Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/0E0h-w2QZeOGU3KvKjoqC85Apio.roa
File: 0E0h-w2QZeOGU3KvKjoqC85Apio.roa (raw, json)
Hash identifier: qDJ5poaZ5iCwD3/fT9JIj+p8+8lQPsR7sE0gjov91JM=
Subject key identifier: D0:4D:21:FB:0D:90:65:E3:86:53:72:AF:2A:3A:2A:0B:CE:40:A6:2A
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018EC36753662E9A8BF3D29256161E3AAEE9
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/0E0h-w2QZeOGU3KvKjoqC85Apio.roa
Signing time: Tue 09 Apr 2024 15:08:32 +0000
ROA not before: Tue 09 Apr 2024 15:08:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 31.214.176.0/20 maxlen: 24
37.10.72.0/21 maxlen: 24
37.152.88.0/21 maxlen: 24
45.149.228.0/22 maxlen: 24
46.18.72.0/21 maxlen: 24
87.117.96.0/20 maxlen: 24
91.132.116.0/22 maxlen: 24
95.214.0.0/22 maxlen: 24
109.69.48.0/21 maxlen: 24
185.11.236.0/22 maxlen: 24
185.161.12.0/22 maxlen: 24
185.226.236.0/22 maxlen: 24
193.57.36.0/22 maxlen: 24
194.56.236.0/22 maxlen: 24
194.127.158.0/23 maxlen: 24
194.127.162.0/23 maxlen: 32
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 10 Apr 2024 09:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c3:67:53:66:2e:9a:8b:f3:d2:92:56:16:1e:3a:ae:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Apr 9 15:08:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d04d21fb0d9065e3865372af2a3a2a0bce40a62a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:71:ce:f3:16:a4:fb:e0:bf:6d:5f:4f:62:f0:
ef:06:de:dc:e7:05:a0:43:39:f8:b9:fe:e3:34:c8:
f2:ea:a6:1f:45:69:3d:d0:e5:a2:05:5d:81:35:a8:
66:b7:a8:c0:4d:69:f6:cb:8f:04:f5:16:e0:99:3f:
e7:59:cf:d3:2a:78:59:c3:2f:7a:2a:a1:11:c6:1f:
99:85:b0:2a:53:46:e7:1d:fc:9d:e6:7b:f8:98:80:
f2:79:b8:c2:54:80:6e:a1:45:0e:50:da:2a:f7:5a:
43:c8:75:1f:82:a1:5b:ce:ac:b5:68:f9:1f:9a:05:
bf:e1:0e:e1:a4:91:d5:2f:67:ac:8c:eb:30:02:88:
1f:d4:c7:ab:17:02:2d:64:cf:a9:5c:62:0f:65:49:
4a:4b:10:d1:09:5d:60:0a:ff:5b:b2:73:00:3a:e1:
f3:4a:a4:fc:24:fc:7a:b6:35:65:6e:50:49:69:82:
57:44:17:9e:a2:ba:b4:a9:2d:bd:9f:65:74:19:cb:
07:0b:66:9c:6d:ec:a7:7d:bd:e5:7a:5e:dc:3b:2a:
38:7b:4c:8a:9d:62:e9:a2:b9:f2:43:92:a4:f9:6d:
31:ac:02:ff:66:b2:1e:05:b6:c9:a6:c1:ae:a2:d1:
80:fb:84:08:9b:75:79:61:d8:f0:e7:b9:7d:49:3d:
8e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4D:21:FB:0D:90:65:E3:86:53:72:AF:2A:3A:2A:0B:CE:40:A6:2A
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/0E0h-w2QZeOGU3KvKjoqC85Apio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.176.0/20
37.10.72.0/21
37.152.88.0/21
45.149.228.0/22
46.18.72.0/21
87.117.96.0/20
