Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/52KFqMqtamLHYoQs2bv-vWDGqIc.roa
File: 52KFqMqtamLHYoQs2bv-vWDGqIc.roa (raw, json)
Hash identifier: wdbNkXcz4BWZbNWA9u4Y//aNoyhViMHzeSsD3W/RAq0=
Subject key identifier: E7:62:85:A8:CA:AD:6A:62:C7:62:84:2C:D9:BB:FE:BD:60:C6:A8:87
Certificate issuer: /CN=fde76ca85e96541a5add3cacaf1e5e114faa47ef
Certificate serial: 018A6AE653E6171D622EA9891956DA07A32E
Authority key identifier: FD:E7:6C:A8:5E:96:54:1A:5A:DD:3C:AC:AF:1E:5E:11:4F:AA:47:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_edsqF6WVBpa3Tysrx5eEU-qR-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/52KFqMqtamLHYoQs2bv-vWDGqIc.roa
Signing time: Wed 06 Sep 2023 14:29:54 +0000
ROA not before: Wed 06 Sep 2023 14:29:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43370
IP address blocks: 185.244.132.0/22 maxlen: 22
37.221.202.0/24 maxlen: 24
62.32.84.0/23 maxlen: 23
37.221.207.0/24 maxlen: 24
62.32.92.0/23 maxlen: 23
95.161.184.0/22 maxlen: 22
37.77.128.0/24 maxlen: 24
46.34.146.0/23 maxlen: 23
79.142.93.0/24 maxlen: 24
79.142.94.0/23 maxlen: 23
95.161.196.0/22 maxlen: 22
95.161.224.0/22 maxlen: 22
46.34.130.0/23 maxlen: 23
178.16.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:e6:53:e6:17:1d:62:2e:a9:89:19:56:da:07:a3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fde76ca85e96541a5add3cacaf1e5e114faa47ef
Validity
Not Before: Sep 6 14:29:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e76285a8caad6a62c762842cd9bbfebd60c6a887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:37:6d:d7:3f:0a:d2:20:89:c5:02:89:7a:
aa:4d:59:82:56:ec:31:ad:67:50:af:a3:55:27:1c:
b7:5e:dc:25:40:f3:28:fb:fe:b8:7a:ce:ac:82:a9:
41:7a:80:b6:46:26:da:8c:e9:d1:75:bc:91:89:05:
3a:4a:6b:57:ae:23:3f:4f:0a:b4:bf:ae:44:1c:7c:
7d:96:6b:3c:5a:df:e0:29:a6:9b:e8:36:d5:57:67:
26:09:74:4b:d4:63:51:e1:d9:f6:c5:6e:29:80:bc:
c4:fb:5b:2b:be:d0:e7:8e:f2:e4:9b:27:4f:ad:ff:
fe:dd:33:0e:1e:53:83:2e:e3:2a:14:0a:9c:e3:85:
fe:22:b3:4c:dd:70:ca:f5:c6:33:aa:31:f7:b6:59:
34:52:2e:72:8c:b6:1f:2b:6c:79:ec:5d:22:38:4b:
69:bc:ec:a9:2a:a5:aa:02:2a:d0:50:b7:c8:dc:ae:
50:0a:97:6a:d4:26:ad:4d:1b:2e:a0:da:2d:b9:52:
29:92:bf:8e:66:48:2b:f1:49:70:2e:18:d8:38:44:
c8:dd:7e:d9:03:a7:86:a1:bf:35:76:2b:f3:e1:4a:
1d:f5:eb:6e:f8:ef:fa:62:fc:a3:3a:19:54:cf:46:
48:d4:29:ea:65:b7:42:ba:e7:d8:b1:fc:33:61:65:
48:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:62:85:A8:CA:AD:6A:62:C7:62:84:2C:D9:BB:FE:BD:60:C6:A8:87
X509v3 Authority Key Identifier:
keyid:FD:E7:6C:A8:5E:96:54:1A:5A:DD:3C:AC:AF:1E:5E:11:4F:AA:47:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_edsqF6WVBpa3Tysrx5eEU-qR-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/52KFqMqtamLHYoQs2bv-vWDGqIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/f852ac-9e98-45b7-877f-229e2cb0f66c/1/_edsqF6WVBpa3Tysrx5eEU-qR-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.128.0/24
