94.143.8.0/21
94.231.96.0/20
185.20.204.0/22
185.21.40.0/22
185.25.141.0-185.25.143.255
185.134.28.0/22
185.221.36.0/22
185.223.24.0/22
194.150.112.0/22
195.178.14.0/23
212.97.132.0/22
212.97.140.0/22
212.237.248.0/23
217.61.236.0/22
IPv6:
2a02:2338::/32
2a02:2339:4000::/34
2a03:2740::/47
2a06:eac0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:3a:1f:f9:f8:96:fd:22:43:24:f1:c4:31:1a:82:c7:8c:20:
cf:85:e0:4a:b6:88:af:b0:b3:69:31:58:b3:84:3f:dd:b7:e0:
9d:e7:ba:ce:8a:28:a6:3b:9f:f8:e7:7f:fb:ac:b3:91:c4:d5:
fc:c0:f6:ad:9d:d6:39:c6:6f:51:02:57:18:17:06:3f:d0:38:
30:cd:d7:63:38:95:1e:fe:92:d4:65:2d:07:13:f0:6b:7a:2d:
a2:e4:24:88:3f:85:cd:cb:81:02:07:a9:ff:e2:b1:5b:2a:bc:
dc:2a:a8:64:e9:be:96:67:77:06:e7:8c:ef:95:bf:bf:53:7a:
83:00:32:06:db:4e:cd:9b:a4:b9:53:7e:48:62:a3:9b:78:20:
54:33:5a:3f:d1:59:ce:6b:55:66:5f:9f:4c:6a:cb:47:a7:65:
2c:30:a5:0a:14:f4:68:b9:3c:6f:cf:5e:52:38:33:fd:e4:02:
a4:1a:db:ff:ee:e6:c0:17:ef:b1:78:52:62:f3:db:aa:b4:60:
21:0f:bd:37:94:25:22:b6:60:81:6c:26:3d:61:7e:47:c0:22:
3a:d3:c3:2d:b9:ec:e0:5d:16:87:3e:51:c5:78:06:cf:7f:49:
9c:36:76:5c:da:a2:15:f3:26:9a:b5:11:16:31:1e:5a:2e:c1:
66:b7:0b:f6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAYtHmYng8XojmLcHudmJ9gsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZTcyMDVmNWQ0MTI1N2E2YmI5NWY5MDBlZWMwYTExMjNl
NzUxNjQwHhcNMjMxMDE5MTEwMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc2ODEyYTdiOGFlMGEwYjRjM2E3MmVhY2FiMzZjZDUxYmFjYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtLwfnnJ3/kXPk8Nr4LYax23GDlt
HUNe4EVV5BrLWnR/HkMJHa7zBMelGvgEaC6wzhjipL60vcYcCWX4FJHYdNarM0do
s7vqzyqTYAhC1mFNv+RF7dkuDBzx2dmFFd367gec2ZvStG0bgvjCCoMo2sbXJIE2
dTPI+s/Lg5X1ognK5sSwsu3Wf2r7uBqMv7M0VC8pcNuJ1yqyzfN5HP95eUjehe/A
0mQ9mXAOfO6q7/c5uJsF2q7qR+uvIC2lEPwsHkFVxXCZsIQXVvvYJRciwlaAvXuq
CjLNls365aqBgXz/s3D9jvUG9B0vCT5DHEnFVPF2P1XpU3Wr8zjifBzopQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFCt2gSp7iuCgtMOnLqyrNs1RusrOMB8GA1UdIwQY
MBaAFKTnIF9dQSV6a7lfkA7sChEj51FkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDkt
M2U1OWNlNDQ1YjFjLzEvSzNhQktudUs0S0MwdzZjdXJLczJ6Vkc2eXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNzYxYmQtNWMzYS00ZDJmLThjZDktM2U1OWNlNDQ1YjFj
LzEvcE9jZ1gxMUJKWHBydVYtUUR1d0tFU1BuVVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBggQCAAEwfAMEAVBG
ADAMAwQAUEYFAwQDUEYAAwQDWbxIAwQDXb+YAwQDXo8IAwQEXudgAwQCuRTMAwQC
uRUoMAwDBAC5GY0DBAS5GYADBAK5hhwDBAK53SQDBAK53xgDBALClnADBAHDsg4D
BALUYYQDBALUYYwDBAHU7fgDBALZPewwJQQCAAIwHwMFACoCIzgDBgYqAiM5QAMH
ASoDJ0AAAAMFAyoG6sAwDQYJKoZIhvcNAQELBQADggEBAKY6H/n4lv0iQyTxxDEa
gseMIM+F4Eq2iK+ws2kxWLOEP9234J3nus6KKKY7n/jnf/uss5HE1fzA9q2d1jnG
b1ECVxgXBj/QODDN12M4lR7+ktRlLQcT8Gt6LaLkJIg/hc3LgQIHqf/isVsqvNwq
qGTpvpZndwbnjO+Vv79TeoMAMgbbTs2bpLlTfkhio5t4IFQzWj/RWc5rVWZfn0xq
y0enZSwwpQoU9Gi5PG/PXlI4M/3kAqQa2//u5sAX77F4UmLz26q0YCEPvTeUJSK2
YIFsJj1hfkfAIjrTwy257OBdFoc+UcV4Bs9/SZw2dlzaohXzJpq1ERYxHlouwWa3
C/Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:51 2024 by rpki-client on console-ams.rpki-client.org