91.132.116.0/22
95.214.0.0/22
109.69.48.0/21
185.11.236.0/22
185.161.12.0/22
185.226.236.0/22
193.57.36.0/22
194.56.236.0/22
194.127.158.0/23
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
58:51:0e:c5:cd:17:7c:e2:f9:57:71:04:26:35:32:de:6a:cd:
29:dd:2d:cc:dd:18:b9:83:cf:2f:83:18:f0:a0:d7:7e:ab:ee:
e4:35:19:09:a1:af:87:f5:69:a9:f4:1a:05:ea:71:39:54:da:
a1:53:95:d8:2b:c2:6c:6c:4c:0c:b3:15:a4:5e:a3:54:5b:14:
ab:86:bd:a9:da:9a:cc:1d:bf:14:c8:2c:0f:1e:b2:5c:eb:19:
5a:89:0e:48:78:45:1f:18:6d:8e:a0:93:27:d0:de:05:da:74:
39:ec:ad:0b:10:b6:2b:6e:5f:32:dd:25:73:81:16:a0:29:cf:
22:5c:ef:d0:ac:99:64:49:1f:23:8c:79:3e:9c:86:87:57:53:
18:0e:b4:55:02:fa:08:86:f8:a4:bc:a4:77:76:74:38:d9:98:
34:09:71:e0:46:7d:3c:30:b8:20:7b:25:d9:d0:6a:53:92:aa:
a6:a8:3f:bc:dd:42:32:8b:28:cd:7d:89:46:72:e1:51:b9:91:
71:3e:45:73:64:67:b4:ab:9d:53:b0:5b:d1:96:61:2d:5b:4b:
d8:27:ad:9e:74:6b:2a:d4:7c:73:83:d0:ab:92:4f:f4:58:40:
11:2f:8d:31:d3:03:56:45:1a:36:60:a6:a8:b0:4a:47:71:c2:
d7:82:56:f4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY7DZ1NmLpqL89KSVhYeOq7pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwNDA5MTUwODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDRkMjFmYjBkOTA2NWUzODY1MzcyYWYyYTNhMmEwYmNlNDBhNjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHHO8xak++C/bV9PYvDvBt7c5wWg
Qzn4uf7jNMjy6qYfRWk90OWiBV2BNahmt6jATWn2y48E9RbgmT/nWc/TKnhZwy96
KqERxh+ZhbAqU0bnHfyd5nv4mIDyebjCVIBuoUUOUNoq91pDyHUfgqFbzqy1aPkf
mgW/4Q7hpJHVL2esjOswAogf1MerFwItZM+pXGIPZUlKSxDRCV1gCv9bsnMAOuHz
SqT8JPx6tjVlblBJaYJXRBeeorq0qS29n2V0GcsHC2acbeynfb3lel7cOyo4e0yK
nWLpornyQ5Kk+W0xrAL/ZrIeBbbJpsGuotGA+4QIm3V5Ydjw57l9ST2O0wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFNBNIfsNkGXjhlNyryo6KgvOQKYqMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvMEUwaC13MlFaZU9HVTNLdktqb3FDODVBcGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQEH9aw
AwQDJQpIAwQDJZhYAwQCLZXkAwQDLhJIAwQEV3VgAwQCW4R0AwQCX9YAAwQDbUUw
AwQCuQvsAwQCuaEMAwQCueLsAwQCwTkkAwQCwjjsAwQBwn+eAwQBwn+iMBsEAgAC
MBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQADggEBAFhRDsXN
F3zi+VdxBCY1Mt5qzSndLczdGLmDzy+DGPCg136r7uQ1GQmhr4f1aan0GgXqcTlU
2qFTldgrwmxsTAyzFaReo1RbFKuGvanamswdvxTILA8eslzrGVqJDkh4RR8YbY6g
kyfQ3gXadDnsrQsQtituXzLdJXOBFqApzyJc79CsmWRJHyOMeT6chodXUxgOtFUC
+giG+KS8pHd2dDjZmDQJceBGfTwwuCB7JdnQalOSqqaoP7zdQjKLKM19iUZy4VG5
kXE+RXNkZ7SrnVOwW9GWYS1bS9gnrZ50ayrUfHOD0KuST/RYQBEvjTHTA1ZFGjZg
pqiwSkdxwteCVvQ=
-----END CERTIFICATE-----
Generated at Wed Apr 10 13:52:50 2024 by rpki-client on console-ams.rpki-client.org