Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/CCNzXCadQ3fDe1ly7JHE3fQReLA.roa
File: CCNzXCadQ3fDe1ly7JHE3fQReLA.roa (raw, json)
Hash identifier: z9fvz4ijvQQlu3D4rvI8fURd+xAELIbSXeaM7zTKP/k=
Subject key identifier: 08:23:73:5C:26:9D:43:77:C3:7B:59:72:EC:91:C4:DD:F4:11:78:B0
Certificate issuer: /CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Certificate serial: 0188B92EFA413BD139B7FF463723FC609B7C
Authority key identifier: 41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/CCNzXCadQ3fDe1ly7JHE3fQReLA.roa
Signing time: Wed 14 Jun 2023 09:14:03 +0000
ROA not before: Wed 14 Jun 2023 09:14:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29014
IP address blocks: 195.177.233.0/24 maxlen: 24
195.177.232.0/23 maxlen: 24
193.41.116.0/23 maxlen: 24
45.139.156.0/22 maxlen: 24
93.92.130.0/23 maxlen: 23
93.92.132.0/24 maxlen: 24
93.92.128.0/23 maxlen: 23
93.92.128.0/21 maxlen: 24
93.92.134.0/23 maxlen: 23
93.92.133.0/24 maxlen: 24
185.8.8.0/24 maxlen: 24
185.8.8.0/22 maxlen: 24
85.158.0.0/24 maxlen: 24
85.158.0.0/22 maxlen: 24
85.158.4.0/23 maxlen: 23
85.158.7.0/24 maxlen: 24
85.158.6.0/24 maxlen: 24
194.126.239.0/24 maxlen: 24
2a00:12e8:f111::/48 maxlen: 48
2a00:12e8:600::/40 maxlen: 40
2a00:12e8::/40 maxlen: 40
2a00:12e8:500::/40 maxlen: 40
2a00:12e8:400::/40 maxlen: 40
2a00:12e8:100::/40 maxlen: 40
2a00:12e8:300::/40 maxlen: 40
2a00:12e8::/32 maxlen: 40
2a00:12e8:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:2e:fa:41:3b:d1:39:b7:ff:46:37:23:fc:60:9b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41b8c2f37bd8d7e04e76985a4ced4559d7651c43
Validity
Not Before: Jun 14 09:14:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0823735c269d4377c37b5972ec91c4ddf41178b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:25:4b:08:aa:ef:b0:e0:05:53:23:91:c8:1b:
72:e5:30:ca:cb:1d:d6:cb:3a:c3:2a:88:8f:da:c2:
bc:50:b6:9b:49:89:88:3b:57:94:f9:7d:40:41:68:
b1:1a:90:ce:cb:60:b4:f2:a1:17:e1:4c:a6:3d:67:
f5:dc:7f:6e:38:8c:d9:58:dd:4a:b3:3e:0e:9a:64:
76:00:fb:49:31:db:16:a7:c5:d4:41:e5:4a:e5:c7:
87:41:b1:50:d8:17:46:a0:13:bb:c2:c6:4c:a2:11:
92:d3:ea:4a:b4:08:88:4f:13:e8:42:a5:bc:29:b7:
00:20:86:94:d0:1d:c4:22:d1:56:e9:da:cb:fd:30:
5e:9e:d3:85:c0:bb:87:a8:d1:f0:b6:15:60:65:95:
f2:0a:b7:1a:5e:60:76:c2:0f:0c:4c:a6:46:7b:28:
ee:37:37:8f:b5:05:cc:9e:9e:ef:14:45:73:f1:75:
e6:df:16:dd:c1:5d:ad:4f:00:b0:ec:10:78:56:0e:
76:2e:4a:29:da:f3:ed:c5:80:ea:da:73:15:ba:67:
7d:98:12:2a:41:99:fb:fe:ae:2c:19:9e:4d:6d:31:
e8:6b:24:91:fc:70:47:46:59:e2:58:da:ca:6e:b6:
fa:eb:bf:0d:61:63:3f:a3:11:e2:2b:ea:ce:1e:d8:
3b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:23:73:5C:26:9D:43:77:C3:7B:59:72:EC:91:C4:DD:F4:11:78:B0
X509v3 Authority Key Identifier:
