Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/DdSuzVrnQuEz_GME-nJwDwNPNhs.roa
File: DdSuzVrnQuEz_GME-nJwDwNPNhs.roa (raw, json)
Hash identifier: 89I5SCNHp+5BqwMRXk62zbJcFzfKtfXp5TpByYKv6mI=
Subject key identifier: 0D:D4:AE:CD:5A:E7:42:E1:33:FC:63:04:FA:72:70:0F:03:4F:36:1B
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018EE0CC9325101CA230BACCA23289A2E31B
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/DdSuzVrnQuEz_GME-nJwDwNPNhs.roa
Signing time: Mon 15 Apr 2024 08:08:07 +0000
ROA not before: Mon 15 Apr 2024 08:08:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Aug 2024 16:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:cc:93:25:10:1c:a2:30:ba:cc:a2:32:89:a2:e3:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 15 08:08:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dd4aecd5ae742e133fc6304fa72700f034f361b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3c:ab:18:da:5f:9d:0b:a2:4f:ea:c0:0a:b2:
9e:4b:a8:4e:7c:03:cb:3b:9f:87:66:c6:1a:8c:f4:
6f:5e:75:fe:e9:0b:ac:3f:97:d9:9d:85:ca:c6:24:
d6:3c:29:15:e0:45:e3:02:45:21:b1:67:84:af:3e:
69:ff:ad:03:73:9f:cf:94:88:c6:44:51:f7:8b:a7:
dd:0d:94:3f:fb:21:e9:12:ed:ea:b5:7b:2c:10:11:
42:37:40:8c:62:db:51:bf:58:74:ef:a9:0b:3b:a2:
9f:9a:b8:1b:6b:f9:eb:da:12:9d:2f:83:4b:b9:f1:
5f:79:f6:05:9b:d1:bb:ca:2f:13:8e:0d:83:c6:97:
7b:fd:a2:54:00:cd:49:3b:10:f3:32:98:6e:84:2e:
11:29:c9:4f:be:1c:40:82:1d:f4:cc:93:23:e6:33:
9f:a9:9f:9b:44:0b:78:ac:27:4a:9a:82:94:24:57:
df:b6:06:17:7b:40:54:a8:59:fe:50:4a:52:5d:4e:
2b:e0:d2:0e:87:b8:87:1b:7a:07:0b:db:56:18:4e:
7e:28:85:4e:9f:6e:d8:cc:d5:d2:5a:ab:b9:40:64:
e7:3f:d0:99:19:3b:3e:ca:59:d9:ed:28:70:23:a4:
4b:74:dd:c1:af:f7:eb:fa:66:52:29:7b:a7:26:5e:
fb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D4:AE:CD:5A:E7:42:E1:33:FC:63:04:FA:72:70:0F:03:4F:36:1B
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/DdSuzVrnQuEz_GME-nJwDwNPNhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:a4:b8:09:b2:8b:d5:d0:fa:34:de:f7:ab:b1:43:ef:4e:1b:
ee:2d:ee:95:66:ed:43:7f:45:d8:ea:44:d2:06:c8:f4:f5:44:
81:9b:ee:47:dd:d7:38:37:38:34:77:ce:2f:21:36:80:bc:0b:
c4:cb:cf:2f:3f:d1:f2:06:f4:0d:07:5e:d7:7c:79:42:9c:4a:
78:a8:ab:8f:cc:2f:0c:e3:d0:01:92:a0:03:30:1b:69:31:a8:
60:b5:73:60:ba:e1:79:99:d7:73:83:82:81:b4:1b:54:00:d9:
b7:34:e5:27:cc:c5:d6:ee:e8:82:54:b2:f6:4c:6b:48:38:85:
56:dd:46:b3:32:fc:1f:38:d1:54:bb:c6:9e:14:cf:4d:aa:e9:
25:6b:ac:57:28:84:fe:21:81:5e:8d:3c:c3:ba:d9:d6:c1:80:
4d:b0:64:15:10:36:7b:47:0b:4b:b6:2f:f0:41:9d:05:5e:2c:
f0:44:e7:fa:c9:45:3e:32:91:6b:f4:a9:43:b0:1f:8b:05:f4:
98:36:b5:8a:4f:96:b4:0e:72:62:e8:86:21:1c:5b:5e:1d:eb:
41:5c:7a:98:b7:ac:f3:20:63:d9:42:48:8e:7a:8c:e8:bd:12:
c6:68:2c:f4:2d:53:a4:c7:79:8e:d4:46:3b:e9:55:9d:b0:d1:
d6:f2:63:bb
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAY7gzJMlEByiMLrMojKJouMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDE1MDgwODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ0YWVjZDVhZTc0MmUxMzNmYzYzMDRmYTcyNzAwZjAzNGYzNjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzyrGNpfnQuiT+rACrKeS6hOfAPL
O5+HZsYajPRvXnX+6QusP5fZnYXKxiTWPCkV4EXjAkUhsWeErz5p/60Dc5/PlIjG
RFH3i6fdDZQ/+yHpEu3qtXssEBFCN0CMYttRv1h076kLO6Kfmrgba/nr2hKdL4NL
ufFfefYFm9G7yi8Tjg2Dxpd7/aJUAM1JOxDzMphuhC4RKclPvhxAgh30zJMj5jOf
qZ+bRAt4rCdKmoKUJFfftgYXe0BUqFn+UEpSXU4r4NIOh7iHG3oHC9tWGE5+KIVO
n27YzNXSWqu5QGTnP9CZGTs+ylnZ7ShwI6RLdN3Br/fr+mZSKXunJl77MwIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFA3Urs1a50LhM/xjBPpycA8DTzYbMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvRGRTdXpWcm5RdUV6X0dNRS1uSndEd05QTmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCB2wQCAAEwgdQD
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAC5+PwD
BAC5+P4DBAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgw
DAMEAtQLRAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSA
AwUDKg12gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQCSpLgJsovV
0Po03versUPvThvuLe6VZu1Df0XY6kTSBsj09USBm+5H3dc4Nzg0d84vITaAvAvE
y88vP9HyBvQNB17XfHlCnEp4qKuPzC8M49ABkqADMBtpMahgtXNguuF5mddzg4KB
tBtUANm3NOUnzMXW7uiCVLL2TGtIOIVW3UazMvwfONFUu8aeFM9Nqukla6xXKIT+
IYFejTzDutnWwYBNsGQVEDZ7RwtLti/wQZ0FXizwROf6yUU+MpFr9KlDsB+LBfSY
NrWKT5a0DnJi6IYhHFteHetBXHqYt6zzIGPZQkiOeozovRLGaCz0LVOkx3mO1EY7
6VWdsNHW8mO7
-----END CERTIFICATE-----
Generated at Wed Aug 28 19:38:56 2024 by rpki-client on console-fra.rpki-client.org