Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/S39-CArs70VVrKewpcYALbeJGQ0.roa
File: S39-CArs70VVrKewpcYALbeJGQ0.roa (raw, json)
Hash identifier: 3zXWG+PUHAyn1pB4DNlErZhtraUn1inJGO6MqVkKcAE=
Subject key identifier: 4B:7F:7E:08:0A:EC:EF:45:55:AC:A7:B0:A5:C6:00:2D:B7:89:19:0D
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018DF5091083B5D3A9027B8AD89BF1C5B74C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/S39-CArs70VVrKewpcYALbeJGQ0.roa
Signing time: Thu 29 Feb 2024 13:23:48 +0000
ROA not before: Thu 29 Feb 2024 13:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48749
IP address blocks: 80.96.106.0/24 maxlen: 24
80.96.236.0/23 maxlen: 23
81.180.36.0/23 maxlen: 23
81.180.94.0/23 maxlen: 23
81.180.172.0/23 maxlen: 23
81.180.204.0/23 maxlen: 23
81.180.252.0/23 maxlen: 23
81.181.173.0/24 maxlen: 24
85.120.44.0/23 maxlen: 23
85.121.18.0/23 maxlen: 23
85.121.36.0/23 maxlen: 23
85.122.84.0/23 maxlen: 23
194.102.216.0/24 maxlen: 24
217.156.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 14 Apr 2024 11:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:09:10:83:b5:d3:a9:02:7b:8a:d8:9b:f1:c5:b7:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 29 13:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b7f7e080aecef4555aca7b0a5c6002db789190d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:35:c3:98:1d:57:97:12:ab:05:cf:c1:e4:e3:
49:dd:7e:b7:4a:28:cd:e3:16:68:53:40:dd:d4:78:
9f:ad:50:35:fa:23:be:5b:46:d2:e2:1d:6d:e4:33:
2e:cd:0b:e2:a3:f5:94:94:1a:b0:0b:95:ce:0a:ea:
66:46:3f:d8:3f:91:d1:bf:e9:94:b7:8e:c8:17:c5:
7c:68:f6:64:ca:f0:12:64:74:cf:52:92:a9:e1:b6:
48:14:ab:cf:7d:8b:33:36:0c:51:74:16:d7:2a:44:
06:34:86:39:90:0c:94:e0:4c:77:b3:54:89:87:f2:
bb:37:92:5c:80:38:a6:eb:d7:fd:07:ee:79:9f:72:
8a:fb:f0:ec:05:6b:2e:91:d0:7a:79:19:f1:fc:03:
3f:24:8c:a6:23:78:3e:22:b8:80:f8:59:0c:87:06:
da:2f:09:df:c1:21:39:c1:41:02:ca:59:65:b4:5d:
9d:3c:c0:8c:c0:68:67:43:38:1c:30:80:5d:2f:d3:
14:e9:7e:4e:20:6b:f4:ab:35:bf:88:81:d0:27:ce:
12:e6:9f:db:42:ec:5c:dc:f5:aa:c9:fe:a8:6e:e2:
9a:e9:79:0d:25:8d:45:84:8e:3c:a4:40:02:c1:b2:
9d:29:d7:fc:ec:8b:df:c5:d0:cf:d5:3e:7c:51:9f:
86:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7F:7E:08:0A:EC:EF:45:55:AC:A7:B0:A5:C6:00:2D:B7:89:19:0D
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/S39-CArs70VVrKewpcYALbeJGQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.106.0/24
80.96.236.0/23
81.180.36.0/23
81.180.94.0/23
81.180.172.0/23