keyid:41:B8:C2:F3:7B:D8:D7:E0:4E:76:98:5A:4C:ED:45:59:D7:65:1C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbjC83vY1-BOdphaTO1FWddlHEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/CCNzXCadQ3fDe1ly7JHE3fQReLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/3e3b4b-f827-4347-9022-2818f6578d1b/1/QbjC83vY1-BOdphaTO1FWddlHEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.156.0/22
85.158.0.0/21
93.92.128.0/21
185.8.8.0/22
193.41.116.0/23
194.126.239.0/24
195.177.232.0/23
IPv6:
2a00:12e8::/32
Signature Algorithm: sha256WithRSAEncryption
3e:c0:45:13:a6:2c:e4:3e:fb:9d:99:51:ef:04:b6:28:61:23:
d7:9a:f2:6e:81:69:52:c4:8e:1e:d3:a1:b6:36:48:de:ab:1f:
ee:d1:f3:f6:4d:92:de:52:b0:d2:a5:58:a1:df:8c:78:6c:94:
ba:d4:1e:84:50:67:3e:84:d2:cd:78:2a:09:1d:6d:b3:a4:28:
0a:01:97:ae:e5:e2:0d:86:71:86:a6:fe:8f:82:00:33:32:e7:
2b:3b:ce:6e:47:db:f3:14:f7:c2:77:aa:1e:29:7c:16:10:10:
39:b9:db:ba:f1:0b:c1:0d:69:f7:16:33:2e:fd:ba:89:3f:47:
56:b5:dd:c4:54:98:37:38:44:5a:ba:f4:cb:11:3f:65:be:a5:
4a:10:09:d3:4a:69:83:93:b4:ba:57:54:96:2c:e6:f0:c3:d1:
ef:9c:1f:8f:69:45:cf:2d:10:c7:ac:cf:51:8e:30:1a:7b:b7:
da:ec:49:f4:e3:8e:56:39:bc:c3:ac:c4:c6:14:59:c4:17:0c:
ce:2f:15:40:0b:51:a8:81:c4:c3:69:b9:2b:cb:2f:71:47:cb:
34:65:ed:c5:28:9f:23:76:bd:17:76:bc:d2:b8:49:01:8c:26:
8b:0f:3a:6c:18:4a:96:97:df:f5:4d:a8:0d:0a:f5:ba:73:11:
69:39:bc:9a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYi5LvpBO9E5t/9GNyP8YJt8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYjhjMmYzN2JkOGQ3ZTA0ZTc2OTg1YTRjZWQ0NTU5ZDc2
NTFjNDMwHhcNMjMwNjE0MDkxNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODIzNzM1YzI2OWQ0Mzc3YzM3YjU5NzJlYzkxYzRkZGY0MTE3OGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyVLCKrvsOAFUyORyBty5TDKyx3W
yzrDKoiP2sK8ULabSYmIO1eU+X1AQWixGpDOy2C08qEX4UymPWf13H9uOIzZWN1K
sz4OmmR2APtJMdsWp8XUQeVK5ceHQbFQ2BdGoBO7wsZMohGS0+pKtAiITxPoQqW8
KbcAIIaU0B3EItFW6drL/TBentOFwLuHqNHwthVgZZXyCrcaXmB2wg8MTKZGeyju
NzePtQXMnp7vFEVz8XXm3xbdwV2tTwCw7BB4Vg52Lkop2vPtxYDq2nMVumd9mBIq
QZn7/q4sGZ5NbTHoaySR/HBHRlniWNrKbrb6678NYWM/oxHiK+rOHtg7qwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAgjc1wmnUN3w3tZcuyRxN30EXiwMB8GA1UdIwQY
MBaAFEG4wvN72NfgTnaYWkztRVnXZRxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjIt
MjgxOGY2NTc4ZDFiLzEvQ0NOelhDYWRRM2ZEZTFseTdKSEUzZlFSZUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zZTNiNGItZjgyNy00MzQ3LTkwMjItMjgxOGY2NTc4ZDFi
LzEvUWJqQzgzdlkxLUJPZHBoYVRPMUZXZGRsSEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLYucAwQD
VZ4AAwQDXVyAAwQCuQgIAwQBwSl0AwQAwn7vAwQBw7HoMA0EAgACMAcDBQAqABLo
MA0GCSqGSIb3DQEBCwUAA4IBAQA+wEUTpizkPvudmVHvBLYoYSPXmvJugWlSxI4e
06G2Nkjeqx/u0fP2TZLeUrDSpVih34x4bJS61B6EUGc+hNLNeCoJHW2zpCgKAZeu
5eINhnGGpv6PggAzMucrO85uR9vzFPfCd6oeKXwWEBA5udu68QvBDWn3FjMu/bqJ
P0dWtd3EVJg3OERauvTLET9lvqVKEAnTSmmDk7S6V1SWLObww9HvnB+PaUXPLRDH
rM9RjjAae7fa7En0445WObzDrMTGFFnEFwzOLxVAC1GogcTDabkryy9xR8s0Ze3F
KJ8jdr0XdrzSuEkBjCaLDzpsGEqWl9/1TagNCvW6cxFpObya
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:48 2024 by rpki-client on console-ams.rpki-client.org