Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/3_n8FhQ2RYLec51Nv051RQcOOHk.roa
File: 3_n8FhQ2RYLec51Nv051RQcOOHk.roa (raw, json)
Hash identifier: MKqKpFKCMqsJNPD2oi34RFGwFQ89J4/wEakO9uW2TsE=
Subject key identifier: DF:F9:FC:16:14:36:45:82:DE:73:9D:4D:BF:4E:75:45:07:0E:38:79
Certificate issuer: /CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Certificate serial: 018C3A8A9B70C2A0D95BB348CCA6DA4FFEFF
Authority key identifier: A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/3_n8FhQ2RYLec51Nv051RQcOOHk.roa
Signing time: Tue 05 Dec 2023 15:13:31 +0000
ROA not before: Tue 05 Dec 2023 15:13:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56595
IP address blocks: 188.241.20.0/22 maxlen: 24
95.215.9.0/24 maxlen: 24
185.7.230.0/23 maxlen: 23
46.226.0.0/21 maxlen: 21
185.73.152.0/22 maxlen: 22
185.7.228.0/22 maxlen: 22
185.7.228.0/23 maxlen: 23
89.32.88.0/21 maxlen: 21
185.34.8.0/22 maxlen: 22
91.239.46.0/24 maxlen: 24
185.100.68.0/22 maxlen: 22
192.124.197.0/24 maxlen: 24
192.124.198.0/24 maxlen: 24
185.122.64.0/22 maxlen: 22
192.124.193.0/24 maxlen: 24
192.124.194.0/23 maxlen: 23
192.124.203.0/24 maxlen: 24
192.124.206.0/23 maxlen: 23
192.124.200.0/24 maxlen: 24
193.33.125.0/24 maxlen: 24
91.240.174.0/24 maxlen: 24
185.240.200.0/22 maxlen: 22
195.230.123.0/24 maxlen: 24
2a00:a600::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:8a:9b:70:c2:a0:d9:5b:b3:48:cc:a6:da:4f:fe:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b5fe67c20797d3941555554f8c988ca2f7c17b
Validity
Not Before: Dec 5 15:13:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dff9fc1614364582de739d4dbf4e7545070e3879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7c:ae:2f:12:8a:8e:90:3e:d7:8b:9b:87:8b:
14:37:49:eb:30:1a:08:1c:41:0a:32:99:1d:90:f6:
8d:b6:f5:07:1e:1a:48:12:5b:22:a9:cf:e3:7b:1d:
21:df:f2:b1:92:92:ad:32:e9:f7:fc:24:15:8e:b5:
4d:db:7a:70:1e:8f:9c:ff:99:58:d9:62:23:29:fe:
fa:12:8c:38:56:85:58:87:7e:ce:49:3c:f0:ad:9a:
d7:27:48:ed:68:6d:60:d7:8e:a1:6d:8d:7c:b3:10:
7a:0d:2c:8b:da:2e:19:4f:c9:29:f9:fc:35:6c:72:
9e:6a:e8:a1:3c:21:d9:a3:3e:34:1b:04:6b:f2:f0:
bc:b6:3c:19:90:0c:03:ce:53:60:4d:0b:e5:33:67:
53:d3:10:d2:d1:c7:f2:c8:21:a7:35:9c:e3:14:95:
9d:a5:65:eb:06:e3:28:b8:16:6c:42:ea:50:bc:3e:
17:8a:45:57:e2:02:8b:fb:58:9c:dd:78:00:0b:14:
c2:5e:72:9a:da:4c:86:70:95:7c:ed:e6:07:a0:c0:
1c:c5:a8:ce:ff:21:98:d6:8f:99:91:56:d0:be:06:
1e:d3:ae:0e:89:44:40:51:10:65:7c:f0:2a:b9:bd:
93:b5:fa:dc:58:4b:b6:a2:5f:d2:ea:ef:38:82:9d:
a9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F9:FC:16:14:36:45:82:DE:73:9D:4D:BF:4E:75:45:07:0E:38:79
X509v3 Authority Key Identifier:
keyid:A8:B5:FE:67:C2:07:97:D3:94:15:55:55:4F:8C:98:8C:A2:F7:C1:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/3_n8FhQ2RYLec51Nv051RQcOOHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/e7cbf3-64e6-4023-befd-1cc619197551/1/qLX-Z8IHl9OUFVVVT4yYjKL3wXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.0.0/21
89.32.88.0/21
91.239.46.0/24
