Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/dM3UuX65GU8mk2ppUmUw4z3W_m0.roa
File: dM3UuX65GU8mk2ppUmUw4z3W_m0.roa (raw, json)
Hash identifier: jZryar5fFr6XFNCJzgiLE+LaByrQ6/7FsblZXQexf+c=
Subject key identifier: 74:CD:D4:B9:7E:B9:19:4F:26:93:6A:69:52:65:30:E3:3D:D6:FE:6D
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019305F350F13C3051DBC08859463B50568C
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/dM3UuX65GU8mk2ppUmUw4z3W_m0.roa
Signing time: Thu 07 Nov 2024 09:27:32 +0000
ROA not before: Thu 07 Nov 2024 09:27:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.105.184.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.31.141.0/24 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0d:77c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Nov 2024 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:f3:50:f1:3c:30:51:db:c0:88:59:46:3b:50:56:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 7 09:27:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74cdd4b97eb9194f26936a69526530e33dd6fe6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:29:e0:7d:4c:f9:7e:56:f1:fc:f8:68:c7:98:
a9:c2:11:81:18:85:5c:c5:cf:86:59:5e:d7:2e:15:
4e:1e:d6:de:89:d3:1b:48:c3:8f:c3:85:54:bf:73:
fd:6a:0c:d4:1b:16:84:84:8a:72:d3:36:08:d5:a5:
17:70:1e:53:e0:19:08:af:5a:62:47:f4:e0:11:e4:
ae:4e:e5:2c:33:34:dc:07:84:b3:a1:97:97:33:ed:
82:2d:3d:17:02:36:d8:b8:6e:f6:02:40:bc:f3:49:
f0:27:58:f7:36:ef:d6:d3:97:38:a7:54:a3:6d:2d:
53:c7:a3:e7:cd:d0:fb:98:ba:6e:b7:fa:bf:14:2e:
32:eb:76:c6:40:45:b4:1a:43:05:f6:e4:66:75:68:
47:d9:11:25:15:f5:d0:f9:c7:9e:58:95:15:1f:88:
d0:6d:bc:ee:c5:f6:43:f6:f0:63:d3:8f:85:f0:24:
40:7f:9e:7c:26:63:fc:d7:43:fd:09:d8:fb:63:7c:
cb:65:51:57:45:bf:2e:5c:20:78:d1:cf:71:14:a3:
78:48:07:e3:16:26:4e:9d:11:9c:87:47:b2:64:00:
bd:3c:ac:2f:eb:53:67:38:2c:34:f8:55:1c:29:a3:
56:72:04:65:71:09:34:df:0d:08:96:a1:02:8f:19:
33:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CD:D4:B9:7E:B9:19:4F:26:93:6A:69:52:65:30:E3:3D:D6:FE:6D
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/dM3UuX65GU8mk2ppUmUw4z3W_m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.141.0/24
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:f6:86:b6:b3:aa:7a:64:9d:c6:7c:45:39:95:b4:e7:a0:8f:
d7:43:30:13:dd:9f:b6:d8:f3:f1:3a:ca:b3:f7:d7:2e:d5:19:
f4:a7:5a:55:42:be:c0:07:3e:ee:50:53:29:03:c4:aa:b8:e6:
90:0b:81:fd:96:f1:aa:7e:6e:9a:ec:63:47:02:be:06:b4:6c:
61:a6:15:91:a6:b1:50:7c:62:7f:f5:4e:54:a2:f7:2f:29:f7:
89:b2:9d:f8:97:d2:2c:3d:11:d0:c9:07:01:ef:5e:62:cd:9a:
09:34:0a:7e:e7:a8:b3:7b:b1:bf:ea:91:89:bf:f0:04:d6:1d:
ba:23:1b:b1:1a:cf:48:c9:10:3f:7c:74:f9:40:e6:9d:d8:5f:
48:9b:da:2a:4f:02:40:2e:bd:d1:00:5c:8e:9a:77:ee:47:67:
54:1e:de:a6:2f:0c:fb:ab:3a:4b:f9:5a:35:82:d0:40:fa:30:
35:70:b7:ff:63:84:e9:b3:00:90:73:fe:bc:5e:8a:4e:cf:4d:
9e:03:a6:e7:02:b4:eb:cb:ee:c1:cd:d6:37:8d:26:08:1d:ab:
7b:20:d6:62:f1:7e:75:f0:5e:d9:24:1e:5f:95:7d:77:d7:b0:
bb:5c:59:7d:47:12:ef:14:da:fb:0f:a8:a0:d5:a3:43:3a:ac:
3c:09:7f:5e
-----BEGIN CERTIFICATE-----
MIIGAjCCBOqgAwIBAgISAZMF81DxPDBR28CIWUY7UFaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQxMTA3MDkyNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGNkZDRiOTdlYjkxOTRmMjY5MzZhNjk1MjY1MzBlMzNkZDZmZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyngfUz5flbx/Phox5ipwhGBGIVc
xc+GWV7XLhVOHtbeidMbSMOPw4VUv3P9agzUGxaEhIpy0zYI1aUXcB5T4BkIr1pi
R/TgEeSuTuUsMzTcB4SzoZeXM+2CLT0XAjbYuG72AkC880nwJ1j3Nu/W05c4p1Sj
bS1Tx6PnzdD7mLput/q/FC4y63bGQEW0GkMF9uRmdWhH2RElFfXQ+ceeWJUVH4jQ
bbzuxfZD9vBj04+F8CRAf558JmP810P9Cdj7Y3zLZVFXRb8uXCB40c9xFKN4SAfj
FiZOnRGch0eyZAC9PKwv61NnOCw0+FUcKaNWcgRlcQk03w0IlqECjxkzsQIDAQAB
o4IDDjCCAwowHQYDVR0OBBYEFHTN1Ll+uRlPJpNqaVJlMOM91v5tMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZE0zVXVYNjVHVThtazJwcFVtVXc0ejNXX20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIgYIKwYBBQUHAQcBAf8EggERMIIBDTCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBADCH40DBALCMhADBALCOOADBALUawww
cQQCAAIwawMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//SAwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CA
ABADBwYqC3CAAAADBQMqDXfAMA0GCSqGSIb3DQEBCwUAA4IBAQC09oa2s6p6ZJ3G
fEU5lbTnoI/XQzAT3Z+22PPxOsqz99cu1Rn0p1pVQr7ABz7uUFMpA8SquOaQC4H9
lvGqfm6a7GNHAr4GtGxhphWRprFQfGJ/9U5UovcvKfeJsp34l9IsPRHQyQcB715i
zZoJNAp+56ize7G/6pGJv/AE1h26IxuxGs9IyRA/fHT5QOad2F9Im9oqTwJALr3R
AFyOmnfuR2dUHt6mLwz7qzpL+Vo1gtBA+jA1cLf/Y4TpswCQc/68XopOz02eA6bn
ArTry+7BzdY3jSYIHat7INZi8X518F7ZJB5flX1317C7XFl9RxLvFNr7D6ig1aND
Oqw8CX9e
-----END CERTIFICATE-----
Generated at Mon Nov 11 19:38:44 2024 by rpki-client on console-fra.rpki-client.org