Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/hDKO6AiPyx81kcJ0mWw7rTei5c4.roa
File: hDKO6AiPyx81kcJ0mWw7rTei5c4.roa (raw, json)
Hash identifier: OPG4IAC36pf3lK9Zlq6a2vhE83Ywie0C+jJ+Fn2OE/I=
Subject key identifier: 84:32:8E:E8:08:8F:CB:1F:35:91:C2:74:99:6C:3B:AD:37:A2:E5:CE
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 018ED2F665411E90D5974B78214B52D447E2
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/hDKO6AiPyx81kcJ0mWw7rTei5c4.roa
Signing time: Fri 12 Apr 2024 15:39:06 +0000
ROA not before: Fri 12 Apr 2024 15:39:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Apr 2024 08:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d2:f6:65:41:1e:90:d5:97:4b:78:21:4b:52:d4:47:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Apr 12 15:39:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84328ee8088fcb1f3591c274996c3bad37a2e5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:60:3c:67:bb:49:27:4b:45:1b:cd:7e:06:a3:
3a:cb:28:5d:9c:e2:3f:8c:24:2a:98:32:cc:e7:42:
1f:9d:00:75:04:82:52:31:5c:25:c3:21:05:28:49:
78:2e:c6:70:57:3a:98:2f:89:63:61:e0:ab:cd:49:
65:f5:9d:90:30:f5:7e:72:7c:0b:3d:20:f7:25:b1:
fc:6e:b2:c7:47:f8:12:c4:ec:a5:dc:67:b8:e0:4b:
19:aa:60:2e:4b:65:94:80:8e:4b:c8:b6:2a:45:37:
ef:81:c7:01:d6:bd:5c:61:07:15:30:6e:8f:bf:c5:
60:ce:be:4f:1c:ae:c7:d7:fe:ea:93:f4:03:3b:c9:
7f:f6:0a:80:e6:2b:76:eb:38:30:e6:72:8d:8c:a3:
ca:04:e4:83:ce:77:46:00:f0:d3:db:8b:56:16:a2:
42:3d:cc:e2:9c:dc:0b:f4:e7:1f:6d:7c:32:16:0f:
34:7f:78:09:32:c6:d6:af:d1:66:e7:d9:bd:ce:cc:
3e:f8:75:5b:3e:07:0a:ba:ed:35:58:f2:eb:0e:63:
dc:4c:1a:56:59:65:9b:55:6f:99:f4:96:2c:c2:d3:
02:39:db:2c:9f:c0:7b:78:48:52:15:72:01:b8:dd:
8c:f8:08:f7:45:91:70:ba:c4:18:5a:34:c1:0b:1b:
85:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:32:8E:E8:08:8F:CB:1F:35:91:C2:74:99:6C:3B:AD:37:A2:E5:CE
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/hDKO6AiPyx81kcJ0mWw7rTei5c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/24
185.248.254.0/24
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:bf:52:ad:99:9f:08:ef:96:b5:ad:01:b3:e5:f6:88:33:01:
28:e2:33:0f:f5:5d:8e:01:f8:93:40:bc:de:f4:c1:d3:62:17:
e0:7e:b3:3b:7f:f8:00:c8:b9:38:78:eb:7c:5b:2f:4d:ff:f1:
3d:b1:b0:da:0f:6b:23:ed:37:b3:a0:ac:26:e4:58:d8:06:47:
d9:64:d2:13:13:fc:7e:8d:d9:eb:5e:98:eb:29:19:75:38:0f:
a4:85:78:fa:a2:41:6d:1e:3b:a5:cc:22:99:c4:a7:82:f3:88:
30:dc:ab:d4:43:a7:9c:c1:79:91:5c:8c:f4:ee:8e:10:9e:0b:
7c:c6:44:2f:01:08:99:9b:34:ff:4b:78:ca:37:af:c8:a8:99:
57:f0:d4:83:38:30:d9:65:ba:04:be:3b:ca:e2:46:59:aa:28:
74:66:ea:e0:b3:05:ac:b7:61:91:82:e8:25:9b:05:2b:d0:55:
87:c6:8a:db:4e:a9:8e:6f:08:74:af:03:00:73:13:bd:55:41:
78:b4:ae:56:90:0c:81:e5:3f:a5:23:6b:9c:2f:29:72:81:9f:
2e:fc:76:42:07:bf:a8:f9:f2:83:ae:d3:e0:d4:87:ec:ad:d9:
8a:9b:83:cd:b1:c1:6f:22:fa:13:57:26:cc:48:9f:8f:ce:4a:
bb:17:80:f1
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAY7S9mVBHpDVl0t4IUtS1EfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwNDEyMTUzOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDMyOGVlODA4OGZjYjFmMzU5MWMyNzQ5OTZjM2JhZDM3YTJlNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2A8Z7tJJ0tFG81+BqM6yyhdnOI/
jCQqmDLM50IfnQB1BIJSMVwlwyEFKEl4LsZwVzqYL4ljYeCrzUll9Z2QMPV+cnwL
PSD3JbH8brLHR/gSxOyl3Ge44EsZqmAuS2WUgI5LyLYqRTfvgccB1r1cYQcVMG6P
v8Vgzr5PHK7H1/7qk/QDO8l/9gqA5it26zgw5nKNjKPKBOSDzndGAPDT24tWFqJC
PczinNwL9OcfbXwyFg80f3gJMsbWr9Fm59m9zsw++HVbPgcKuu01WPLrDmPcTBpW
WWWbVW+Z9JYswtMCOdssn8B7eEhSFXIBuN2M+Aj3RZFwusQYWjTBCxuFSQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFIQyjugIj8sfNZHCdJlsO603ouXOMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvaERLTzZBaVB5eDgxa2NKMG1XdzdyVGVpNWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgdsEAgABMIHUAwQD
BZ/QAwQCBbVIAwQDH8BgAwQCLQhkAwQCLYRsAwQCLYksAwQEUErwAwQCU5b8AwQF
VV9gAwQDXCp4AwQDX4FAAwQDsDoAAwQCuU+4AwQCuVoAAwQCuV7MAwQCuWNMAwQC
uZFYAwQCubLYAwQBubbIAwQCuczUAwQCueUEAwQCufaEAwQCuffIAwQAufj8AwQA
ufj+AwQDvF4QAwQAwRgDAwQAwRgGAwQAwRgNAwQAwRgfAwQFwxogAwQBw1gIMAwD
BALUC0QDBALUC0gDBATZkYAwFAQCAAIwDgMFACoA8cADBQMqBOnAMA0GCSqGSIb3
DQEBCwUAA4IBAQB0v1KtmZ8I75a1rQGz5faIMwEo4jMP9V2OAfiTQLze9MHTYhfg
frM7f/gAyLk4eOt8Wy9N//E9sbDaD2sj7TezoKwm5FjYBkfZZNITE/x+jdnrXpjr
KRl1OA+khXj6okFtHjulzCKZxKeC84gw3KvUQ6ecwXmRXIz07o4Qngt8xkQvAQiZ
mzT/S3jKN6/IqJlX8NSDODDZZboEvjvK4kZZqih0ZurgswWst2GRguglmwUr0FWH
xorbTqmObwh0rwMAcxO9VUF4tK5WkAyB5T+lI2ucLylygZ8u/HZCB7+o+fKDrtPg
1IfsrdmKm4PNscFvIvoTVybMSJ+Pzkq7F4Dx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:14 2024 by rpki-client on console-fra.rpki-client.org