Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/iWhiUZcy5A1ieq63r3eCB6FOQRc.roa
File: iWhiUZcy5A1ieq63r3eCB6FOQRc.roa (raw, json)
Hash identifier: vW7etY6rdI48BfLsxnhpiUw0HOteW6+epqRu+JH5ZvA=
Subject key identifier: 89:68:62:51:97:32:E4:0D:62:7A:AE:B7:AF:77:82:07:A1:4E:41:17
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018CC64ADA7A65443B5EB062E8914F14691F
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/iWhiUZcy5A1ieq63r3eCB6FOQRc.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 81.181.68.0/23 maxlen: 24
194.102.36.0/22 maxlen: 24
81.181.72.0/23 maxlen: 24
217.156.16.0/23 maxlen: 24
80.97.40.0/21 maxlen: 24
81.181.104.0/21 maxlen: 24
85.122.120.0/22 maxlen: 22
85.122.124.0/22 maxlen: 24
217.156.48.0/22 maxlen: 24
81.181.14.0/23 maxlen: 24
81.181.26.0/23 maxlen: 24
194.102.148.0/23 maxlen: 24
194.102.160.0/23 maxlen: 24
85.121.48.0/21 maxlen: 24
194.102.174.0/23 maxlen: 24
194.102.180.0/22 maxlen: 24
85.120.224.0/21 maxlen: 24
80.97.96.0/23 maxlen: 24
217.156.94.0/23 maxlen: 24
80.96.54.0/23 maxlen: 24
80.96.102.0/23 maxlen: 24
85.121.168.0/22 maxlen: 24
194.102.224.0/22 maxlen: 24
80.96.44.0/23 maxlen: 24
81.180.98.0/23 maxlen: 24
85.121.232.0/21 maxlen: 24
194.105.12.0/22 maxlen: 24
194.153.230.0/23 maxlen: 24
81.180.228.0/23 maxlen: 24
194.153.244.0/23 maxlen: 24
85.120.84.0/23 maxlen: 24
81.180.254.0/23 maxlen: 24
81.180.174.0/23 maxlen: 24
85.121.208.0/21 maxlen: 24
80.96.156.0/22 maxlen: 24
194.153.225.0/24 maxlen: 24
193.226.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 11:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:da:7a:65:44:3b:5e:b0:62:e8:91:4f:14:69:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=896862519732e40d627aaeb7af778207a14e4117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9b:6d:fe:28:01:6c:01:9b:4f:7e:99:8c:bc:
4a:5a:29:b1:a2:6c:75:1c:31:22:5f:9a:b9:e2:8e:
2b:a8:90:83:91:8c:3a:cc:66:03:e9:5a:6b:1d:d7:
56:f5:06:ba:d0:41:16:44:7e:01:37:df:17:94:25:
d7:6f:83:e7:58:74:3c:69:1e:13:35:c3:7c:42:09:
8f:22:09:1d:b8:72:23:5f:33:fc:c5:89:eb:36:32:
4e:d3:93:e0:55:15:84:ab:db:25:ad:05:3f:18:42:
50:39:e6:70:5a:52:12:33:c2:f7:99:fe:68:14:c3:
e8:c6:f4:17:d1:e0:93:2e:4d:ae:d2:0d:e5:ea:23:
12:e3:ae:e8:7f:9a:4d:3b:67:68:b2:16:8d:6b:fe:
99:1e:e4:18:e6:fc:2a:cd:82:43:ec:b2:d0:7c:11:
27:21:91:ea:9b:37:5e:53:5d:a7:f1:eb:19:32:8a:
e3:91:53:29:db:7c:d9:cc:12:56:6c:60:59:61:34:
22:9b:dd:31:a0:51:3b:4b:da:61:36:88:73:93:35:
cd:7d:5e:7e:de:c9:f1:a2:dd:25:d2:a1:3c:d5:5c:
ae:d6:f8:3c:c8:62:00:c3:d6:16:ac:17:fc:d7:a6:
fb:b3:86:6f:11:05:50:07:f7:fc:93:d3:53:74:42:
85:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:68:62:51:97:32:E4:0D:62:7A:AE:B7:AF:77:82:07:A1:4E:41:17
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/iWhiUZcy5A1ieq63r3eCB6FOQRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.44.0/23
80.96.54.0/23
80.96.102.0/23
80.96.156.0/22
