Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/fCq0yBPGcyDvBjAWUTYLjxGHlbw.roa
File: fCq0yBPGcyDvBjAWUTYLjxGHlbw.roa (raw, json)
Hash identifier: eTZMgvhFfseC4ekOXnOsuV5tJ7r3Xpc7/dYKa3o4mv4=
Subject key identifier: 7C:2A:B4:C8:13:C6:73:20:EF:06:30:16:51:36:0B:8F:11:87:95:BC
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018CC8713020F12A60B073DB27D33436CCBF
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/fCq0yBPGcyDvBjAWUTYLjxGHlbw.roa
Signing time: Tue 02 Jan 2024 04:31:50 +0000
ROA not before: Tue 02 Jan 2024 04:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34177
IP address blocks: 185.132.116.0/22 maxlen: 22
83.142.144.0/21 maxlen: 21
91.90.96.0/21 maxlen: 21
62.193.32.0/19 maxlen: 19
82.210.0.0/19 maxlen: 19
78.31.40.0/21 maxlen: 21
83.118.192.0/19 maxlen: 19
80.245.16.0/20 maxlen: 20
178.16.160.0/20 maxlen: 20
176.57.32.0/21 maxlen: 21
95.141.96.0/20 maxlen: 20
194.213.124.0/23 maxlen: 23
82.210.32.0/19 maxlen: 19
94.228.176.0/20 maxlen: 20
185.213.160.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
5.133.68.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
212.106.96.0/19 maxlen: 19
185.18.208.0/22 maxlen: 22
195.15.128.0/18 maxlen: 18
185.5.108.0/22 maxlen: 22
185.81.52.0/22 maxlen: 22
62.244.84.0/22 maxlen: 22
62.244.88.0/23 maxlen: 23
62.244.86.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
195.49.132.0/22 maxlen: 22
159.180.224.0/19 maxlen: 19
185.4.44.0/22 maxlen: 22
78.109.240.0/20 maxlen: 20
185.41.4.0/22 maxlen: 22
2001:ab8::/29 maxlen: 32
2a01:4e00::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 19 Mar 2024 17:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:30:20:f1:2a:60:b0:73:db:27:d3:34:36:cc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jan 2 04:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c2ab4c813c67320ef06301651360b8f118795bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:36:3e:9e:0e:c3:b0:7e:ec:8f:04:d9:73:ef:
f4:9c:21:3a:a1:a0:c2:57:a5:5c:6b:de:11:87:f3:
c8:7c:f6:ca:fa:a6:23:78:fb:04:2e:4c:ea:81:b8:
1d:2c:ce:44:ec:cc:2e:61:3d:b3:ca:e1:cc:80:1c:
39:18:ab:d5:56:59:a4:71:81:ea:c2:8c:03:07:5b:
7c:c3:06:6d:d7:e7:bd:5f:7a:38:1f:03:39:96:de:
c0:e2:95:0e:c7:3d:79:0e:44:a6:ba:f8:2b:0e:71:
20:82:cf:e0:9e:71:84:0d:4a:fd:6a:54:96:43:b6:
5f:43:d5:ea:eb:0d:b1:16:7c:40:85:32:e8:c6:0a:
cd:65:a9:f2:a4:31:c9:eb:6d:12:ed:cd:4a:66:76:
31:be:cf:d3:91:3a:d1:1d:e6:c3:8a:50:1b:f7:e1:
b8:c7:49:86:83:ea:c2:c8:cd:f3:b0:aa:4d:6c:f0:
6e:84:71:bd:98:ab:2f:49:4f:2a:a7:a6:6b:82:18:
51:54:69:bd:33:fb:46:4c:a8:e6:ab:58:93:3f:31:
fb:b0:3e:b5:53:e1:8f:ce:09:53:dd:1d:51:26:64:
72:3f:7d:55:b9:d8:54:66:3c:81:f0:a2:62:c0:c7:
17:df:41:ec:48:6d:5d:53:f1:1a:61:f0:3e:3f:e9:
14:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2A:B4:C8:13:C6:73:20:EF:06:30:16:51:36:0B:8F:11:87:95:BC