91.240.174.0/24
95.215.9.0/24
185.7.228.0/22
185.34.8.0/22
185.73.152.0/22
185.100.68.0/22
185.122.64.0/22
185.240.200.0/22
188.241.20.0/22
192.124.193.0-192.124.195.255
192.124.197.0-192.124.198.255
192.124.200.0/24
192.124.203.0/24
192.124.206.0/23
193.33.125.0/24
195.230.123.0/24
IPv6:
2a00:a600::/32
Signature Algorithm: sha256WithRSAEncryption
1b:00:66:ca:e9:71:e6:b3:a0:aa:70:67:ed:db:f0:d3:4a:53:
de:9f:af:da:d0:dc:85:5a:80:ac:75:ec:62:24:4c:fb:5a:9f:
4c:5a:5c:3e:59:31:a0:3d:42:36:d3:85:61:21:75:1b:06:54:
a0:55:74:37:b6:0b:24:6e:7e:cd:27:04:2c:ac:34:c7:86:92:
86:e9:63:9c:70:de:de:a5:e8:42:5f:79:05:4a:b7:d6:3c:9c:
27:cf:97:84:80:8d:c7:0e:90:ef:01:d4:6c:00:96:a6:75:88:
d7:7a:42:4f:9c:fd:c8:e9:ad:01:da:ce:0f:4a:ed:80:e9:6c:
77:5d:9c:8b:f5:9a:37:d7:df:37:c3:2b:f6:47:66:c6:ff:ab:
4f:6e:fe:c9:02:d2:45:ef:2c:a8:99:52:40:08:13:f9:a3:59:
c8:52:46:a0:fc:35:95:f4:44:5a:8f:c8:f8:a8:be:e2:45:0b:
b9:f1:4e:7e:c2:be:35:c5:71:1d:0d:f9:ed:7c:29:2f:23:45:
d8:d6:72:95:0a:6e:ef:a2:13:f4:10:fc:98:ea:b0:cd:59:fb:
c9:28:ea:fa:d4:98:36:7e:8d:34:d2:e6:4c:65:b2:6b:fd:b0:
9a:b9:59:99:a0:93:6d:3e:b3:05:ee:55:72:de:4c:b4:cd:97:
c5:d0:50:62
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYw6iptwwqDZW7NIzKbaT/7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjVmZTY3YzIwNzk3ZDM5NDE1NTU1NTRmOGM5ODhjYTJm
N2MxN2IwHhcNMjMxMjA1MTUxMzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmY5ZmMxNjE0MzY0NTgyZGU3MzlkNGRiZjRlNzU0NTA3MGUzODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HyuLxKKjpA+14ubh4sUN0nrMBoI
HEEKMpkdkPaNtvUHHhpIElsiqc/jex0h3/KxkpKtMun3/CQVjrVN23pwHo+c/5lY
2WIjKf76Eow4VoVYh37OSTzwrZrXJ0jtaG1g146hbY18sxB6DSyL2i4ZT8kp+fw1
bHKeauihPCHZoz40GwRr8vC8tjwZkAwDzlNgTQvlM2dT0xDS0cfyyCGnNZzjFJWd
pWXrBuMouBZsQupQvD4XikVX4gKL+1ic3XgACxTCXnKa2kyGcJV87eYHoMAcxajO
/yGY1o+ZkVbQvgYe064OiURAURBlfPAqub2TtfrcWEu2ol/S6u84gp2pgQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFN/5/BYUNkWC3nOdTb9OdUUHDjh5MB8GA1UdIwQY
MBaAFKi1/mfCB5fTlBVVVU+MmIyi98F7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQt
MWNjNjE5MTk3NTUxLzEvM19uOEZoUTJSWUxlYzUxTnYwNTFSUWNPT0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9lN2NiZjMtNjRlNi00MDIzLWJlZmQtMWNjNjE5MTk3NTUx
LzEvcUxYLVo4SUhsOU9VRlZWVlQ0eVlqS0wzd1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBiQQCAAEwgYIDBAMu
4gADBANZIFgDBABb7y4DBABb8K4DBABf1wkDBAK5B+QDBAK5IggDBAK5SZgDBAK5
ZEQDBAK5ekADBAK58MgDBAK88RQwDAMEAMB8wQMEAsB8wDAMAwQAwHzFAwQAwHzG
AwQAwHzIAwQAwHzLAwQBwHzOAwQAwSF9AwQAw+Z7MA0EAgACMAcDBQAqAKYAMA0G
CSqGSIb3DQEBCwUAA4IBAQAbAGbK6XHms6CqcGft2/DTSlPen6/a0NyFWoCsdexi
JEz7Wp9MWlw+WTGgPUI204VhIXUbBlSgVXQ3tgskbn7NJwQsrDTHhpKG6WOccN7e
pehCX3kFSrfWPJwnz5eEgI3HDpDvAdRsAJamdYjXekJPnP3I6a0B2s4PSu2A6Wx3
XZyL9Zo31983wyv2R2bG/6tPbv7JAtJF7yyomVJACBP5o1nIUkag/DWV9ERaj8j4
qL7iRQu58U5+wr41xXEdDfntfCkvI0XY1nKVCm7vohP0EPyY6rDNWfvJKOr61Jg2
fo000uZMZbJr/bCauVmZoJNtPrMF7lVy3ky0zZfF0FBi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:06 2024 by rpki-client on console-fra.rpki-client.org