Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/F3CbyKT_AnHf1ngf6_M3UR6QiVY.roa
File: F3CbyKT_AnHf1ngf6_M3UR6QiVY.roa (raw, json)
Hash identifier: hHesiC3zuVwU2xj/KzaCBTSB0yQBTPKGUKa18h3P5fI=
Subject key identifier: 17:70:9B:C8:A4:FF:02:71:DF:D6:78:1F:EB:F3:37:51:1E:90:89:56
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018E3371E1AB2F49C4FCAF32CBB4AB2A0973
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/F3CbyKT_AnHf1ngf6_M3UR6QiVY.roa
Signing time: Tue 12 Mar 2024 16:14:45 +0000
ROA not before: Tue 12 Mar 2024 16:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.204.212.0/22 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 13 Mar 2024 13:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:71:e1:ab:2f:49:c4:fc:af:32:cb:b4:ab:2a:09:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Mar 12 16:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17709bc8a4ff0271dfd6781febf337511e908956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:40:3a:c9:b9:79:f0:97:3e:2f:5b:55:6c:46:
cc:32:a0:97:15:8a:a1:f7:bb:a3:89:75:84:b2:31:
73:bf:1d:77:99:a5:7f:6d:1b:32:e6:98:75:c6:21:
a8:66:da:29:4f:24:0d:95:a1:c8:f8:85:2c:2e:80:
37:0c:3a:07:2a:e0:9f:ea:f1:ff:25:0b:e6:63:49:
ed:6f:ea:c9:a2:8e:b1:8d:24:7b:d3:9b:ad:4b:9c:
d5:c7:79:6e:a2:8d:f7:07:02:de:a6:9a:8e:cc:b1:
46:23:a7:34:f0:03:37:6f:49:33:c2:1a:db:b4:53:
fd:55:f6:47:ca:2b:64:af:03:dd:36:c6:24:ca:54:
f2:41:1e:ea:57:ae:51:ae:f6:6f:05:c8:64:0b:1c:
d4:d8:99:50:60:f2:dd:fb:4a:ea:fa:24:5d:58:95:
c2:17:7c:5c:ed:09:2e:96:64:32:9d:ea:98:92:96:
0b:92:9d:a2:ec:18:66:05:70:97:81:42:65:74:48:
02:d8:a0:38:75:77:c2:cf:50:7b:96:ef:53:88:f5:
34:9b:ca:f5:22:11:4e:72:a0:95:5d:25:95:ea:13:
36:f9:3d:66:17:4a:71:ec:b8:e8:21:30:9b:dc:77:
7c:5d:ac:90:bc:ec:42:28:40:b5:02:31:1b:64:9d:
7e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:70:9B:C8:A4:FF:02:71:DF:D6:78:1F:EB:F3:37:51:1E:90:89:56
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/F3CbyKT_AnHf1ngf6_M3UR6QiVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
80.74.240.0/20
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
185.79.184.0/22
185.94.204.0/22
185.99.76.0/22
185.178.216.0/22
185.204.212.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
212.11.68.0-212.11.75.255
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:58:2d:18:08:c1:9f:e4:37:c9:60:db:cf:dd:54:ad:d3:c9:
93:d4:6f:fa:86:df:0e:96:61:e3:32:c2:be:1e:2b:03:13:15:
82:2e:5e:7f:5b:07:f6:bf:4a:3a:47:17:a2:cf:2d:92:39:8e:
ca:b6:cf:42:e5:29:8c:02:45:71:f3:1c:31:fd:3c:3d:49:a0:
4c:f3:5b:9d:80:13:2b:3d:82:c8:4c:86:eb:b2:35:0d:57:99:
f4:c6:00:21:42:02:04:d1:09:23:f0:f3:20:6f:32:e2:b7:07:
8e:b3:66:b8:3c:6a:10:4b:53:fc:5b:7e:1e:19:98:63:83:d0:
43:ff:62:c5:05:9f:e4:26:ec:67:38:94:06:f8:6f:1c:0f:c2:
d7:43:6f:ae:40:ed:a4:29:db:ea:06:a9:ad:f5:91:7b:93:ea:
38:14:b9:1f:1c:d6:bd:91:9e:dc:f9:75:3c:88:a9:90:6e:13:
70:2b:bd:d5:43:b1:77:a5:53:1f:d6:24:4b:10:9e:af:56:e2:
02:04:0c:a6:62:e0:3d:e1:84:f3:5e:47:90:97:be:1a:4b:24:
46:32:91:b0:a0:9b:44:a0:4a:cd:81:63:28:04:ea:0b:90:6b:
99:55:db:9b:37:61:34:40:08:0c:ca:e8:e9:41:b0:f3:86:8a:
d1:8c:69:98
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAY4zceGrL0nE/K8yy7SrKglzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwMzEyMTYxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzcwOWJjOGE0ZmYwMjcxZGZkNjc4MWZlYmYzMzc1MTFlOTA4OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkA6ybl58Jc+L1tVbEbMMqCXFYqh
97ujiXWEsjFzvx13maV/bRsy5ph1xiGoZtopTyQNlaHI+IUsLoA3DDoHKuCf6vH/
JQvmY0ntb+rJoo6xjSR705utS5zVx3luoo33BwLeppqOzLFGI6c08AM3b0kzwhrb
tFP9VfZHyitkrwPdNsYkylTyQR7qV65RrvZvBchkCxzU2JlQYPLd+0rq+iRdWJXC
F3xc7QkulmQyneqYkpYLkp2i7BhmBXCXgUJldEgC2KA4dXfCz1B7lu9TiPU0m8r1
IhFOcqCVXSWV6hM2+T1mF0px7LjoITCb3Hd8XayQvOxCKEC1AjEbZJ1+QQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFBdwm8ik/wJx39Z4H+vzN1EekIlWMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvRjNDYnlLVF9BbkhmMW5nZjZfTTNVUjZRaVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEAx/A
YAMEAi0IZAMEAi2EbAMEBFBK8AMEBVVfYAMEA1wqeAMEA1+BQAMEArlPuAMEArle
zAMEArljTAMEArmy2AMEArnM1AMEA7xeEAMEAMEYAwMEAMEYBgMEAMEYDQMEAMEY
HwMEBcMaIDAMAwQC1AtEAwQC1AtIMBQEAgACMA4DBQAqAPHAAwUDKgTpwDANBgkq
hkiG9w0BAQsFAAOCAQEAiVgtGAjBn+Q3yWDbz91UrdPJk9Rv+obfDpZh4zLCvh4r
AxMVgi5ef1sH9r9KOkcXos8tkjmOyrbPQuUpjAJFcfMcMf08PUmgTPNbnYATKz2C
yEyG67I1DVeZ9MYAIUICBNEJI/DzIG8y4rcHjrNmuDxqEEtT/Ft+HhmYY4PQQ/9i
xQWf5CbsZziUBvhvHA/C10NvrkDtpCnb6gaprfWRe5PqOBS5HxzWvZGe3Pl1PIip
kG4TcCu91UOxd6VTH9YkSxCer1biAgQMpmLgPeGE815HkJe+GkskRjKRsKCbRKBK
zYFjKATqC5BrmVXbmzdhNEAIDMro6UGw84aK0YxpmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org