Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1NbEIdQIyMRxThtC1tObQughR6Q.roa
File: 1NbEIdQIyMRxThtC1tObQughR6Q.roa (raw, json)
Hash identifier: 3R1MSbuz9EwGRZYEwX/dQBuVblZ4S4FuSmhbR2gGbKQ=
Subject key identifier: D4:D6:C4:21:D4:08:C8:C4:71:4E:1B:42:D6:D3:9B:42:E8:21:47:A4
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3371E26B28F483640234A1D7943867CA
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1NbEIdQIyMRxThtC1tObQughR6Q.roa
Signing time: Tue 12 Mar 2024 16:14:45 +0000
ROA not before: Tue 12 Mar 2024 16:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Mar 2024 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:71:e2:6b:28:f4:83:64:02:34:a1:d7:94:38:67:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 16:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4d6c421d408c8c4714e1b42d6d39b42e82147a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b0:7f:d0:d6:d2:6a:31:fc:40:b0:67:1c:4b:
ab:de:94:14:71:23:58:27:a8:0d:9f:fb:fe:32:80:
94:f8:52:60:d5:61:a3:dd:8e:a4:6b:62:9d:c5:74:
7f:30:a5:a9:d7:c9:57:da:84:0d:d4:09:ce:e6:60:
1e:0f:64:f3:10:c3:9f:ea:85:81:2d:c7:df:e4:01:
cf:25:2d:b9:15:4f:05:73:a2:6b:16:e1:03:47:ad:
bc:34:48:60:60:ea:b9:24:12:25:5f:85:7e:26:3e:
86:7b:c1:17:45:40:36:c0:94:fe:01:39:f3:fb:74:
76:fa:88:62:75:41:c1:01:fe:ce:26:64:1f:2b:32:
d7:c1:72:df:ff:9c:83:f5:0f:20:83:41:a8:2e:4f:
2d:88:70:7a:b3:5b:3b:e4:17:ae:c3:fb:8a:f6:70:
67:e8:ce:5e:09:6f:2d:6e:86:be:da:c0:1a:ad:2b:
4b:ee:45:2e:51:cb:68:f6:53:45:cd:56:5f:95:7b:
a6:2d:6f:4e:72:73:70:16:9a:92:d0:0f:bd:a6:2c:
b4:06:c3:54:d4:0d:76:b6:b6:94:85:05:3a:7c:c8:
e5:99:00:fb:37:d7:b2:a4:fe:d0:6b:9a:44:33:72:
6a:72:7b:45:59:bf:d5:fb:ed:21:46:07:ce:20:63:
a4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D6:C4:21:D4:08:C8:C4:71:4E:1B:42:D6:D3:9B:42:E8:21:47:A4
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/1NbEIdQIyMRxThtC1tObQughR6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
212.11.68.0-212.11.75.255
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:4c:d0:70:d0:1a:63:00:b6:5e:57:80:95:e9:31:83:52:b9:
0e:20:43:bc:a1:9f:c8:93:3a:24:68:a0:d9:ba:27:53:ca:50:
51:9a:c0:98:03:ee:95:0d:74:5c:7e:7f:43:2a:38:a2:e9:6b:
2a:06:76:00:39:f6:83:23:11:a1:40:f7:76:29:94:2b:62:5d:
40:31:c6:f3:f2:e5:0e:02:97:bc:87:b1:bc:00:55:c7:c2:d1:
7d:9f:42:40:98:d5:34:89:eb:09:f8:59:40:f1:9b:ea:66:68:
a7:5e:8c:98:5a:98:61:0a:46:68:e9:6b:5d:b2:46:a2:47:0a:
a2:e2:99:d1:08:da:57:6b:ae:b3:50:67:e9:fb:9a:3d:a8:a0:
03:4c:73:5a:95:6f:df:c5:00:a2:3f:f8:75:93:1e:4b:eb:0e:
73:94:f6:1e:c2:59:e1:15:e7:12:50:f6:18:f6:00:b9:e3:02:
1f:4d:73:45:b6:d2:54:80:a2:3d:32:82:f0:f1:48:83:03:3b:
16:1f:ce:53:c1:77:12:7c:8c:95:81:d1:42:4b:93:ef:4b:98:
9a:d7:2b:49:f7:22:56:a0:c5:21:aa:18:08:7a:4b:80:76:d9:
64:d8:ca:b0:bf:36:e5:31:4a:7c:54:7b:1a:a6:3d:36:b3:2f:
4c:ac:5e:fb
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAY4zceJrKPSDZAI0odeUOGfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMTYxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGQ2YzQyMWQ0MDhjOGM0NzE0ZTFiNDJkNmQzOWI0MmU4MjE0N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLB/0NbSajH8QLBnHEur3pQUcSNY
J6gNn/v+MoCU+FJg1WGj3Y6ka2KdxXR/MKWp18lX2oQN1AnO5mAeD2TzEMOf6oWB
Lcff5AHPJS25FU8Fc6JrFuEDR628NEhgYOq5JBIlX4V+Jj6Ge8EXRUA2wJT+ATnz
+3R2+ohidUHBAf7OJmQfKzLXwXLf/5yD9Q8gg0GoLk8tiHB6s1s75Beuw/uK9nBn
6M5eCW8tboa+2sAarStL7kUuUcto9lNFzVZflXumLW9OcnNwFpqS0A+9piy0BsNU
1A12traUhQU6fMjlmQD7N9eypP7Qa5pEM3JqcntFWb/V++0hRgfOIGOkJwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFNTWxCHUCMjEcU4bQtbTm0LoIUekMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvMU5iRUlkUUl5TVJ4VGh0QzF0T2JRdWdoUjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAx/A
YAMEAi0IZAMEAi2EbAMEBFBK8AMEBVVfYAMEA1wqeAMEA1+BQAMEArlPuAMEArle
zAMEArljTAMEArmy2AMEArnM1AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEY
HwMEBcMaIDAMAwQC1AtEAwQC1AtIMBQEAgACMA4DBQAqAPHAAwUDKgTpwDANBgkq
hkiG9w0BAQsFAAOCAQEAQUzQcNAaYwC2XleAlekxg1K5DiBDvKGfyJM6JGig2bon
U8pQUZrAmAPulQ10XH5/Qyo4oulrKgZ2ADn2gyMRoUD3dimUK2JdQDHG8/LlDgKX
vIexvABVx8LRfZ9CQJjVNInrCfhZQPGb6mZop16MmFqYYQpGaOlrXbJGokcKouKZ
0QjaV2uus1Bn6fuaPaigA0xzWpVv38UAoj/4dZMeS+sOc5T2HsJZ4RXnElD2GPYA
ueMCH01zRbbSVICiPTKC8PFIgwM7Fh/OU8F3EnyMlYHRQkuT70uYmtcrSfciVqDF
IaoYCHpLgHbZZNjKsL825TFKfFR7GqY9NrMvTKxe+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org