81.180.204.0/23
81.180.252.0/23
81.181.173.0/24
85.120.44.0/23
85.121.18.0/23
85.121.36.0/23
85.122.84.0/23
194.102.216.0/24
217.156.91.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:96:8f:c1:a9:44:2d:97:32:86:35:9a:50:1e:e4:af:75:c2:
3c:1f:bd:8f:19:97:63:45:f9:20:7d:07:a9:b5:bf:e6:fb:46:
81:5a:55:fd:f4:75:e5:9e:a0:c7:0a:22:c8:ac:47:54:9e:2d:
19:b4:bd:19:30:8b:9f:a0:d3:30:29:55:87:bf:91:6a:2f:f1:
0e:c6:a3:24:41:44:51:e6:31:0c:65:6f:11:d3:f0:0b:d1:47:
2a:ac:c5:74:40:c6:67:c0:e0:47:b7:54:a1:e7:22:5d:f6:d8:
4f:a8:d3:fa:e2:78:d1:34:da:dd:d5:72:26:d3:d2:75:fe:76:
60:33:06:96:19:99:49:77:59:2c:ca:3c:92:f6:45:38:aa:c7:
09:eb:57:ba:5a:32:02:61:23:ce:70:c3:24:2b:72:a4:de:6d:
97:46:be:59:85:e8:ce:ed:6b:54:eb:72:ac:e3:7f:b9:5f:9e:
fd:75:9b:5e:0d:01:95:64:e9:b2:a2:cf:83:f9:68:93:49:7f:
dd:fc:ca:94:59:9b:ce:c9:16:7e:13:4e:83:1e:66:97:d4:25:
e8:80:73:c6:71:d9:79:f8:6a:55:7f:31:dc:10:ab:0f:80:43:
f2:7a:40:b2:15:37:8c:a9:f9:1d:36:af:db:64:f6:d0:10:2d:
52:e6:59:c4
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY31CRCDtdOpAnuK2JvxxbdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMjI5MTMyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdmN2UwODBhZWNlZjQ1NTVhY2E3YjBhNWM2MDAyZGI3ODkxOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTXDmB1XlxKrBc/B5ONJ3X63SijN
4xZoU0Dd1HifrVA1+iO+W0bS4h1t5DMuzQvio/WUlBqwC5XOCupmRj/YP5HRv+mU
t47IF8V8aPZkyvASZHTPUpKp4bZIFKvPfYszNgxRdBbXKkQGNIY5kAyU4Ex3s1SJ
h/K7N5JcgDim69f9B+55n3KK+/DsBWsukdB6eRnx/AM/JIymI3g+IriA+FkMhwba
LwnfwSE5wUECyllltF2dPMCMwGhnQzgcMIBdL9MU6X5OIGv0qzW/iIHQJ84S5p/b
Quxc3PWqyf6obuKa6XkNJY1FhI48pEACwbKdKdf87IvfxdDP1T58UZ+GAwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEt/fggK7O9FVaynsKXGAC23iRkNMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUzM5LUNBcnM3MFZWcktld3BjWUFMYmVKR1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAUGBqAwQB
UGDsAwQBUbQkAwQBUbReAwQBUbSsAwQBUbTMAwQBUbT8AwQAUbWtAwQBVXgsAwQB
VXkSAwQBVXkkAwQBVXpUAwQAwmbYAwQA2ZxbMA0GCSqGSIb3DQEBCwUAA4IBAQBO
lo/BqUQtlzKGNZpQHuSvdcI8H72PGZdjRfkgfQeptb/m+0aBWlX99HXlnqDHCiLI
rEdUni0ZtL0ZMIufoNMwKVWHv5FqL/EOxqMkQURR5jEMZW8R0/AL0UcqrMV0QMZn
wOBHt1Sh5yJd9thPqNP64njRNNrd1XIm09J1/nZgMwaWGZlJd1ksyjyS9kU4qscJ
61e6WjICYSPOcMMkK3Kk3m2XRr5ZhejO7WtU63Ks43+5X579dZteDQGVZOmyos+D
+WiTSX/d/MqUWZvOyRZ+E06DHmaX1CXogHPGcdl5+GpVfzHcEKsPgEPyekCyFTeM
qfkdNq/bZPbQEC1S5lnE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:05 2024 by rpki-client on console-ams.rpki-client.org