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/fCq0yBPGcyDvBjAWUTYLjxGHlbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.81.52.0/22
185.132.116.0/22
185.213.160.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a01:4e00::/32
Signature Algorithm: sha256WithRSAEncryption
51:b2:b3:c4:ad:3d:14:5a:6c:39:6e:11:10:cd:81:c3:88:32:
95:26:54:ad:44:43:30:58:bb:b7:46:0c:8a:bc:06:3b:b4:de:
93:08:15:32:da:51:ab:a9:9f:cf:02:70:a2:60:29:e4:59:5d:
c7:0d:4b:45:79:23:4f:7f:da:3c:e7:e2:54:67:f5:d0:1d:00:
ed:9e:1a:68:12:77:1e:35:16:00:c8:0f:f2:8b:d5:4c:13:02:
f9:80:bc:13:44:35:d8:04:49:4e:52:37:97:8e:19:37:03:05:
ab:08:3a:39:f4:8e:77:4a:fe:5e:3d:cd:e6:fb:6c:9d:80:bd:
36:23:89:8d:12:64:80:7d:21:57:2b:a0:fb:04:d0:cb:02:7d:
4c:1e:24:57:b2:53:e4:14:19:05:1c:b4:c0:ca:24:ef:11:5a:
bc:82:0e:c2:70:5b:6e:f2:2f:4b:7d:2a:c6:7d:f0:59:ed:5e:
56:d1:5f:b7:bb:f5:24:1b:e3:14:4a:4a:8c:86:5b:07:f1:68:
de:01:f3:bc:41:98:df:01:64:47:76:8e:69:d6:0e:d5:8c:4e:
9a:b5:cc:80:14:48:0f:27:63:24:c7:42:94:fb:3c:55:94:97:
5e:57:f3:7d:bf:63:f5:02:bc:ca:90:d0:36:fc:d0:94:79:cb:
e4:fe:70:90
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYzIcTAg8SpgsHPbJ9M0Nsy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjQwMTAyMDQzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJhYjRjODEzYzY3MzIwZWYwNjMwMTY1MTM2MGI4ZjExODc5NWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDY+ng7DsH7sjwTZc+/0nCE6oaDC
V6Vca94Rh/PIfPbK+qYjePsELkzqgbgdLM5E7MwuYT2zyuHMgBw5GKvVVlmkcYHq
wowDB1t8wwZt1+e9X3o4HwM5lt7A4pUOxz15DkSmuvgrDnEggs/gnnGEDUr9alSW
Q7ZfQ9Xq6w2xFnxAhTLoxgrNZanypDHJ620S7c1KZnYxvs/TkTrRHebDilAb9+G4
x0mGg+rCyM3zsKpNbPBuhHG9mKsvSU8qp6ZrghhRVGm9M/tGTKjmq1iTPzH7sD61
U+GPzglT3R1RJmRyP31VudhUZjyB8KJiwMcX30HsSG1dU/EaYfA+P+kUcQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFHwqtMgTxnMg7wYwFlE2C48Rh5W8MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvZkNxMHlCUEdjeUR2QmpBV1VUWUxqeEdIbGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCBzwQCAAEwgcgDBAIF
hUQDBAU+wSAwDAMEAj70VAMEAT70WAMEAj70YAMEAj70cAMEAD70dQMEAD70dwME
A04fKAMEBE5t8AMEBFD1EAMEBlLSAAMEBVN2wAMEA1OOkAMEA1taYAMEBF7ksAME
BF+NYAMEBZ+04AMEA7A5IAMEBLIQoAMEArkELAMEArkFbAMEArkS0AMEArkTMAME
ArkpBAMEArlRNAMEArmEdAMEArnVoAMEAcLVfAMEBsMPgAMEAsMxhAMEBcPIoAME
BdRqYDAUBAIAAjAOAwUDIAEKuAMFACoBTgAwDQYJKoZIhvcNAQELBQADggEBAFGy
s8StPRRabDluERDNgcOIMpUmVK1EQzBYu7dGDIq8Bju03pMIFTLaUaupn88CcKJg
KeRZXccNS0V5I09/2jzn4lRn9dAdAO2eGmgSdx41FgDID/KL1UwTAvmAvBNENdgE
SU5SN5eOGTcDBasIOjn0jndK/l49zeb7bJ2AvTYjiY0SZIB9IVcroPsE0MsCfUwe
JFeyU+QUGQUctMDKJO8RWryCDsJwW27yL0t9KsZ98FntXlbRX7e79SQb4xRKSoyG
WwfxaN4B87xBmN8BZEd2jmnWDtWMTpq1zIAUSA8nYyTHQpT7PFWUl15X832/Y/UC
vMqQ0Db80JR5y+T+cJA=
-----END CERTIFICATE-----
Generated at Tue Mar 19 20:27:41 2024 by rpki-client on console-ams.rpki-client.org