37.221.202.0/24
37.221.207.0/24
46.34.130.0/23
46.34.146.0/23
62.32.84.0/23
62.32.92.0/23
79.142.93.0-79.142.95.255
95.161.184.0/22
95.161.196.0/22
95.161.224.0/22
178.16.157.0/24
185.244.132.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:dc:fc:bc:c5:4e:fa:8e:71:1f:08:de:ec:17:39:e6:c7:85:
73:06:17:e1:fb:9e:d1:34:10:c2:9c:40:b4:8b:1c:41:1c:17:
02:8e:28:d2:94:76:e0:76:b7:d3:8d:e9:d2:4e:b7:70:4e:08:
ca:c8:ea:51:c3:5b:b3:ba:15:ac:a8:e5:d3:1f:a2:9c:3e:c3:
20:6c:e0:1f:f0:74:10:88:28:27:61:fb:c0:ea:b6:77:a4:f0:
37:f2:a1:0c:bd:a5:d0:83:f7:ad:d8:2b:07:c9:fd:41:23:f2:
fa:c2:0c:0b:9c:f5:be:64:c8:13:05:8a:08:80:c6:f9:18:7c:
77:d3:e0:b3:d1:d1:96:17:cc:ed:f3:ee:31:1e:6b:34:a0:fc:
f1:32:1a:cd:b7:06:6b:33:24:4e:e6:88:e7:0c:e1:52:03:1f:
e7:d5:7d:b5:b8:d3:2e:10:74:5e:ef:ae:b9:ae:88:d3:e1:92:
67:79:67:23:b0:dd:55:4b:b7:61:10:a8:a7:0d:c2:d9:b3:98:
cd:18:cd:d1:b8:84:d4:1c:81:35:9e:b9:a4:b0:c7:94:a1:81:
6e:67:1f:4f:00:8f:24:ba:f3:b4:5f:ab:af:67:eb:0b:21:ca:
51:20:5b:91:d7:e5:c2:2d:2b:e0:d5:5b:6f:eb:e9:bf:55:b1:
74:46:ea:c8
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYpq5lPmFx1iLqmJGVbaB6MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZTc2Y2E4NWU5NjU0MWE1YWRkM2NhY2FmMWU1ZTExNGZh
YTQ3ZWYwHhcNMjMwOTA2MTQyOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzYyODVhOGNhYWQ2YTYyYzc2Mjg0MmNkOWJiZmViZDYwYzZhODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj43bdc/CtIgicUCiXqqTVmCVuwx
rWdQr6NVJxy3XtwlQPMo+/64es6sgqlBeoC2RibajOnRdbyRiQU6SmtXriM/Twq0
v65EHHx9lms8Wt/gKaab6DbVV2cmCXRL1GNR4dn2xW4pgLzE+1srvtDnjvLkmydP
rf/+3TMOHlODLuMqFAqc44X+IrNM3XDK9cYzqjH3tlk0Ui5yjLYfK2x57F0iOEtp
vOypKqWqAirQULfI3K5QCpdq1CatTRsuoNotuVIpkr+OZkgr8UlwLhjYOETI3X7Z
A6eGob81divz4Uod9etu+O/6YvyjOhlUz0ZI1CnqZbdCuufYsfwzYWVIqQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFOdihajKrWpix2KELNm7/r1gxqiHMB8GA1UdIwQY
MBaAFP3nbKhellQaWt08rK8eXhFPqkfvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2Vkc3FGNldWQnBhM1R5c3J4NWVFVS1xUi04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9mODUyYWMtOWU5OC00NWI3LTg3N2Yt
MjI5ZTJjYjBmNjZjLzEvNTJLRnFNcXRhbUxIWW9RczJidi12V0RHcUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9mODUyYWMtOWU5OC00NWI3LTg3N2YtMjI5ZTJjYjBmNjZj
LzEvX2Vkc3FGNldWQnBhM1R5c3J4NWVFVS1xUi04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJU2AAwQA
Jd3KAwQAJd3PAwQBLiKCAwQBLiKSAwQBPiBUAwQBPiBcMAwDBABPjl0DBAVPjkAD
BAJfobgDBAJfocQDBAJfoeADBACyEJ0DBAK59IQwDQYJKoZIhvcNAQELBQADggEB
AJ7c/LzFTvqOcR8I3uwXOebHhXMGF+H7ntE0EMKcQLSLHEEcFwKOKNKUduB2t9ON
6dJOt3BOCMrI6lHDW7O6Fayo5dMfopw+wyBs4B/wdBCIKCdh+8Dqtnek8DfyoQy9
pdCD963YKwfJ/UEj8vrCDAuc9b5kyBMFigiAxvkYfHfT4LPR0ZYXzO3z7jEeazSg
/PEyGs23BmszJE7miOcM4VIDH+fVfbW40y4QdF7vrrmuiNPhkmd5ZyOw3VVLt2EQ
qKcNwtmzmM0YzdG4hNQcgTWeuaSwx5ShgW5nH08AjyS687Rfq69n6wshylEgW5HX
5cItK+DVW2/r6b9VsXRG6sg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:03 2024 by rpki-client on console-fra.rpki-client.org