80.97.40.0/21
80.97.96.0/23
81.180.98.0/23
81.180.174.0/23
81.180.228.0/23
81.180.254.0/23
81.181.14.0/23
81.181.26.0/23
81.181.68.0/23
81.181.72.0/23
81.181.104.0/21
85.120.84.0/23
85.120.224.0/21
85.121.48.0/21
85.121.168.0/22
85.121.208.0/21
85.121.232.0/21
85.122.120.0/21
193.226.76.0/22
194.102.36.0/22
194.102.148.0/23
194.102.160.0/23
194.102.174.0/23
194.102.180.0/22
194.102.224.0/22
194.105.12.0/22
194.153.225.0/24
194.153.230.0/23
194.153.244.0/23
217.156.16.0/23
217.156.48.0/22
217.156.94.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:a8:13:7d:3e:97:92:bc:8d:91:15:7a:d6:3c:54:9d:ab:48:
90:4e:d0:cd:4c:d4:ea:b2:1d:a6:7d:e4:1f:85:56:aa:0f:b9:
26:b7:03:c2:54:90:28:34:72:2b:85:d0:75:94:cd:93:39:95:
61:dd:57:02:78:31:c2:35:2f:e6:2a:31:14:f5:f1:b6:6a:42:
64:ef:47:d8:cc:15:54:d9:d1:98:3b:7e:f7:74:1d:08:f6:c8:
8a:23:c6:f4:ce:62:84:94:ca:ce:84:59:01:85:db:ea:87:93:
fe:cc:0c:50:08:f5:a1:58:9c:f5:0d:ae:02:68:51:61:e5:46:
68:ca:1b:c2:b7:e3:2b:13:ba:01:e7:42:49:60:50:6c:c9:e8:
97:b8:b8:c4:e6:68:1f:fc:2e:93:83:08:16:43:42:79:c1:e1:
ba:74:25:39:9d:0b:82:82:fa:b6:b1:9e:02:28:33:e4:a1:f8:
f3:f2:48:49:1c:08:3f:8f:38:86:ac:01:dd:86:a9:b1:99:11:
df:87:3b:f6:18:e9:db:21:b9:36:1a:0a:ff:57:7e:86:16:8d:
82:ef:c5:54:5a:7f:cf:41:b4:66:2b:8c:3e:b9:99:cd:1a:02:
0a:34:25:e3:de:15:a5:52:a3:0a:02:70:08:48:54:d9:b3:fd:
35:02:e3:56
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYzGStp6ZUQ7XrBi6JFPFGkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY4NjI1MTk3MzJlNDBkNjI3YWFlYjdhZjc3ODIwN2ExNGU0MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5tt/igBbAGbT36ZjLxKWimxomx1
HDEiX5q54o4rqJCDkYw6zGYD6VprHddW9Qa60EEWRH4BN98XlCXXb4PnWHQ8aR4T
NcN8QgmPIgkduHIjXzP8xYnrNjJO05PgVRWEq9slrQU/GEJQOeZwWlISM8L3mf5o
FMPoxvQX0eCTLk2u0g3l6iMS467of5pNO2doshaNa/6ZHuQY5vwqzYJD7LLQfBEn
IZHqmzdeU12n8esZMorjkVMp23zZzBJWbGBZYTQim90xoFE7S9phNohzkzXNfV5+
3snxot0l0qE81Vyu1vg8yGIAw9YWrBf816b7s4ZvEQVQB/f8k9NTdEKF3QIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFIloYlGXMuQNYnqut693ggehTkEXMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvaVdoaVVaY3k1QTFpZXE2M3IzZUNCNkZPUVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBAFQ
YCwDBAFQYDYDBAFQYGYDBAJQYJwDBANQYSgDBAFQYWADBAFRtGIDBAFRtK4DBAFR
tOQDBAFRtP4DBAFRtQ4DBAFRtRoDBAFRtUQDBAFRtUgDBANRtWgDBAFVeFQDBANV
eOADBANVeTADBAJVeagDBANVedADBANVeegDBANVengDBALB4kwDBALCZiQDBAHC
ZpQDBAHCZqADBAHCZq4DBALCZrQDBALCZuADBALCaQwDBADCmeEDBAHCmeYDBAHC
mfQDBAHZnBADBALZnDADBAHZnF4wDQYJKoZIhvcNAQELBQADggEBAKKoE30+l5K8
jZEVetY8VJ2rSJBO0M1M1OqyHaZ95B+FVqoPuSa3A8JUkCg0ciuF0HWUzZM5lWHd
VwJ4McI1L+YqMRT18bZqQmTvR9jMFVTZ0Zg7fvd0HQj2yIojxvTOYoSUys6EWQGF
2+qHk/7MDFAI9aFYnPUNrgJoUWHlRmjKG8K34ysTugHnQklgUGzJ6Je4uMTmaB/8
LpODCBZDQnnB4bp0JTmdC4KC+raxngIoM+Sh+PPySEkcCD+POIasAd2GqbGZEd+H
O/YY6dshuTYaCv9XfoYWjYLvxVRaf89BtGYrjD65mc0aAgo0JePeFaVSowoCcAhI
VNmz/TUC41Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org